From 0651b9a91220bceec8e69c834e506b357dd750fb Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Tue, 22 Feb 2022 11:24:26 -0800 Subject: [PATCH 1/8] Add toleration for new "control-plane" node label for Concierge deploy --- deploy/concierge/deployment.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/deploy/concierge/deployment.yaml b/deploy/concierge/deployment.yaml index 9292168f..1cad1b6d 100644 --- a/deploy/concierge/deployment.yaml +++ b/deploy/concierge/deployment.yaml @@ -1,4 +1,4 @@ -#! Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +#! Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. #! SPDX-License-Identifier: Apache-2.0 #@ load("@ytt:data", "data") @@ -221,7 +221,9 @@ spec: tolerations: - key: CriticalAddonsOnly operator: Exists - - key: node-role.kubernetes.io/master #! Allow running on master nodes too + - key: node-role.kubernetes.io/master #! Allow running on master nodes too (name deprecated by kubernetes 1.20). + effect: NoSchedule + - key: node-role.kubernetes.io/control-plane #! The new name for these nodes as of Kubernetes 1.24. effect: NoSchedule #! "system-cluster-critical" cannot be used outside the kube-system namespace until Kubernetes >= 1.17, #! so we skip setting this for now (see https://github.com/kubernetes/kubernetes/issues/60596). From e1e3342b3db03a0eadfb917fae80d74439a23517 Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Tue, 22 Feb 2022 11:46:15 -0800 Subject: [PATCH 2/8] Increase a test timeout to account for slower test on EKS in CI The test takes longer on EKS because it has to wait about 2 minutes for the EKS load balancer to be ready during the test. --- test/integration/e2e_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/integration/e2e_test.go b/test/integration/e2e_test.go index ddb423df..e9dc031c 100644 --- a/test/integration/e2e_test.go +++ b/test/integration/e2e_test.go @@ -109,7 +109,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) { // nolint:gocyclo // Add an OIDC upstream IDP and try using it to authenticate during kubectl commands. t.Run("with Supervisor OIDC upstream IDP and automatic flow", func(t *testing.T) { - testCtx, cancel := context.WithTimeout(ctx, 2*time.Minute) + testCtx, cancel := context.WithTimeout(ctx, 5*time.Minute) t.Cleanup(cancel) // Start a fresh browser driver because we don't want to share cookies between the various tests in this file. From f501c76acce4a9460d9c47785743601c95c64668 Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Mon, 28 Feb 2022 17:58:48 -0800 Subject: [PATCH 3/8] Add generated code for Kube 1.21, 1.22, and 1.23 Also: - Make our code generator script work with Go 1.17 - Make our update.sh script work on linux - Update the patch versions of the old Kube versions that we were using to generate code (see kube-versions.txt) - Use our container images from ghcr instead of projects.registry.vmware.com for codegen purposes - Make it easier to debug in the future by passing "-v" to the Kube codegen scripts - Updated copyright years to make commit checks pass --- .../authentication/v1alpha1/doc.go.tmpl | 2 +- .../authentication/v1alpha1/register.go.tmpl | 2 +- .../v1alpha1/types_jwtauthenticator.go.tmpl | 2 +- .../v1alpha1/types_meta.go.tmpl | 2 +- .../authentication/v1alpha1/types_tls.go.tmpl | 2 +- .../types_webhookauthenticator.go.tmpl | 2 +- apis/concierge/config/v1alpha1/doc.go.tmpl | 2 +- .../config/v1alpha1/register.go.tmpl | 2 +- .../v1alpha1/types_credentialissuer.go.tmpl | 2 +- apis/concierge/identity/doc.go.tmpl | 2 +- apis/concierge/identity/register.go.tmpl | 2 +- .../concierge/identity/types_userinfo.go.tmpl | 2 +- apis/concierge/identity/types_whoami.go.tmpl | 2 +- .../identity/v1alpha1/conversion.go.tmpl | 2 +- .../identity/v1alpha1/defaults.go.tmpl | 2 +- apis/concierge/identity/v1alpha1/doc.go.tmpl | 2 +- .../identity/v1alpha1/register.go.tmpl | 2 +- .../identity/v1alpha1/types_userinfo.go.tmpl | 2 +- .../identity/v1alpha1/types_whoami.go.tmpl | 2 +- .../identity/validation/validation.go.tmpl | 2 +- apis/concierge/login/doc.go.tmpl | 2 +- apis/concierge/login/register.go.tmpl | 2 +- .../concierge/login/types_clustercred.go.tmpl | 2 +- apis/concierge/login/types_token.go.tmpl | 2 +- .../login/v1alpha1/conversion.go.tmpl | 2 +- .../concierge/login/v1alpha1/defaults.go.tmpl | 2 +- apis/concierge/login/v1alpha1/doc.go.tmpl | 2 +- .../concierge/login/v1alpha1/register.go.tmpl | 2 +- .../login/v1alpha1/types_clustercred.go.tmpl | 2 +- .../login/v1alpha1/types_token.go.tmpl | 2 +- apis/supervisor/config/v1alpha1/doc.go.tmpl | 2 +- .../config/v1alpha1/register.go.tmpl | 2 +- .../v1alpha1/types_federationdomain.go.tmpl | 2 +- apis/supervisor/idp/v1alpha1/doc.go.tmpl | 2 +- apis/supervisor/idp/v1alpha1/register.go.tmpl | 2 +- .../idp/v1alpha1/types_meta.go.tmpl | 2 +- .../supervisor/idp/v1alpha1/types_tls.go.tmpl | 2 +- .../types_supervisor_idp_discovery.go.tmpl | 2 +- .../oidc/types_supervisor_oidc.go.tmpl | 2 +- .../concierge/authentication/v1alpha1/doc.go | 2 +- .../authentication/v1alpha1/register.go | 2 +- .../v1alpha1/types_jwtauthenticator.go | 2 +- .../authentication/v1alpha1/types_meta.go | 2 +- .../authentication/v1alpha1/types_tls.go | 2 +- .../v1alpha1/types_webhookauthenticator.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 2 +- .../apis/concierge/config/v1alpha1/doc.go | 2 +- .../concierge/config/v1alpha1/register.go | 2 +- .../config/v1alpha1/types_credentialissuer.go | 2 +- .../config/v1alpha1/zz_generated.deepcopy.go | 2 +- generated/1.17/apis/concierge/identity/doc.go | 2 +- .../1.17/apis/concierge/identity/register.go | 2 +- .../apis/concierge/identity/types_userinfo.go | 2 +- .../apis/concierge/identity/types_whoami.go | 2 +- .../concierge/identity/v1alpha1/conversion.go | 2 +- .../concierge/identity/v1alpha1/defaults.go | 2 +- .../apis/concierge/identity/v1alpha1/doc.go | 2 +- .../concierge/identity/v1alpha1/register.go | 2 +- .../identity/v1alpha1/types_userinfo.go | 2 +- .../identity/v1alpha1/types_whoami.go | 2 +- .../v1alpha1/zz_generated.conversion.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 2 +- .../v1alpha1/zz_generated.defaults.go | 2 +- .../identity/validation/validation.go | 2 +- .../identity/zz_generated.deepcopy.go | 2 +- generated/1.17/apis/concierge/login/doc.go | 2 +- .../1.17/apis/concierge/login/register.go | 2 +- .../apis/concierge/login/types_clustercred.go | 2 +- .../1.17/apis/concierge/login/types_token.go | 2 +- .../concierge/login/v1alpha1/conversion.go | 2 +- .../apis/concierge/login/v1alpha1/defaults.go | 2 +- .../1.17/apis/concierge/login/v1alpha1/doc.go | 2 +- .../apis/concierge/login/v1alpha1/register.go | 2 +- .../login/v1alpha1/types_clustercred.go | 2 +- .../concierge/login/v1alpha1/types_token.go | 2 +- .../login/v1alpha1/zz_generated.conversion.go | 2 +- .../login/v1alpha1/zz_generated.deepcopy.go | 2 +- .../login/v1alpha1/zz_generated.defaults.go | 2 +- .../concierge/login/zz_generated.deepcopy.go | 2 +- generated/1.17/apis/go.mod | 4 +- generated/1.17/apis/go.sum | 11 +- .../apis/supervisor/config/v1alpha1/doc.go | 2 +- .../supervisor/config/v1alpha1/register.go | 2 +- .../config/v1alpha1/types_federationdomain.go | 2 +- .../config/v1alpha1/zz_generated.deepcopy.go | 2 +- .../1.17/apis/supervisor/idp/v1alpha1/doc.go | 2 +- .../apis/supervisor/idp/v1alpha1/register.go | 2 +- .../supervisor/idp/v1alpha1/types_meta.go | 2 +- .../apis/supervisor/idp/v1alpha1/types_tls.go | 2 +- .../idp/v1alpha1/zz_generated.deepcopy.go | 2 +- .../types_supervisor_idp_discovery.go | 2 +- .../supervisor/oidc/types_supervisor_oidc.go | 2 +- .../clientset/versioned/clientset.go | 2 +- .../concierge/clientset/versioned/doc.go | 2 +- .../versioned/fake/clientset_generated.go | 2 +- .../concierge/clientset/versioned/fake/doc.go | 2 +- .../clientset/versioned/fake/register.go | 2 +- .../clientset/versioned/scheme/doc.go | 2 +- .../clientset/versioned/scheme/register.go | 2 +- .../v1alpha1/authentication_client.go | 2 +- .../typed/authentication/v1alpha1/doc.go | 2 +- .../typed/authentication/v1alpha1/fake/doc.go | 2 +- .../fake/fake_authentication_client.go | 2 +- .../v1alpha1/fake/fake_jwtauthenticator.go | 2 +- .../fake/fake_webhookauthenticator.go | 2 +- .../v1alpha1/generated_expansion.go | 2 +- .../v1alpha1/jwtauthenticator.go | 2 +- .../v1alpha1/webhookauthenticator.go | 2 +- .../typed/config/v1alpha1/config_client.go | 2 +- .../typed/config/v1alpha1/credentialissuer.go | 2 +- .../versioned/typed/config/v1alpha1/doc.go | 2 +- .../typed/config/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_config_client.go | 2 +- .../v1alpha1/fake/fake_credentialissuer.go | 2 +- .../config/v1alpha1/generated_expansion.go | 2 +- .../versioned/typed/identity/v1alpha1/doc.go | 2 +- .../typed/identity/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_identity_client.go | 2 +- .../v1alpha1/fake/fake_whoamirequest.go | 2 +- .../identity/v1alpha1/generated_expansion.go | 2 +- .../identity/v1alpha1/identity_client.go | 2 +- .../typed/identity/v1alpha1/whoamirequest.go | 2 +- .../versioned/typed/login/v1alpha1/doc.go | 2 +- .../typed/login/v1alpha1/fake/doc.go | 2 +- .../login/v1alpha1/fake/fake_login_client.go | 2 +- .../fake/fake_tokencredentialrequest.go | 2 +- .../login/v1alpha1/generated_expansion.go | 2 +- .../typed/login/v1alpha1/login_client.go | 2 +- .../login/v1alpha1/tokencredentialrequest.go | 2 +- .../authentication/interface.go | 2 +- .../authentication/v1alpha1/interface.go | 2 +- .../v1alpha1/jwtauthenticator.go | 2 +- .../v1alpha1/webhookauthenticator.go | 2 +- .../externalversions/config/interface.go | 2 +- .../config/v1alpha1/credentialissuer.go | 2 +- .../config/v1alpha1/interface.go | 2 +- .../informers/externalversions/factory.go | 2 +- .../informers/externalversions/generic.go | 2 +- .../internalinterfaces/factory_interfaces.go | 2 +- .../v1alpha1/expansion_generated.go | 2 +- .../v1alpha1/jwtauthenticator.go | 2 +- .../v1alpha1/webhookauthenticator.go | 2 +- .../config/v1alpha1/credentialissuer.go | 2 +- .../config/v1alpha1/expansion_generated.go | 2 +- generated/1.17/client/go.mod | 6 +- generated/1.17/client/go.sum | 17 +- .../clientset/versioned/clientset.go | 2 +- .../supervisor/clientset/versioned/doc.go | 2 +- .../versioned/fake/clientset_generated.go | 2 +- .../clientset/versioned/fake/doc.go | 2 +- .../clientset/versioned/fake/register.go | 2 +- .../clientset/versioned/scheme/doc.go | 2 +- .../clientset/versioned/scheme/register.go | 2 +- .../typed/config/v1alpha1/config_client.go | 2 +- .../versioned/typed/config/v1alpha1/doc.go | 2 +- .../typed/config/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_config_client.go | 2 +- .../v1alpha1/fake/fake_federationdomain.go | 2 +- .../typed/config/v1alpha1/federationdomain.go | 2 +- .../config/v1alpha1/generated_expansion.go | 2 +- .../activedirectoryidentityprovider.go | 2 +- .../versioned/typed/idp/v1alpha1/doc.go | 2 +- .../versioned/typed/idp/v1alpha1/fake/doc.go | 2 +- .../fake_activedirectoryidentityprovider.go | 2 +- .../idp/v1alpha1/fake/fake_idp_client.go | 2 +- .../fake/fake_ldapidentityprovider.go | 2 +- .../fake/fake_oidcidentityprovider.go | 2 +- .../typed/idp/v1alpha1/generated_expansion.go | 2 +- .../typed/idp/v1alpha1/idp_client.go | 2 +- .../idp/v1alpha1/ldapidentityprovider.go | 2 +- .../idp/v1alpha1/oidcidentityprovider.go | 2 +- .../externalversions/config/interface.go | 2 +- .../config/v1alpha1/federationdomain.go | 2 +- .../config/v1alpha1/interface.go | 2 +- .../informers/externalversions/factory.go | 2 +- .../informers/externalversions/generic.go | 2 +- .../externalversions/idp/interface.go | 2 +- .../activedirectoryidentityprovider.go | 2 +- .../idp/v1alpha1/interface.go | 2 +- .../idp/v1alpha1/ldapidentityprovider.go | 2 +- .../idp/v1alpha1/oidcidentityprovider.go | 2 +- .../internalinterfaces/factory_interfaces.go | 2 +- .../config/v1alpha1/expansion_generated.go | 2 +- .../config/v1alpha1/federationdomain.go | 2 +- .../activedirectoryidentityprovider.go | 2 +- .../idp/v1alpha1/expansion_generated.go | 2 +- .../idp/v1alpha1/ldapidentityprovider.go | 2 +- .../idp/v1alpha1/oidcidentityprovider.go | 2 +- .../concierge/authentication/v1alpha1/doc.go | 2 +- .../authentication/v1alpha1/register.go | 2 +- .../v1alpha1/types_jwtauthenticator.go | 2 +- .../authentication/v1alpha1/types_meta.go | 2 +- .../authentication/v1alpha1/types_tls.go | 2 +- .../v1alpha1/types_webhookauthenticator.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 2 +- .../apis/concierge/config/v1alpha1/doc.go | 2 +- .../concierge/config/v1alpha1/register.go | 2 +- .../config/v1alpha1/types_credentialissuer.go | 2 +- .../config/v1alpha1/zz_generated.deepcopy.go | 2 +- generated/1.18/apis/concierge/identity/doc.go | 2 +- .../1.18/apis/concierge/identity/register.go | 2 +- .../apis/concierge/identity/types_userinfo.go | 2 +- .../apis/concierge/identity/types_whoami.go | 2 +- .../concierge/identity/v1alpha1/conversion.go | 2 +- .../concierge/identity/v1alpha1/defaults.go | 2 +- .../apis/concierge/identity/v1alpha1/doc.go | 2 +- .../concierge/identity/v1alpha1/register.go | 2 +- .../identity/v1alpha1/types_userinfo.go | 2 +- .../identity/v1alpha1/types_whoami.go | 2 +- .../v1alpha1/zz_generated.conversion.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 2 +- .../v1alpha1/zz_generated.defaults.go | 2 +- .../identity/validation/validation.go | 2 +- .../identity/zz_generated.deepcopy.go | 2 +- generated/1.18/apis/concierge/login/doc.go | 2 +- .../1.18/apis/concierge/login/register.go | 2 +- .../apis/concierge/login/types_clustercred.go | 2 +- .../1.18/apis/concierge/login/types_token.go | 2 +- .../concierge/login/v1alpha1/conversion.go | 2 +- .../apis/concierge/login/v1alpha1/defaults.go | 2 +- .../1.18/apis/concierge/login/v1alpha1/doc.go | 2 +- .../apis/concierge/login/v1alpha1/register.go | 2 +- .../login/v1alpha1/types_clustercred.go | 2 +- .../concierge/login/v1alpha1/types_token.go | 2 +- .../login/v1alpha1/zz_generated.conversion.go | 2 +- .../login/v1alpha1/zz_generated.deepcopy.go | 2 +- .../login/v1alpha1/zz_generated.defaults.go | 2 +- .../concierge/login/zz_generated.deepcopy.go | 2 +- generated/1.18/apis/go.mod | 4 +- generated/1.18/apis/go.sum | 56 +- .../apis/supervisor/config/v1alpha1/doc.go | 2 +- .../supervisor/config/v1alpha1/register.go | 2 +- .../config/v1alpha1/types_federationdomain.go | 2 +- .../config/v1alpha1/zz_generated.deepcopy.go | 2 +- .../1.18/apis/supervisor/idp/v1alpha1/doc.go | 2 +- .../apis/supervisor/idp/v1alpha1/register.go | 2 +- .../supervisor/idp/v1alpha1/types_meta.go | 2 +- .../apis/supervisor/idp/v1alpha1/types_tls.go | 2 +- .../idp/v1alpha1/zz_generated.deepcopy.go | 2 +- .../types_supervisor_idp_discovery.go | 2 +- .../supervisor/oidc/types_supervisor_oidc.go | 2 +- .../clientset/versioned/clientset.go | 2 +- .../concierge/clientset/versioned/doc.go | 2 +- .../versioned/fake/clientset_generated.go | 2 +- .../concierge/clientset/versioned/fake/doc.go | 2 +- .../clientset/versioned/fake/register.go | 2 +- .../clientset/versioned/scheme/doc.go | 2 +- .../clientset/versioned/scheme/register.go | 2 +- .../v1alpha1/authentication_client.go | 2 +- .../typed/authentication/v1alpha1/doc.go | 2 +- .../typed/authentication/v1alpha1/fake/doc.go | 2 +- .../fake/fake_authentication_client.go | 2 +- .../v1alpha1/fake/fake_jwtauthenticator.go | 2 +- .../fake/fake_webhookauthenticator.go | 2 +- .../v1alpha1/generated_expansion.go | 2 +- .../v1alpha1/jwtauthenticator.go | 2 +- .../v1alpha1/webhookauthenticator.go | 2 +- .../typed/config/v1alpha1/config_client.go | 2 +- .../typed/config/v1alpha1/credentialissuer.go | 2 +- .../versioned/typed/config/v1alpha1/doc.go | 2 +- .../typed/config/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_config_client.go | 2 +- .../v1alpha1/fake/fake_credentialissuer.go | 2 +- .../config/v1alpha1/generated_expansion.go | 2 +- .../versioned/typed/identity/v1alpha1/doc.go | 2 +- .../typed/identity/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_identity_client.go | 2 +- .../v1alpha1/fake/fake_whoamirequest.go | 2 +- .../identity/v1alpha1/generated_expansion.go | 2 +- .../identity/v1alpha1/identity_client.go | 2 +- .../typed/identity/v1alpha1/whoamirequest.go | 2 +- .../versioned/typed/login/v1alpha1/doc.go | 2 +- .../typed/login/v1alpha1/fake/doc.go | 2 +- .../login/v1alpha1/fake/fake_login_client.go | 2 +- .../fake/fake_tokencredentialrequest.go | 2 +- .../login/v1alpha1/generated_expansion.go | 2 +- .../typed/login/v1alpha1/login_client.go | 2 +- .../login/v1alpha1/tokencredentialrequest.go | 2 +- .../authentication/interface.go | 2 +- .../authentication/v1alpha1/interface.go | 2 +- .../v1alpha1/jwtauthenticator.go | 2 +- .../v1alpha1/webhookauthenticator.go | 2 +- .../externalversions/config/interface.go | 2 +- .../config/v1alpha1/credentialissuer.go | 2 +- .../config/v1alpha1/interface.go | 2 +- .../informers/externalversions/factory.go | 2 +- .../informers/externalversions/generic.go | 2 +- .../internalinterfaces/factory_interfaces.go | 2 +- .../v1alpha1/expansion_generated.go | 2 +- .../v1alpha1/jwtauthenticator.go | 2 +- .../v1alpha1/webhookauthenticator.go | 2 +- .../config/v1alpha1/credentialissuer.go | 2 +- .../config/v1alpha1/expansion_generated.go | 2 +- generated/1.18/client/go.mod | 6 +- generated/1.18/client/go.sum | 64 +- .../clientset/versioned/clientset.go | 2 +- .../supervisor/clientset/versioned/doc.go | 2 +- .../versioned/fake/clientset_generated.go | 2 +- .../clientset/versioned/fake/doc.go | 2 +- .../clientset/versioned/fake/register.go | 2 +- .../clientset/versioned/scheme/doc.go | 2 +- .../clientset/versioned/scheme/register.go | 2 +- .../typed/config/v1alpha1/config_client.go | 2 +- .../versioned/typed/config/v1alpha1/doc.go | 2 +- .../typed/config/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_config_client.go | 2 +- .../v1alpha1/fake/fake_federationdomain.go | 2 +- .../typed/config/v1alpha1/federationdomain.go | 2 +- .../config/v1alpha1/generated_expansion.go | 2 +- .../activedirectoryidentityprovider.go | 2 +- .../versioned/typed/idp/v1alpha1/doc.go | 2 +- .../versioned/typed/idp/v1alpha1/fake/doc.go | 2 +- .../fake_activedirectoryidentityprovider.go | 2 +- .../idp/v1alpha1/fake/fake_idp_client.go | 2 +- .../fake/fake_ldapidentityprovider.go | 2 +- .../fake/fake_oidcidentityprovider.go | 2 +- .../typed/idp/v1alpha1/generated_expansion.go | 2 +- .../typed/idp/v1alpha1/idp_client.go | 2 +- .../idp/v1alpha1/ldapidentityprovider.go | 2 +- .../idp/v1alpha1/oidcidentityprovider.go | 2 +- .../externalversions/config/interface.go | 2 +- .../config/v1alpha1/federationdomain.go | 2 +- .../config/v1alpha1/interface.go | 2 +- .../informers/externalversions/factory.go | 2 +- .../informers/externalversions/generic.go | 2 +- .../externalversions/idp/interface.go | 2 +- .../activedirectoryidentityprovider.go | 2 +- .../idp/v1alpha1/interface.go | 2 +- .../idp/v1alpha1/ldapidentityprovider.go | 2 +- .../idp/v1alpha1/oidcidentityprovider.go | 2 +- .../internalinterfaces/factory_interfaces.go | 2 +- .../config/v1alpha1/expansion_generated.go | 2 +- .../config/v1alpha1/federationdomain.go | 2 +- .../activedirectoryidentityprovider.go | 2 +- .../idp/v1alpha1/expansion_generated.go | 2 +- .../idp/v1alpha1/ldapidentityprovider.go | 2 +- .../idp/v1alpha1/oidcidentityprovider.go | 2 +- .../concierge/authentication/v1alpha1/doc.go | 2 +- .../authentication/v1alpha1/register.go | 2 +- .../v1alpha1/types_jwtauthenticator.go | 2 +- .../authentication/v1alpha1/types_meta.go | 2 +- .../authentication/v1alpha1/types_tls.go | 2 +- .../v1alpha1/types_webhookauthenticator.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 2 +- .../apis/concierge/config/v1alpha1/doc.go | 2 +- .../concierge/config/v1alpha1/register.go | 2 +- .../config/v1alpha1/types_credentialissuer.go | 2 +- .../config/v1alpha1/zz_generated.deepcopy.go | 2 +- generated/1.19/apis/concierge/identity/doc.go | 2 +- .../1.19/apis/concierge/identity/register.go | 2 +- .../apis/concierge/identity/types_userinfo.go | 2 +- .../apis/concierge/identity/types_whoami.go | 2 +- .../concierge/identity/v1alpha1/conversion.go | 2 +- .../concierge/identity/v1alpha1/defaults.go | 2 +- .../apis/concierge/identity/v1alpha1/doc.go | 2 +- .../concierge/identity/v1alpha1/register.go | 2 +- .../identity/v1alpha1/types_userinfo.go | 2 +- .../identity/v1alpha1/types_whoami.go | 2 +- .../v1alpha1/zz_generated.conversion.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 2 +- .../v1alpha1/zz_generated.defaults.go | 2 +- .../identity/validation/validation.go | 2 +- .../identity/zz_generated.deepcopy.go | 2 +- generated/1.19/apis/concierge/login/doc.go | 2 +- .../1.19/apis/concierge/login/register.go | 2 +- .../apis/concierge/login/types_clustercred.go | 2 +- .../1.19/apis/concierge/login/types_token.go | 2 +- .../concierge/login/v1alpha1/conversion.go | 2 +- .../apis/concierge/login/v1alpha1/defaults.go | 2 +- .../1.19/apis/concierge/login/v1alpha1/doc.go | 2 +- .../apis/concierge/login/v1alpha1/register.go | 2 +- .../login/v1alpha1/types_clustercred.go | 2 +- .../concierge/login/v1alpha1/types_token.go | 2 +- .../login/v1alpha1/zz_generated.conversion.go | 2 +- .../login/v1alpha1/zz_generated.deepcopy.go | 2 +- .../login/v1alpha1/zz_generated.defaults.go | 2 +- .../concierge/login/zz_generated.deepcopy.go | 2 +- generated/1.19/apis/go.mod | 4 +- generated/1.19/apis/go.sum | 36 +- .../apis/supervisor/config/v1alpha1/doc.go | 2 +- .../supervisor/config/v1alpha1/register.go | 2 +- .../config/v1alpha1/types_federationdomain.go | 2 +- .../config/v1alpha1/zz_generated.deepcopy.go | 2 +- .../1.19/apis/supervisor/idp/v1alpha1/doc.go | 2 +- .../apis/supervisor/idp/v1alpha1/register.go | 2 +- .../supervisor/idp/v1alpha1/types_meta.go | 2 +- .../apis/supervisor/idp/v1alpha1/types_tls.go | 2 +- .../idp/v1alpha1/zz_generated.deepcopy.go | 2 +- .../types_supervisor_idp_discovery.go | 2 +- .../supervisor/oidc/types_supervisor_oidc.go | 2 +- .../clientset/versioned/clientset.go | 2 +- .../concierge/clientset/versioned/doc.go | 2 +- .../versioned/fake/clientset_generated.go | 2 +- .../concierge/clientset/versioned/fake/doc.go | 2 +- .../clientset/versioned/fake/register.go | 2 +- .../clientset/versioned/scheme/doc.go | 2 +- .../clientset/versioned/scheme/register.go | 2 +- .../v1alpha1/authentication_client.go | 2 +- .../typed/authentication/v1alpha1/doc.go | 2 +- .../typed/authentication/v1alpha1/fake/doc.go | 2 +- .../fake/fake_authentication_client.go | 2 +- .../v1alpha1/fake/fake_jwtauthenticator.go | 2 +- .../fake/fake_webhookauthenticator.go | 2 +- .../v1alpha1/generated_expansion.go | 2 +- .../v1alpha1/jwtauthenticator.go | 2 +- .../v1alpha1/webhookauthenticator.go | 2 +- .../typed/config/v1alpha1/config_client.go | 2 +- .../typed/config/v1alpha1/credentialissuer.go | 2 +- .../versioned/typed/config/v1alpha1/doc.go | 2 +- .../typed/config/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_config_client.go | 2 +- .../v1alpha1/fake/fake_credentialissuer.go | 2 +- .../config/v1alpha1/generated_expansion.go | 2 +- .../versioned/typed/identity/v1alpha1/doc.go | 2 +- .../typed/identity/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_identity_client.go | 2 +- .../v1alpha1/fake/fake_whoamirequest.go | 2 +- .../identity/v1alpha1/generated_expansion.go | 2 +- .../identity/v1alpha1/identity_client.go | 2 +- .../typed/identity/v1alpha1/whoamirequest.go | 2 +- .../versioned/typed/login/v1alpha1/doc.go | 2 +- .../typed/login/v1alpha1/fake/doc.go | 2 +- .../login/v1alpha1/fake/fake_login_client.go | 2 +- .../fake/fake_tokencredentialrequest.go | 2 +- .../login/v1alpha1/generated_expansion.go | 2 +- .../typed/login/v1alpha1/login_client.go | 2 +- .../login/v1alpha1/tokencredentialrequest.go | 2 +- .../authentication/interface.go | 2 +- .../authentication/v1alpha1/interface.go | 2 +- .../v1alpha1/jwtauthenticator.go | 2 +- .../v1alpha1/webhookauthenticator.go | 2 +- .../externalversions/config/interface.go | 2 +- .../config/v1alpha1/credentialissuer.go | 2 +- .../config/v1alpha1/interface.go | 2 +- .../informers/externalversions/factory.go | 2 +- .../informers/externalversions/generic.go | 2 +- .../internalinterfaces/factory_interfaces.go | 2 +- .../v1alpha1/expansion_generated.go | 2 +- .../v1alpha1/jwtauthenticator.go | 2 +- .../v1alpha1/webhookauthenticator.go | 2 +- .../config/v1alpha1/credentialissuer.go | 2 +- .../config/v1alpha1/expansion_generated.go | 2 +- generated/1.19/client/go.mod | 6 +- generated/1.19/client/go.sum | 35 +- .../clientset/versioned/clientset.go | 2 +- .../supervisor/clientset/versioned/doc.go | 2 +- .../versioned/fake/clientset_generated.go | 2 +- .../clientset/versioned/fake/doc.go | 2 +- .../clientset/versioned/fake/register.go | 2 +- .../clientset/versioned/scheme/doc.go | 2 +- .../clientset/versioned/scheme/register.go | 2 +- .../typed/config/v1alpha1/config_client.go | 2 +- .../versioned/typed/config/v1alpha1/doc.go | 2 +- .../typed/config/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_config_client.go | 2 +- .../v1alpha1/fake/fake_federationdomain.go | 2 +- .../typed/config/v1alpha1/federationdomain.go | 2 +- .../config/v1alpha1/generated_expansion.go | 2 +- .../activedirectoryidentityprovider.go | 2 +- .../versioned/typed/idp/v1alpha1/doc.go | 2 +- .../versioned/typed/idp/v1alpha1/fake/doc.go | 2 +- .../fake_activedirectoryidentityprovider.go | 2 +- .../idp/v1alpha1/fake/fake_idp_client.go | 2 +- .../fake/fake_ldapidentityprovider.go | 2 +- .../fake/fake_oidcidentityprovider.go | 2 +- .../typed/idp/v1alpha1/generated_expansion.go | 2 +- .../typed/idp/v1alpha1/idp_client.go | 2 +- .../idp/v1alpha1/ldapidentityprovider.go | 2 +- .../idp/v1alpha1/oidcidentityprovider.go | 2 +- .../externalversions/config/interface.go | 2 +- .../config/v1alpha1/federationdomain.go | 2 +- .../config/v1alpha1/interface.go | 2 +- .../informers/externalversions/factory.go | 2 +- .../informers/externalversions/generic.go | 2 +- .../externalversions/idp/interface.go | 2 +- .../activedirectoryidentityprovider.go | 2 +- .../idp/v1alpha1/interface.go | 2 +- .../idp/v1alpha1/ldapidentityprovider.go | 2 +- .../idp/v1alpha1/oidcidentityprovider.go | 2 +- .../internalinterfaces/factory_interfaces.go | 2 +- .../config/v1alpha1/expansion_generated.go | 2 +- .../config/v1alpha1/federationdomain.go | 2 +- .../activedirectoryidentityprovider.go | 2 +- .../idp/v1alpha1/expansion_generated.go | 2 +- .../idp/v1alpha1/ldapidentityprovider.go | 2 +- .../idp/v1alpha1/oidcidentityprovider.go | 2 +- .../concierge/authentication/v1alpha1/doc.go | 2 +- .../authentication/v1alpha1/register.go | 2 +- .../v1alpha1/types_jwtauthenticator.go | 2 +- .../authentication/v1alpha1/types_meta.go | 2 +- .../authentication/v1alpha1/types_tls.go | 2 +- .../v1alpha1/types_webhookauthenticator.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 2 +- .../apis/concierge/config/v1alpha1/doc.go | 2 +- .../concierge/config/v1alpha1/register.go | 2 +- .../config/v1alpha1/types_credentialissuer.go | 2 +- .../config/v1alpha1/zz_generated.deepcopy.go | 2 +- generated/1.20/apis/concierge/identity/doc.go | 2 +- .../1.20/apis/concierge/identity/register.go | 2 +- .../apis/concierge/identity/types_userinfo.go | 2 +- .../apis/concierge/identity/types_whoami.go | 2 +- .../concierge/identity/v1alpha1/conversion.go | 2 +- .../concierge/identity/v1alpha1/defaults.go | 2 +- .../apis/concierge/identity/v1alpha1/doc.go | 2 +- .../concierge/identity/v1alpha1/register.go | 2 +- .../identity/v1alpha1/types_userinfo.go | 2 +- .../identity/v1alpha1/types_whoami.go | 2 +- .../v1alpha1/zz_generated.conversion.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 2 +- .../v1alpha1/zz_generated.defaults.go | 2 +- .../identity/validation/validation.go | 2 +- .../identity/zz_generated.deepcopy.go | 2 +- generated/1.20/apis/concierge/login/doc.go | 2 +- .../1.20/apis/concierge/login/register.go | 2 +- .../apis/concierge/login/types_clustercred.go | 2 +- .../1.20/apis/concierge/login/types_token.go | 2 +- .../concierge/login/v1alpha1/conversion.go | 2 +- .../apis/concierge/login/v1alpha1/defaults.go | 2 +- .../1.20/apis/concierge/login/v1alpha1/doc.go | 2 +- .../apis/concierge/login/v1alpha1/register.go | 2 +- .../login/v1alpha1/types_clustercred.go | 2 +- .../concierge/login/v1alpha1/types_token.go | 2 +- .../login/v1alpha1/zz_generated.conversion.go | 2 +- .../login/v1alpha1/zz_generated.deepcopy.go | 2 +- .../login/v1alpha1/zz_generated.defaults.go | 2 +- .../concierge/login/zz_generated.deepcopy.go | 2 +- generated/1.20/apis/go.mod | 4 +- generated/1.20/apis/go.sum | 39 +- .../apis/supervisor/config/v1alpha1/doc.go | 2 +- .../supervisor/config/v1alpha1/register.go | 2 +- .../config/v1alpha1/types_federationdomain.go | 2 +- .../config/v1alpha1/zz_generated.deepcopy.go | 2 +- .../1.20/apis/supervisor/idp/v1alpha1/doc.go | 2 +- .../apis/supervisor/idp/v1alpha1/register.go | 2 +- .../supervisor/idp/v1alpha1/types_meta.go | 2 +- .../apis/supervisor/idp/v1alpha1/types_tls.go | 2 +- .../idp/v1alpha1/zz_generated.deepcopy.go | 2 +- .../types_supervisor_idp_discovery.go | 2 +- .../supervisor/oidc/types_supervisor_oidc.go | 2 +- .../clientset/versioned/clientset.go | 2 +- .../concierge/clientset/versioned/doc.go | 2 +- .../versioned/fake/clientset_generated.go | 2 +- .../concierge/clientset/versioned/fake/doc.go | 2 +- .../clientset/versioned/fake/register.go | 2 +- .../clientset/versioned/scheme/doc.go | 2 +- .../clientset/versioned/scheme/register.go | 2 +- .../v1alpha1/authentication_client.go | 2 +- .../typed/authentication/v1alpha1/doc.go | 2 +- .../typed/authentication/v1alpha1/fake/doc.go | 2 +- .../fake/fake_authentication_client.go | 2 +- .../v1alpha1/fake/fake_jwtauthenticator.go | 2 +- .../fake/fake_webhookauthenticator.go | 2 +- .../v1alpha1/generated_expansion.go | 2 +- .../v1alpha1/jwtauthenticator.go | 2 +- .../v1alpha1/webhookauthenticator.go | 2 +- .../typed/config/v1alpha1/config_client.go | 2 +- .../typed/config/v1alpha1/credentialissuer.go | 2 +- .../versioned/typed/config/v1alpha1/doc.go | 2 +- .../typed/config/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_config_client.go | 2 +- .../v1alpha1/fake/fake_credentialissuer.go | 2 +- .../config/v1alpha1/generated_expansion.go | 2 +- .../versioned/typed/identity/v1alpha1/doc.go | 2 +- .../typed/identity/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_identity_client.go | 2 +- .../v1alpha1/fake/fake_whoamirequest.go | 2 +- .../identity/v1alpha1/generated_expansion.go | 2 +- .../identity/v1alpha1/identity_client.go | 2 +- .../typed/identity/v1alpha1/whoamirequest.go | 2 +- .../versioned/typed/login/v1alpha1/doc.go | 2 +- .../typed/login/v1alpha1/fake/doc.go | 2 +- .../login/v1alpha1/fake/fake_login_client.go | 2 +- .../fake/fake_tokencredentialrequest.go | 2 +- .../login/v1alpha1/generated_expansion.go | 2 +- .../typed/login/v1alpha1/login_client.go | 2 +- .../login/v1alpha1/tokencredentialrequest.go | 2 +- .../authentication/interface.go | 2 +- .../authentication/v1alpha1/interface.go | 2 +- .../v1alpha1/jwtauthenticator.go | 2 +- .../v1alpha1/webhookauthenticator.go | 2 +- .../externalversions/config/interface.go | 2 +- .../config/v1alpha1/credentialissuer.go | 2 +- .../config/v1alpha1/interface.go | 2 +- .../informers/externalversions/factory.go | 2 +- .../informers/externalversions/generic.go | 2 +- .../internalinterfaces/factory_interfaces.go | 2 +- .../v1alpha1/expansion_generated.go | 2 +- .../v1alpha1/jwtauthenticator.go | 2 +- .../v1alpha1/webhookauthenticator.go | 2 +- .../config/v1alpha1/credentialissuer.go | 2 +- .../config/v1alpha1/expansion_generated.go | 2 +- generated/1.20/client/go.mod | 6 +- generated/1.20/client/go.sum | 37 +- .../clientset/versioned/clientset.go | 2 +- .../supervisor/clientset/versioned/doc.go | 2 +- .../versioned/fake/clientset_generated.go | 2 +- .../clientset/versioned/fake/doc.go | 2 +- .../clientset/versioned/fake/register.go | 2 +- .../clientset/versioned/scheme/doc.go | 2 +- .../clientset/versioned/scheme/register.go | 2 +- .../typed/config/v1alpha1/config_client.go | 2 +- .../versioned/typed/config/v1alpha1/doc.go | 2 +- .../typed/config/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_config_client.go | 2 +- .../v1alpha1/fake/fake_federationdomain.go | 2 +- .../typed/config/v1alpha1/federationdomain.go | 2 +- .../config/v1alpha1/generated_expansion.go | 2 +- .../activedirectoryidentityprovider.go | 2 +- .../versioned/typed/idp/v1alpha1/doc.go | 2 +- .../versioned/typed/idp/v1alpha1/fake/doc.go | 2 +- .../fake_activedirectoryidentityprovider.go | 2 +- .../idp/v1alpha1/fake/fake_idp_client.go | 2 +- .../fake/fake_ldapidentityprovider.go | 2 +- .../fake/fake_oidcidentityprovider.go | 2 +- .../typed/idp/v1alpha1/generated_expansion.go | 2 +- .../typed/idp/v1alpha1/idp_client.go | 2 +- .../idp/v1alpha1/ldapidentityprovider.go | 2 +- .../idp/v1alpha1/oidcidentityprovider.go | 2 +- .../externalversions/config/interface.go | 2 +- .../config/v1alpha1/federationdomain.go | 2 +- .../config/v1alpha1/interface.go | 2 +- .../informers/externalversions/factory.go | 2 +- .../informers/externalversions/generic.go | 2 +- .../externalversions/idp/interface.go | 2 +- .../activedirectoryidentityprovider.go | 2 +- .../idp/v1alpha1/interface.go | 2 +- .../idp/v1alpha1/ldapidentityprovider.go | 2 +- .../idp/v1alpha1/oidcidentityprovider.go | 2 +- .../internalinterfaces/factory_interfaces.go | 2 +- .../config/v1alpha1/expansion_generated.go | 2 +- .../config/v1alpha1/federationdomain.go | 2 +- .../activedirectoryidentityprovider.go | 2 +- .../idp/v1alpha1/expansion_generated.go | 2 +- .../idp/v1alpha1/ldapidentityprovider.go | 2 +- .../idp/v1alpha1/oidcidentityprovider.go | 2 +- generated/1.21/README.adoc | 1334 +++++++++++++++++ .../concierge/authentication/v1alpha1/doc.go | 10 + .../authentication/v1alpha1/register.go | 45 + .../v1alpha1/types_jwtauthenticator.go | 85 ++ .../authentication/v1alpha1/types_meta.go | 75 + .../authentication/v1alpha1/types_tls.go | 11 + .../v1alpha1/types_webhookauthenticator.go | 56 + .../v1alpha1/zz_generated.deepcopy.go | 273 ++++ .../apis/concierge/config/v1alpha1/doc.go | 10 + .../concierge/config/v1alpha1/register.go | 43 + .../config/v1alpha1/types_credentialissuer.go | 244 +++ .../config/v1alpha1/zz_generated.deepcopy.go | 259 ++++ generated/1.21/apis/concierge/identity/doc.go | 8 + .../1.21/apis/concierge/identity/register.go | 38 + .../apis/concierge/identity/types_userinfo.go | 37 + .../apis/concierge/identity/types_whoami.go | 40 + .../concierge/identity/v1alpha1/conversion.go | 4 + .../concierge/identity/v1alpha1/defaults.go | 12 + .../apis/concierge/identity/v1alpha1/doc.go | 11 + .../concierge/identity/v1alpha1/register.go | 43 + .../identity/v1alpha1/types_userinfo.go | 41 + .../identity/v1alpha1/types_whoami.go | 43 + .../v1alpha1/zz_generated.conversion.go | 235 +++ .../v1alpha1/zz_generated.deepcopy.go | 185 +++ .../v1alpha1/zz_generated.defaults.go | 20 + .../identity/validation/validation.go | 14 + .../identity/zz_generated.deepcopy.go | 185 +++ generated/1.21/apis/concierge/login/doc.go | 8 + .../1.21/apis/concierge/login/register.go | 38 + .../apis/concierge/login/types_clustercred.go | 21 + .../1.21/apis/concierge/login/types_token.go | 47 + .../concierge/login/v1alpha1/conversion.go | 4 + .../apis/concierge/login/v1alpha1/defaults.go | 12 + .../1.21/apis/concierge/login/v1alpha1/doc.go | 11 + .../apis/concierge/login/v1alpha1/register.go | 43 + .../login/v1alpha1/types_clustercred.go | 22 + .../concierge/login/v1alpha1/types_token.go | 51 + .../login/v1alpha1/zz_generated.conversion.go | 201 +++ .../login/v1alpha1/zz_generated.deepcopy.go | 134 ++ .../login/v1alpha1/zz_generated.defaults.go | 20 + .../concierge/login/zz_generated.deepcopy.go | 134 ++ generated/1.21/apis/go.mod | 9 + generated/1.21/apis/go.sum | 163 ++ .../apis/supervisor/config/v1alpha1/doc.go | 11 + .../supervisor/config/v1alpha1/register.go | 43 + .../config/v1alpha1/types_federationdomain.go | 134 ++ .../config/v1alpha1/zz_generated.deepcopy.go | 152 ++ .../1.21/apis/supervisor/idp/v1alpha1/doc.go | 11 + .../apis/supervisor/idp/v1alpha1/register.go | 47 + .../types_activedirectoryidentityprovider.go | 207 +++ .../v1alpha1/types_ldapidentityprovider.go | 196 +++ .../supervisor/idp/v1alpha1/types_meta.go | 75 + .../v1alpha1/types_oidcidentityprovider.go | 206 +++ .../apis/supervisor/idp/v1alpha1/types_tls.go | 11 + .../idp/v1alpha1/zz_generated.deepcopy.go | 608 ++++++++ .../types_supervisor_idp_discovery.go | 66 + .../supervisor/oidc/types_supervisor_oidc.go | 25 + .../clientset/versioned/clientset.go | 126 ++ .../concierge/clientset/versioned/doc.go | 7 + .../versioned/fake/clientset_generated.go | 90 ++ .../concierge/clientset/versioned/fake/doc.go | 7 + .../clientset/versioned/fake/register.go | 49 + .../clientset/versioned/scheme/doc.go | 7 + .../clientset/versioned/scheme/register.go | 49 + .../v1alpha1/authentication_client.go | 81 + .../typed/authentication/v1alpha1/doc.go | 7 + .../typed/authentication/v1alpha1/fake/doc.go | 7 + .../fake/fake_authentication_client.go | 31 + .../v1alpha1/fake/fake_jwtauthenticator.go | 120 ++ .../fake/fake_webhookauthenticator.go | 120 ++ .../v1alpha1/generated_expansion.go | 10 + .../v1alpha1/jwtauthenticator.go | 171 +++ .../v1alpha1/webhookauthenticator.go | 171 +++ .../typed/config/v1alpha1/config_client.go | 76 + .../typed/config/v1alpha1/credentialissuer.go | 171 +++ .../versioned/typed/config/v1alpha1/doc.go | 7 + .../typed/config/v1alpha1/fake/doc.go | 7 + .../v1alpha1/fake/fake_config_client.go | 27 + .../v1alpha1/fake/fake_credentialissuer.go | 120 ++ .../config/v1alpha1/generated_expansion.go | 8 + .../versioned/typed/identity/v1alpha1/doc.go | 7 + .../typed/identity/v1alpha1/fake/doc.go | 7 + .../v1alpha1/fake/fake_identity_client.go | 27 + .../v1alpha1/fake/fake_whoamirequest.go | 34 + .../identity/v1alpha1/generated_expansion.go | 8 + .../identity/v1alpha1/identity_client.go | 76 + .../typed/identity/v1alpha1/whoamirequest.go | 51 + .../versioned/typed/login/v1alpha1/doc.go | 7 + .../typed/login/v1alpha1/fake/doc.go | 7 + .../login/v1alpha1/fake/fake_login_client.go | 27 + .../fake/fake_tokencredentialrequest.go | 34 + .../login/v1alpha1/generated_expansion.go | 8 + .../typed/login/v1alpha1/login_client.go | 76 + .../login/v1alpha1/tokencredentialrequest.go | 51 + .../authentication/interface.go | 33 + .../authentication/v1alpha1/interface.go | 39 + .../v1alpha1/jwtauthenticator.go | 76 + .../v1alpha1/webhookauthenticator.go | 76 + .../externalversions/config/interface.go | 33 + .../config/v1alpha1/credentialissuer.go | 76 + .../config/v1alpha1/interface.go | 32 + .../informers/externalversions/factory.go | 173 +++ .../informers/externalversions/generic.go | 56 + .../internalinterfaces/factory_interfaces.go | 27 + .../v1alpha1/expansion_generated.go | 14 + .../v1alpha1/jwtauthenticator.go | 55 + .../v1alpha1/webhookauthenticator.go | 55 + .../config/v1alpha1/credentialissuer.go | 55 + .../config/v1alpha1/expansion_generated.go | 10 + generated/1.21/client/go.mod | 12 + generated/1.21/client/go.sum | 426 ++++++ .../clientset/versioned/clientset.go | 98 ++ .../supervisor/clientset/versioned/doc.go | 7 + .../versioned/fake/clientset_generated.go | 76 + .../clientset/versioned/fake/doc.go | 7 + .../clientset/versioned/fake/register.go | 45 + .../clientset/versioned/scheme/doc.go | 7 + .../clientset/versioned/scheme/register.go | 45 + .../typed/config/v1alpha1/config_client.go | 76 + .../versioned/typed/config/v1alpha1/doc.go | 7 + .../typed/config/v1alpha1/fake/doc.go | 7 + .../v1alpha1/fake/fake_config_client.go | 27 + .../v1alpha1/fake/fake_federationdomain.go | 129 ++ .../typed/config/v1alpha1/federationdomain.go | 182 +++ .../config/v1alpha1/generated_expansion.go | 8 + .../activedirectoryidentityprovider.go | 182 +++ .../versioned/typed/idp/v1alpha1/doc.go | 7 + .../versioned/typed/idp/v1alpha1/fake/doc.go | 7 + .../fake_activedirectoryidentityprovider.go | 129 ++ .../idp/v1alpha1/fake/fake_idp_client.go | 35 + .../fake/fake_ldapidentityprovider.go | 129 ++ .../fake/fake_oidcidentityprovider.go | 129 ++ .../typed/idp/v1alpha1/generated_expansion.go | 12 + .../typed/idp/v1alpha1/idp_client.go | 86 ++ .../idp/v1alpha1/ldapidentityprovider.go | 182 +++ .../idp/v1alpha1/oidcidentityprovider.go | 182 +++ .../externalversions/config/interface.go | 33 + .../config/v1alpha1/federationdomain.go | 77 + .../config/v1alpha1/interface.go | 32 + .../informers/externalversions/factory.go | 173 +++ .../informers/externalversions/generic.go | 58 + .../externalversions/idp/interface.go | 33 + .../activedirectoryidentityprovider.go | 77 + .../idp/v1alpha1/interface.go | 46 + .../idp/v1alpha1/ldapidentityprovider.go | 77 + .../idp/v1alpha1/oidcidentityprovider.go | 77 + .../internalinterfaces/factory_interfaces.go | 27 + .../config/v1alpha1/expansion_generated.go | 14 + .../config/v1alpha1/federationdomain.go | 86 ++ .../activedirectoryidentityprovider.go | 86 ++ .../idp/v1alpha1/expansion_generated.go | 30 + .../idp/v1alpha1/ldapidentityprovider.go | 86 ++ .../idp/v1alpha1/oidcidentityprovider.go | 86 ++ ...cierge.pinniped.dev_jwtauthenticators.yaml | 177 +++ ...ge.pinniped.dev_webhookauthenticators.yaml | 150 ++ ...cierge.pinniped.dev_credentialissuers.yaml | 247 +++ ...rvisor.pinniped.dev_federationdomains.yaml | 170 +++ ....dev_activedirectoryidentityproviders.yaml | 305 ++++ ...or.pinniped.dev_ldapidentityproviders.yaml | 302 ++++ ...or.pinniped.dev_oidcidentityproviders.yaml | 329 ++++ generated/1.22/README.adoc | 1334 +++++++++++++++++ .../concierge/authentication/v1alpha1/doc.go | 10 + .../authentication/v1alpha1/register.go | 45 + .../v1alpha1/types_jwtauthenticator.go | 85 ++ .../authentication/v1alpha1/types_meta.go | 75 + .../authentication/v1alpha1/types_tls.go | 11 + .../v1alpha1/types_webhookauthenticator.go | 56 + .../v1alpha1/zz_generated.deepcopy.go | 273 ++++ .../apis/concierge/config/v1alpha1/doc.go | 10 + .../concierge/config/v1alpha1/register.go | 43 + .../config/v1alpha1/types_credentialissuer.go | 244 +++ .../config/v1alpha1/zz_generated.deepcopy.go | 259 ++++ generated/1.22/apis/concierge/identity/doc.go | 8 + .../1.22/apis/concierge/identity/register.go | 38 + .../apis/concierge/identity/types_userinfo.go | 37 + .../apis/concierge/identity/types_whoami.go | 40 + .../concierge/identity/v1alpha1/conversion.go | 4 + .../concierge/identity/v1alpha1/defaults.go | 12 + .../apis/concierge/identity/v1alpha1/doc.go | 11 + .../concierge/identity/v1alpha1/register.go | 43 + .../identity/v1alpha1/types_userinfo.go | 41 + .../identity/v1alpha1/types_whoami.go | 43 + .../v1alpha1/zz_generated.conversion.go | 235 +++ .../v1alpha1/zz_generated.deepcopy.go | 185 +++ .../v1alpha1/zz_generated.defaults.go | 20 + .../identity/validation/validation.go | 14 + .../identity/zz_generated.deepcopy.go | 185 +++ generated/1.22/apis/concierge/login/doc.go | 8 + .../1.22/apis/concierge/login/register.go | 38 + .../apis/concierge/login/types_clustercred.go | 21 + .../1.22/apis/concierge/login/types_token.go | 47 + .../concierge/login/v1alpha1/conversion.go | 4 + .../apis/concierge/login/v1alpha1/defaults.go | 12 + .../1.22/apis/concierge/login/v1alpha1/doc.go | 11 + .../apis/concierge/login/v1alpha1/register.go | 43 + .../login/v1alpha1/types_clustercred.go | 22 + .../concierge/login/v1alpha1/types_token.go | 51 + .../login/v1alpha1/zz_generated.conversion.go | 201 +++ .../login/v1alpha1/zz_generated.deepcopy.go | 134 ++ .../login/v1alpha1/zz_generated.defaults.go | 20 + .../concierge/login/zz_generated.deepcopy.go | 134 ++ generated/1.22/apis/go.mod | 9 + generated/1.22/apis/go.sum | 221 +++ .../apis/supervisor/config/v1alpha1/doc.go | 11 + .../supervisor/config/v1alpha1/register.go | 43 + .../config/v1alpha1/types_federationdomain.go | 134 ++ .../config/v1alpha1/zz_generated.deepcopy.go | 152 ++ .../1.22/apis/supervisor/idp/v1alpha1/doc.go | 11 + .../apis/supervisor/idp/v1alpha1/register.go | 47 + .../types_activedirectoryidentityprovider.go | 207 +++ .../v1alpha1/types_ldapidentityprovider.go | 196 +++ .../supervisor/idp/v1alpha1/types_meta.go | 75 + .../v1alpha1/types_oidcidentityprovider.go | 206 +++ .../apis/supervisor/idp/v1alpha1/types_tls.go | 11 + .../idp/v1alpha1/zz_generated.deepcopy.go | 608 ++++++++ .../types_supervisor_idp_discovery.go | 66 + .../supervisor/oidc/types_supervisor_oidc.go | 25 + .../clientset/versioned/clientset.go | 126 ++ .../concierge/clientset/versioned/doc.go | 7 + .../versioned/fake/clientset_generated.go | 93 ++ .../concierge/clientset/versioned/fake/doc.go | 7 + .../clientset/versioned/fake/register.go | 49 + .../clientset/versioned/scheme/doc.go | 7 + .../clientset/versioned/scheme/register.go | 49 + .../v1alpha1/authentication_client.go | 81 + .../typed/authentication/v1alpha1/doc.go | 7 + .../typed/authentication/v1alpha1/fake/doc.go | 7 + .../fake/fake_authentication_client.go | 31 + .../v1alpha1/fake/fake_jwtauthenticator.go | 120 ++ .../fake/fake_webhookauthenticator.go | 120 ++ .../v1alpha1/generated_expansion.go | 10 + .../v1alpha1/jwtauthenticator.go | 171 +++ .../v1alpha1/webhookauthenticator.go | 171 +++ .../typed/config/v1alpha1/config_client.go | 76 + .../typed/config/v1alpha1/credentialissuer.go | 171 +++ .../versioned/typed/config/v1alpha1/doc.go | 7 + .../typed/config/v1alpha1/fake/doc.go | 7 + .../v1alpha1/fake/fake_config_client.go | 27 + .../v1alpha1/fake/fake_credentialissuer.go | 120 ++ .../config/v1alpha1/generated_expansion.go | 8 + .../versioned/typed/identity/v1alpha1/doc.go | 7 + .../typed/identity/v1alpha1/fake/doc.go | 7 + .../v1alpha1/fake/fake_identity_client.go | 27 + .../v1alpha1/fake/fake_whoamirequest.go | 34 + .../identity/v1alpha1/generated_expansion.go | 8 + .../identity/v1alpha1/identity_client.go | 76 + .../typed/identity/v1alpha1/whoamirequest.go | 51 + .../versioned/typed/login/v1alpha1/doc.go | 7 + .../typed/login/v1alpha1/fake/doc.go | 7 + .../login/v1alpha1/fake/fake_login_client.go | 27 + .../fake/fake_tokencredentialrequest.go | 34 + .../login/v1alpha1/generated_expansion.go | 8 + .../typed/login/v1alpha1/login_client.go | 76 + .../login/v1alpha1/tokencredentialrequest.go | 51 + .../authentication/interface.go | 33 + .../authentication/v1alpha1/interface.go | 39 + .../v1alpha1/jwtauthenticator.go | 76 + .../v1alpha1/webhookauthenticator.go | 76 + .../externalversions/config/interface.go | 33 + .../config/v1alpha1/credentialissuer.go | 76 + .../config/v1alpha1/interface.go | 32 + .../informers/externalversions/factory.go | 173 +++ .../informers/externalversions/generic.go | 56 + .../internalinterfaces/factory_interfaces.go | 27 + .../v1alpha1/expansion_generated.go | 14 + .../v1alpha1/jwtauthenticator.go | 55 + .../v1alpha1/webhookauthenticator.go | 55 + .../config/v1alpha1/credentialissuer.go | 55 + .../config/v1alpha1/expansion_generated.go | 10 + generated/1.22/client/go.mod | 12 + generated/1.22/client/go.sum | 451 ++++++ .../clientset/versioned/clientset.go | 98 ++ .../supervisor/clientset/versioned/doc.go | 7 + .../versioned/fake/clientset_generated.go | 79 + .../clientset/versioned/fake/doc.go | 7 + .../clientset/versioned/fake/register.go | 45 + .../clientset/versioned/scheme/doc.go | 7 + .../clientset/versioned/scheme/register.go | 45 + .../typed/config/v1alpha1/config_client.go | 76 + .../versioned/typed/config/v1alpha1/doc.go | 7 + .../typed/config/v1alpha1/fake/doc.go | 7 + .../v1alpha1/fake/fake_config_client.go | 27 + .../v1alpha1/fake/fake_federationdomain.go | 129 ++ .../typed/config/v1alpha1/federationdomain.go | 182 +++ .../config/v1alpha1/generated_expansion.go | 8 + .../activedirectoryidentityprovider.go | 182 +++ .../versioned/typed/idp/v1alpha1/doc.go | 7 + .../versioned/typed/idp/v1alpha1/fake/doc.go | 7 + .../fake_activedirectoryidentityprovider.go | 129 ++ .../idp/v1alpha1/fake/fake_idp_client.go | 35 + .../fake/fake_ldapidentityprovider.go | 129 ++ .../fake/fake_oidcidentityprovider.go | 129 ++ .../typed/idp/v1alpha1/generated_expansion.go | 12 + .../typed/idp/v1alpha1/idp_client.go | 86 ++ .../idp/v1alpha1/ldapidentityprovider.go | 182 +++ .../idp/v1alpha1/oidcidentityprovider.go | 182 +++ .../externalversions/config/interface.go | 33 + .../config/v1alpha1/federationdomain.go | 77 + .../config/v1alpha1/interface.go | 32 + .../informers/externalversions/factory.go | 173 +++ .../informers/externalversions/generic.go | 58 + .../externalversions/idp/interface.go | 33 + .../activedirectoryidentityprovider.go | 77 + .../idp/v1alpha1/interface.go | 46 + .../idp/v1alpha1/ldapidentityprovider.go | 77 + .../idp/v1alpha1/oidcidentityprovider.go | 77 + .../internalinterfaces/factory_interfaces.go | 27 + .../config/v1alpha1/expansion_generated.go | 14 + .../config/v1alpha1/federationdomain.go | 86 ++ .../activedirectoryidentityprovider.go | 86 ++ .../idp/v1alpha1/expansion_generated.go | 30 + .../idp/v1alpha1/ldapidentityprovider.go | 86 ++ .../idp/v1alpha1/oidcidentityprovider.go | 86 ++ ...cierge.pinniped.dev_jwtauthenticators.yaml | 177 +++ ...ge.pinniped.dev_webhookauthenticators.yaml | 150 ++ ...cierge.pinniped.dev_credentialissuers.yaml | 247 +++ ...rvisor.pinniped.dev_federationdomains.yaml | 170 +++ ....dev_activedirectoryidentityproviders.yaml | 305 ++++ ...or.pinniped.dev_ldapidentityproviders.yaml | 302 ++++ ...or.pinniped.dev_oidcidentityproviders.yaml | 329 ++++ generated/1.23/README.adoc | 1334 +++++++++++++++++ .../concierge/authentication/v1alpha1/doc.go | 10 + .../authentication/v1alpha1/register.go | 45 + .../v1alpha1/types_jwtauthenticator.go | 85 ++ .../authentication/v1alpha1/types_meta.go | 75 + .../authentication/v1alpha1/types_tls.go | 11 + .../v1alpha1/types_webhookauthenticator.go | 56 + .../v1alpha1/zz_generated.deepcopy.go | 273 ++++ .../apis/concierge/config/v1alpha1/doc.go | 10 + .../concierge/config/v1alpha1/register.go | 43 + .../config/v1alpha1/types_credentialissuer.go | 244 +++ .../config/v1alpha1/zz_generated.deepcopy.go | 259 ++++ generated/1.23/apis/concierge/identity/doc.go | 8 + .../1.23/apis/concierge/identity/register.go | 38 + .../apis/concierge/identity/types_userinfo.go | 37 + .../apis/concierge/identity/types_whoami.go | 40 + .../concierge/identity/v1alpha1/conversion.go | 4 + .../concierge/identity/v1alpha1/defaults.go | 12 + .../apis/concierge/identity/v1alpha1/doc.go | 11 + .../concierge/identity/v1alpha1/register.go | 43 + .../identity/v1alpha1/types_userinfo.go | 41 + .../identity/v1alpha1/types_whoami.go | 43 + .../v1alpha1/zz_generated.conversion.go | 235 +++ .../v1alpha1/zz_generated.deepcopy.go | 185 +++ .../v1alpha1/zz_generated.defaults.go | 20 + .../identity/validation/validation.go | 14 + .../identity/zz_generated.deepcopy.go | 185 +++ generated/1.23/apis/concierge/login/doc.go | 8 + .../1.23/apis/concierge/login/register.go | 38 + .../apis/concierge/login/types_clustercred.go | 21 + .../1.23/apis/concierge/login/types_token.go | 47 + .../concierge/login/v1alpha1/conversion.go | 4 + .../apis/concierge/login/v1alpha1/defaults.go | 12 + .../1.23/apis/concierge/login/v1alpha1/doc.go | 11 + .../apis/concierge/login/v1alpha1/register.go | 43 + .../login/v1alpha1/types_clustercred.go | 22 + .../concierge/login/v1alpha1/types_token.go | 51 + .../login/v1alpha1/zz_generated.conversion.go | 201 +++ .../login/v1alpha1/zz_generated.deepcopy.go | 134 ++ .../login/v1alpha1/zz_generated.defaults.go | 20 + .../concierge/login/zz_generated.deepcopy.go | 134 ++ generated/1.23/apis/go.mod | 9 + generated/1.23/apis/go.sum | 241 +++ .../apis/supervisor/config/v1alpha1/doc.go | 11 + .../supervisor/config/v1alpha1/register.go | 43 + .../config/v1alpha1/types_federationdomain.go | 134 ++ .../config/v1alpha1/zz_generated.deepcopy.go | 152 ++ .../1.23/apis/supervisor/idp/v1alpha1/doc.go | 11 + .../apis/supervisor/idp/v1alpha1/register.go | 47 + .../types_activedirectoryidentityprovider.go | 207 +++ .../v1alpha1/types_ldapidentityprovider.go | 196 +++ .../supervisor/idp/v1alpha1/types_meta.go | 75 + .../v1alpha1/types_oidcidentityprovider.go | 206 +++ .../apis/supervisor/idp/v1alpha1/types_tls.go | 11 + .../idp/v1alpha1/zz_generated.deepcopy.go | 608 ++++++++ .../types_supervisor_idp_discovery.go | 66 + .../supervisor/oidc/types_supervisor_oidc.go | 25 + .../clientset/versioned/clientset.go | 143 ++ .../concierge/clientset/versioned/doc.go | 7 + .../versioned/fake/clientset_generated.go | 93 ++ .../concierge/clientset/versioned/fake/doc.go | 7 + .../clientset/versioned/fake/register.go | 49 + .../clientset/versioned/scheme/doc.go | 7 + .../clientset/versioned/scheme/register.go | 49 + .../v1alpha1/authentication_client.go | 99 ++ .../typed/authentication/v1alpha1/doc.go | 7 + .../typed/authentication/v1alpha1/fake/doc.go | 7 + .../fake/fake_authentication_client.go | 31 + .../v1alpha1/fake/fake_jwtauthenticator.go | 120 ++ .../fake/fake_webhookauthenticator.go | 120 ++ .../v1alpha1/generated_expansion.go | 10 + .../v1alpha1/jwtauthenticator.go | 171 +++ .../v1alpha1/webhookauthenticator.go | 171 +++ .../typed/config/v1alpha1/config_client.go | 94 ++ .../typed/config/v1alpha1/credentialissuer.go | 171 +++ .../versioned/typed/config/v1alpha1/doc.go | 7 + .../typed/config/v1alpha1/fake/doc.go | 7 + .../v1alpha1/fake/fake_config_client.go | 27 + .../v1alpha1/fake/fake_credentialissuer.go | 120 ++ .../config/v1alpha1/generated_expansion.go | 8 + .../versioned/typed/identity/v1alpha1/doc.go | 7 + .../typed/identity/v1alpha1/fake/doc.go | 7 + .../v1alpha1/fake/fake_identity_client.go | 27 + .../v1alpha1/fake/fake_whoamirequest.go | 34 + .../identity/v1alpha1/generated_expansion.go | 8 + .../identity/v1alpha1/identity_client.go | 94 ++ .../typed/identity/v1alpha1/whoamirequest.go | 51 + .../versioned/typed/login/v1alpha1/doc.go | 7 + .../typed/login/v1alpha1/fake/doc.go | 7 + .../login/v1alpha1/fake/fake_login_client.go | 27 + .../fake/fake_tokencredentialrequest.go | 34 + .../login/v1alpha1/generated_expansion.go | 8 + .../typed/login/v1alpha1/login_client.go | 94 ++ .../login/v1alpha1/tokencredentialrequest.go | 51 + .../authentication/interface.go | 33 + .../authentication/v1alpha1/interface.go | 39 + .../v1alpha1/jwtauthenticator.go | 76 + .../v1alpha1/webhookauthenticator.go | 76 + .../externalversions/config/interface.go | 33 + .../config/v1alpha1/credentialissuer.go | 76 + .../config/v1alpha1/interface.go | 32 + .../informers/externalversions/factory.go | 173 +++ .../informers/externalversions/generic.go | 56 + .../internalinterfaces/factory_interfaces.go | 27 + .../v1alpha1/expansion_generated.go | 14 + .../v1alpha1/jwtauthenticator.go | 55 + .../v1alpha1/webhookauthenticator.go | 55 + .../config/v1alpha1/credentialissuer.go | 55 + .../config/v1alpha1/expansion_generated.go | 10 + generated/1.23/client/go.mod | 12 + generated/1.23/client/go.sum | 621 ++++++++ .../clientset/versioned/clientset.go | 117 ++ .../supervisor/clientset/versioned/doc.go | 7 + .../versioned/fake/clientset_generated.go | 79 + .../clientset/versioned/fake/doc.go | 7 + .../clientset/versioned/fake/register.go | 45 + .../clientset/versioned/scheme/doc.go | 7 + .../clientset/versioned/scheme/register.go | 45 + .../typed/config/v1alpha1/config_client.go | 94 ++ .../versioned/typed/config/v1alpha1/doc.go | 7 + .../typed/config/v1alpha1/fake/doc.go | 7 + .../v1alpha1/fake/fake_config_client.go | 27 + .../v1alpha1/fake/fake_federationdomain.go | 129 ++ .../typed/config/v1alpha1/federationdomain.go | 182 +++ .../config/v1alpha1/generated_expansion.go | 8 + .../activedirectoryidentityprovider.go | 182 +++ .../versioned/typed/idp/v1alpha1/doc.go | 7 + .../versioned/typed/idp/v1alpha1/fake/doc.go | 7 + .../fake_activedirectoryidentityprovider.go | 129 ++ .../idp/v1alpha1/fake/fake_idp_client.go | 35 + .../fake/fake_ldapidentityprovider.go | 129 ++ .../fake/fake_oidcidentityprovider.go | 129 ++ .../typed/idp/v1alpha1/generated_expansion.go | 12 + .../typed/idp/v1alpha1/idp_client.go | 104 ++ .../idp/v1alpha1/ldapidentityprovider.go | 182 +++ .../idp/v1alpha1/oidcidentityprovider.go | 182 +++ .../externalversions/config/interface.go | 33 + .../config/v1alpha1/federationdomain.go | 77 + .../config/v1alpha1/interface.go | 32 + .../informers/externalversions/factory.go | 173 +++ .../informers/externalversions/generic.go | 58 + .../externalversions/idp/interface.go | 33 + .../activedirectoryidentityprovider.go | 77 + .../idp/v1alpha1/interface.go | 46 + .../idp/v1alpha1/ldapidentityprovider.go | 77 + .../idp/v1alpha1/oidcidentityprovider.go | 77 + .../internalinterfaces/factory_interfaces.go | 27 + .../config/v1alpha1/expansion_generated.go | 14 + .../config/v1alpha1/federationdomain.go | 86 ++ .../activedirectoryidentityprovider.go | 86 ++ .../idp/v1alpha1/expansion_generated.go | 30 + .../idp/v1alpha1/ldapidentityprovider.go | 86 ++ .../idp/v1alpha1/oidcidentityprovider.go | 86 ++ ...cierge.pinniped.dev_jwtauthenticators.yaml | 177 +++ ...ge.pinniped.dev_webhookauthenticators.yaml | 150 ++ ...cierge.pinniped.dev_credentialissuers.yaml | 247 +++ ...rvisor.pinniped.dev_federationdomains.yaml | 170 +++ ....dev_activedirectoryidentityproviders.yaml | 305 ++++ ...or.pinniped.dev_ldapidentityproviders.yaml | 302 ++++ ...or.pinniped.dev_oidcidentityproviders.yaml | 329 ++++ .../concierge/authentication/v1alpha1/doc.go | 2 +- .../authentication/v1alpha1/register.go | 2 +- .../v1alpha1/types_jwtauthenticator.go | 2 +- .../authentication/v1alpha1/types_meta.go | 2 +- .../authentication/v1alpha1/types_tls.go | 2 +- .../v1alpha1/types_webhookauthenticator.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 3 +- .../apis/concierge/config/v1alpha1/doc.go | 2 +- .../concierge/config/v1alpha1/register.go | 2 +- .../config/v1alpha1/types_credentialissuer.go | 2 +- .../config/v1alpha1/zz_generated.deepcopy.go | 3 +- .../latest/apis/concierge/identity/doc.go | 2 +- .../apis/concierge/identity/register.go | 2 +- .../apis/concierge/identity/types_userinfo.go | 2 +- .../apis/concierge/identity/types_whoami.go | 2 +- .../concierge/identity/v1alpha1/conversion.go | 2 +- .../concierge/identity/v1alpha1/defaults.go | 2 +- .../apis/concierge/identity/v1alpha1/doc.go | 2 +- .../concierge/identity/v1alpha1/register.go | 2 +- .../identity/v1alpha1/types_userinfo.go | 2 +- .../identity/v1alpha1/types_whoami.go | 2 +- .../v1alpha1/zz_generated.conversion.go | 3 +- .../v1alpha1/zz_generated.deepcopy.go | 3 +- .../v1alpha1/zz_generated.defaults.go | 3 +- .../identity/validation/validation.go | 2 +- .../identity/zz_generated.deepcopy.go | 3 +- generated/latest/apis/concierge/login/doc.go | 2 +- .../latest/apis/concierge/login/register.go | 2 +- .../apis/concierge/login/types_clustercred.go | 2 +- .../apis/concierge/login/types_token.go | 2 +- .../concierge/login/v1alpha1/conversion.go | 2 +- .../apis/concierge/login/v1alpha1/defaults.go | 2 +- .../apis/concierge/login/v1alpha1/doc.go | 2 +- .../apis/concierge/login/v1alpha1/register.go | 2 +- .../login/v1alpha1/types_clustercred.go | 2 +- .../concierge/login/v1alpha1/types_token.go | 2 +- .../login/v1alpha1/zz_generated.conversion.go | 3 +- .../login/v1alpha1/zz_generated.deepcopy.go | 3 +- .../login/v1alpha1/zz_generated.defaults.go | 3 +- .../concierge/login/zz_generated.deepcopy.go | 3 +- .../apis/supervisor/config/v1alpha1/doc.go | 2 +- .../supervisor/config/v1alpha1/register.go | 2 +- .../config/v1alpha1/types_federationdomain.go | 2 +- .../config/v1alpha1/zz_generated.deepcopy.go | 3 +- .../apis/supervisor/idp/v1alpha1/doc.go | 2 +- .../apis/supervisor/idp/v1alpha1/register.go | 2 +- .../supervisor/idp/v1alpha1/types_meta.go | 2 +- .../apis/supervisor/idp/v1alpha1/types_tls.go | 2 +- .../idp/v1alpha1/zz_generated.deepcopy.go | 3 +- .../types_supervisor_idp_discovery.go | 2 +- .../supervisor/oidc/types_supervisor_oidc.go | 2 +- .../clientset/versioned/clientset.go | 45 +- .../concierge/clientset/versioned/doc.go | 2 +- .../versioned/fake/clientset_generated.go | 7 +- .../concierge/clientset/versioned/fake/doc.go | 2 +- .../clientset/versioned/fake/register.go | 2 +- .../clientset/versioned/scheme/doc.go | 2 +- .../clientset/versioned/scheme/register.go | 2 +- .../v1alpha1/authentication_client.go | 22 +- .../typed/authentication/v1alpha1/doc.go | 2 +- .../typed/authentication/v1alpha1/fake/doc.go | 2 +- .../fake/fake_authentication_client.go | 2 +- .../v1alpha1/fake/fake_jwtauthenticator.go | 4 +- .../fake/fake_webhookauthenticator.go | 4 +- .../v1alpha1/generated_expansion.go | 2 +- .../v1alpha1/jwtauthenticator.go | 2 +- .../v1alpha1/webhookauthenticator.go | 2 +- .../typed/config/v1alpha1/config_client.go | 22 +- .../typed/config/v1alpha1/credentialissuer.go | 2 +- .../versioned/typed/config/v1alpha1/doc.go | 2 +- .../typed/config/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_config_client.go | 2 +- .../v1alpha1/fake/fake_credentialissuer.go | 4 +- .../config/v1alpha1/generated_expansion.go | 2 +- .../versioned/typed/identity/v1alpha1/doc.go | 2 +- .../typed/identity/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_identity_client.go | 2 +- .../v1alpha1/fake/fake_whoamirequest.go | 2 +- .../identity/v1alpha1/generated_expansion.go | 2 +- .../identity/v1alpha1/identity_client.go | 22 +- .../typed/identity/v1alpha1/whoamirequest.go | 2 +- .../versioned/typed/login/v1alpha1/doc.go | 2 +- .../typed/login/v1alpha1/fake/doc.go | 2 +- .../login/v1alpha1/fake/fake_login_client.go | 2 +- .../fake/fake_tokencredentialrequest.go | 2 +- .../login/v1alpha1/generated_expansion.go | 2 +- .../typed/login/v1alpha1/login_client.go | 22 +- .../login/v1alpha1/tokencredentialrequest.go | 2 +- .../authentication/interface.go | 2 +- .../authentication/v1alpha1/interface.go | 2 +- .../v1alpha1/jwtauthenticator.go | 2 +- .../v1alpha1/webhookauthenticator.go | 2 +- .../externalversions/config/interface.go | 2 +- .../config/v1alpha1/credentialissuer.go | 2 +- .../config/v1alpha1/interface.go | 2 +- .../informers/externalversions/factory.go | 2 +- .../informers/externalversions/generic.go | 2 +- .../internalinterfaces/factory_interfaces.go | 2 +- .../v1alpha1/expansion_generated.go | 2 +- .../v1alpha1/jwtauthenticator.go | 2 +- .../v1alpha1/webhookauthenticator.go | 2 +- .../config/v1alpha1/credentialissuer.go | 2 +- .../config/v1alpha1/expansion_generated.go | 2 +- .../clientset/versioned/clientset.go | 39 +- .../supervisor/clientset/versioned/doc.go | 2 +- .../versioned/fake/clientset_generated.go | 7 +- .../clientset/versioned/fake/doc.go | 2 +- .../clientset/versioned/fake/register.go | 2 +- .../clientset/versioned/scheme/doc.go | 2 +- .../clientset/versioned/scheme/register.go | 2 +- .../typed/config/v1alpha1/config_client.go | 22 +- .../versioned/typed/config/v1alpha1/doc.go | 2 +- .../typed/config/v1alpha1/fake/doc.go | 2 +- .../v1alpha1/fake/fake_config_client.go | 2 +- .../v1alpha1/fake/fake_federationdomain.go | 4 +- .../typed/config/v1alpha1/federationdomain.go | 2 +- .../config/v1alpha1/generated_expansion.go | 2 +- .../activedirectoryidentityprovider.go | 2 +- .../versioned/typed/idp/v1alpha1/doc.go | 2 +- .../versioned/typed/idp/v1alpha1/fake/doc.go | 2 +- .../fake_activedirectoryidentityprovider.go | 4 +- .../idp/v1alpha1/fake/fake_idp_client.go | 2 +- .../fake/fake_ldapidentityprovider.go | 4 +- .../fake/fake_oidcidentityprovider.go | 4 +- .../typed/idp/v1alpha1/generated_expansion.go | 2 +- .../typed/idp/v1alpha1/idp_client.go | 22 +- .../idp/v1alpha1/ldapidentityprovider.go | 2 +- .../idp/v1alpha1/oidcidentityprovider.go | 2 +- .../externalversions/config/interface.go | 2 +- .../config/v1alpha1/federationdomain.go | 2 +- .../config/v1alpha1/interface.go | 2 +- .../informers/externalversions/factory.go | 2 +- .../informers/externalversions/generic.go | 2 +- .../externalversions/idp/interface.go | 2 +- .../activedirectoryidentityprovider.go | 2 +- .../idp/v1alpha1/interface.go | 2 +- .../idp/v1alpha1/ldapidentityprovider.go | 2 +- .../idp/v1alpha1/oidcidentityprovider.go | 2 +- .../internalinterfaces/factory_interfaces.go | 2 +- .../config/v1alpha1/expansion_generated.go | 2 +- .../config/v1alpha1/federationdomain.go | 2 +- .../activedirectoryidentityprovider.go | 2 +- .../idp/v1alpha1/expansion_generated.go | 2 +- .../idp/v1alpha1/ldapidentityprovider.go | 2 +- .../idp/v1alpha1/oidcidentityprovider.go | 2 +- hack/boilerplate.go.txt | 2 +- hack/lib/kube-versions.txt | 11 +- hack/lib/update-codegen.sh | 35 +- hack/update.sh | 22 +- 1264 files changed, 43095 insertions(+), 947 deletions(-) create mode 100644 generated/1.21/README.adoc create mode 100644 generated/1.21/apis/concierge/authentication/v1alpha1/doc.go create mode 100644 generated/1.21/apis/concierge/authentication/v1alpha1/register.go create mode 100644 generated/1.21/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go create mode 100644 generated/1.21/apis/concierge/authentication/v1alpha1/types_meta.go create mode 100644 generated/1.21/apis/concierge/authentication/v1alpha1/types_tls.go create mode 100644 generated/1.21/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go create mode 100644 generated/1.21/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.21/apis/concierge/config/v1alpha1/doc.go create mode 100644 generated/1.21/apis/concierge/config/v1alpha1/register.go create mode 100644 generated/1.21/apis/concierge/config/v1alpha1/types_credentialissuer.go create mode 100644 generated/1.21/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.21/apis/concierge/identity/doc.go create mode 100644 generated/1.21/apis/concierge/identity/register.go create mode 100644 generated/1.21/apis/concierge/identity/types_userinfo.go create mode 100644 generated/1.21/apis/concierge/identity/types_whoami.go create mode 100644 generated/1.21/apis/concierge/identity/v1alpha1/conversion.go create mode 100644 generated/1.21/apis/concierge/identity/v1alpha1/defaults.go create mode 100644 generated/1.21/apis/concierge/identity/v1alpha1/doc.go create mode 100644 generated/1.21/apis/concierge/identity/v1alpha1/register.go create mode 100644 generated/1.21/apis/concierge/identity/v1alpha1/types_userinfo.go create mode 100644 generated/1.21/apis/concierge/identity/v1alpha1/types_whoami.go create mode 100644 generated/1.21/apis/concierge/identity/v1alpha1/zz_generated.conversion.go create mode 100644 generated/1.21/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.21/apis/concierge/identity/v1alpha1/zz_generated.defaults.go create mode 100644 generated/1.21/apis/concierge/identity/validation/validation.go create mode 100644 generated/1.21/apis/concierge/identity/zz_generated.deepcopy.go create mode 100644 generated/1.21/apis/concierge/login/doc.go create mode 100644 generated/1.21/apis/concierge/login/register.go create mode 100644 generated/1.21/apis/concierge/login/types_clustercred.go create mode 100644 generated/1.21/apis/concierge/login/types_token.go create mode 100644 generated/1.21/apis/concierge/login/v1alpha1/conversion.go create mode 100644 generated/1.21/apis/concierge/login/v1alpha1/defaults.go create mode 100644 generated/1.21/apis/concierge/login/v1alpha1/doc.go create mode 100644 generated/1.21/apis/concierge/login/v1alpha1/register.go create mode 100644 generated/1.21/apis/concierge/login/v1alpha1/types_clustercred.go create mode 100644 generated/1.21/apis/concierge/login/v1alpha1/types_token.go create mode 100644 generated/1.21/apis/concierge/login/v1alpha1/zz_generated.conversion.go create mode 100644 generated/1.21/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.21/apis/concierge/login/v1alpha1/zz_generated.defaults.go create mode 100644 generated/1.21/apis/concierge/login/zz_generated.deepcopy.go create mode 100644 generated/1.21/apis/go.mod create mode 100644 generated/1.21/apis/go.sum create mode 100644 generated/1.21/apis/supervisor/config/v1alpha1/doc.go create mode 100644 generated/1.21/apis/supervisor/config/v1alpha1/register.go create mode 100644 generated/1.21/apis/supervisor/config/v1alpha1/types_federationdomain.go create mode 100644 generated/1.21/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.21/apis/supervisor/idp/v1alpha1/doc.go create mode 100644 generated/1.21/apis/supervisor/idp/v1alpha1/register.go create mode 100644 generated/1.21/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go create mode 100644 generated/1.21/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go create mode 100644 generated/1.21/apis/supervisor/idp/v1alpha1/types_meta.go create mode 100644 generated/1.21/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go create mode 100644 generated/1.21/apis/supervisor/idp/v1alpha1/types_tls.go create mode 100644 generated/1.21/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.21/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go create mode 100644 generated/1.21/apis/supervisor/oidc/types_supervisor_oidc.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/clientset.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/doc.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/fake/clientset_generated.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/fake/doc.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/fake/register.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/scheme/doc.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/scheme/register.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go create mode 100644 generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go create mode 100644 generated/1.21/client/concierge/informers/externalversions/authentication/interface.go create mode 100644 generated/1.21/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go create mode 100644 generated/1.21/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go create mode 100644 generated/1.21/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go create mode 100644 generated/1.21/client/concierge/informers/externalversions/config/interface.go create mode 100644 generated/1.21/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go create mode 100644 generated/1.21/client/concierge/informers/externalversions/config/v1alpha1/interface.go create mode 100644 generated/1.21/client/concierge/informers/externalversions/factory.go create mode 100644 generated/1.21/client/concierge/informers/externalversions/generic.go create mode 100644 generated/1.21/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go create mode 100644 generated/1.21/client/concierge/listers/authentication/v1alpha1/expansion_generated.go create mode 100644 generated/1.21/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go create mode 100644 generated/1.21/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go create mode 100644 generated/1.21/client/concierge/listers/config/v1alpha1/credentialissuer.go create mode 100644 generated/1.21/client/concierge/listers/config/v1alpha1/expansion_generated.go create mode 100644 generated/1.21/client/go.mod create mode 100644 generated/1.21/client/go.sum create mode 100644 generated/1.21/client/supervisor/clientset/versioned/clientset.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/doc.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/fake/clientset_generated.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/fake/doc.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/fake/register.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/scheme/doc.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/scheme/register.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go create mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go create mode 100644 generated/1.21/client/supervisor/informers/externalversions/config/interface.go create mode 100644 generated/1.21/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go create mode 100644 generated/1.21/client/supervisor/informers/externalversions/config/v1alpha1/interface.go create mode 100644 generated/1.21/client/supervisor/informers/externalversions/factory.go create mode 100644 generated/1.21/client/supervisor/informers/externalversions/generic.go create mode 100644 generated/1.21/client/supervisor/informers/externalversions/idp/interface.go create mode 100644 generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go create mode 100644 generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go create mode 100644 generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go create mode 100644 generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go create mode 100644 generated/1.21/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go create mode 100644 generated/1.21/client/supervisor/listers/config/v1alpha1/expansion_generated.go create mode 100644 generated/1.21/client/supervisor/listers/config/v1alpha1/federationdomain.go create mode 100644 generated/1.21/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go create mode 100644 generated/1.21/client/supervisor/listers/idp/v1alpha1/expansion_generated.go create mode 100644 generated/1.21/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go create mode 100644 generated/1.21/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go create mode 100644 generated/1.21/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml create mode 100644 generated/1.21/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml create mode 100644 generated/1.21/crds/config.concierge.pinniped.dev_credentialissuers.yaml create mode 100644 generated/1.21/crds/config.supervisor.pinniped.dev_federationdomains.yaml create mode 100644 generated/1.21/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml create mode 100644 generated/1.21/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml create mode 100644 generated/1.21/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml create mode 100644 generated/1.22/README.adoc create mode 100644 generated/1.22/apis/concierge/authentication/v1alpha1/doc.go create mode 100644 generated/1.22/apis/concierge/authentication/v1alpha1/register.go create mode 100644 generated/1.22/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go create mode 100644 generated/1.22/apis/concierge/authentication/v1alpha1/types_meta.go create mode 100644 generated/1.22/apis/concierge/authentication/v1alpha1/types_tls.go create mode 100644 generated/1.22/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go create mode 100644 generated/1.22/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.22/apis/concierge/config/v1alpha1/doc.go create mode 100644 generated/1.22/apis/concierge/config/v1alpha1/register.go create mode 100644 generated/1.22/apis/concierge/config/v1alpha1/types_credentialissuer.go create mode 100644 generated/1.22/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.22/apis/concierge/identity/doc.go create mode 100644 generated/1.22/apis/concierge/identity/register.go create mode 100644 generated/1.22/apis/concierge/identity/types_userinfo.go create mode 100644 generated/1.22/apis/concierge/identity/types_whoami.go create mode 100644 generated/1.22/apis/concierge/identity/v1alpha1/conversion.go create mode 100644 generated/1.22/apis/concierge/identity/v1alpha1/defaults.go create mode 100644 generated/1.22/apis/concierge/identity/v1alpha1/doc.go create mode 100644 generated/1.22/apis/concierge/identity/v1alpha1/register.go create mode 100644 generated/1.22/apis/concierge/identity/v1alpha1/types_userinfo.go create mode 100644 generated/1.22/apis/concierge/identity/v1alpha1/types_whoami.go create mode 100644 generated/1.22/apis/concierge/identity/v1alpha1/zz_generated.conversion.go create mode 100644 generated/1.22/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.22/apis/concierge/identity/v1alpha1/zz_generated.defaults.go create mode 100644 generated/1.22/apis/concierge/identity/validation/validation.go create mode 100644 generated/1.22/apis/concierge/identity/zz_generated.deepcopy.go create mode 100644 generated/1.22/apis/concierge/login/doc.go create mode 100644 generated/1.22/apis/concierge/login/register.go create mode 100644 generated/1.22/apis/concierge/login/types_clustercred.go create mode 100644 generated/1.22/apis/concierge/login/types_token.go create mode 100644 generated/1.22/apis/concierge/login/v1alpha1/conversion.go create mode 100644 generated/1.22/apis/concierge/login/v1alpha1/defaults.go create mode 100644 generated/1.22/apis/concierge/login/v1alpha1/doc.go create mode 100644 generated/1.22/apis/concierge/login/v1alpha1/register.go create mode 100644 generated/1.22/apis/concierge/login/v1alpha1/types_clustercred.go create mode 100644 generated/1.22/apis/concierge/login/v1alpha1/types_token.go create mode 100644 generated/1.22/apis/concierge/login/v1alpha1/zz_generated.conversion.go create mode 100644 generated/1.22/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.22/apis/concierge/login/v1alpha1/zz_generated.defaults.go create mode 100644 generated/1.22/apis/concierge/login/zz_generated.deepcopy.go create mode 100644 generated/1.22/apis/go.mod create mode 100644 generated/1.22/apis/go.sum create mode 100644 generated/1.22/apis/supervisor/config/v1alpha1/doc.go create mode 100644 generated/1.22/apis/supervisor/config/v1alpha1/register.go create mode 100644 generated/1.22/apis/supervisor/config/v1alpha1/types_federationdomain.go create mode 100644 generated/1.22/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.22/apis/supervisor/idp/v1alpha1/doc.go create mode 100644 generated/1.22/apis/supervisor/idp/v1alpha1/register.go create mode 100644 generated/1.22/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go create mode 100644 generated/1.22/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go create mode 100644 generated/1.22/apis/supervisor/idp/v1alpha1/types_meta.go create mode 100644 generated/1.22/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go create mode 100644 generated/1.22/apis/supervisor/idp/v1alpha1/types_tls.go create mode 100644 generated/1.22/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.22/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go create mode 100644 generated/1.22/apis/supervisor/oidc/types_supervisor_oidc.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/clientset.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/doc.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/fake/clientset_generated.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/fake/doc.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/fake/register.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/scheme/doc.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/scheme/register.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go create mode 100644 generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go create mode 100644 generated/1.22/client/concierge/informers/externalversions/authentication/interface.go create mode 100644 generated/1.22/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go create mode 100644 generated/1.22/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go create mode 100644 generated/1.22/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go create mode 100644 generated/1.22/client/concierge/informers/externalversions/config/interface.go create mode 100644 generated/1.22/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go create mode 100644 generated/1.22/client/concierge/informers/externalversions/config/v1alpha1/interface.go create mode 100644 generated/1.22/client/concierge/informers/externalversions/factory.go create mode 100644 generated/1.22/client/concierge/informers/externalversions/generic.go create mode 100644 generated/1.22/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go create mode 100644 generated/1.22/client/concierge/listers/authentication/v1alpha1/expansion_generated.go create mode 100644 generated/1.22/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go create mode 100644 generated/1.22/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go create mode 100644 generated/1.22/client/concierge/listers/config/v1alpha1/credentialissuer.go create mode 100644 generated/1.22/client/concierge/listers/config/v1alpha1/expansion_generated.go create mode 100644 generated/1.22/client/go.mod create mode 100644 generated/1.22/client/go.sum create mode 100644 generated/1.22/client/supervisor/clientset/versioned/clientset.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/doc.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/fake/clientset_generated.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/fake/doc.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/fake/register.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/scheme/doc.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/scheme/register.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go create mode 100644 generated/1.22/client/supervisor/informers/externalversions/config/interface.go create mode 100644 generated/1.22/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go create mode 100644 generated/1.22/client/supervisor/informers/externalversions/config/v1alpha1/interface.go create mode 100644 generated/1.22/client/supervisor/informers/externalversions/factory.go create mode 100644 generated/1.22/client/supervisor/informers/externalversions/generic.go create mode 100644 generated/1.22/client/supervisor/informers/externalversions/idp/interface.go create mode 100644 generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go create mode 100644 generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go create mode 100644 generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go create mode 100644 generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go create mode 100644 generated/1.22/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go create mode 100644 generated/1.22/client/supervisor/listers/config/v1alpha1/expansion_generated.go create mode 100644 generated/1.22/client/supervisor/listers/config/v1alpha1/federationdomain.go create mode 100644 generated/1.22/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go create mode 100644 generated/1.22/client/supervisor/listers/idp/v1alpha1/expansion_generated.go create mode 100644 generated/1.22/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go create mode 100644 generated/1.22/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go create mode 100644 generated/1.22/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml create mode 100644 generated/1.22/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml create mode 100644 generated/1.22/crds/config.concierge.pinniped.dev_credentialissuers.yaml create mode 100644 generated/1.22/crds/config.supervisor.pinniped.dev_federationdomains.yaml create mode 100644 generated/1.22/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml create mode 100644 generated/1.22/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml create mode 100644 generated/1.22/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml create mode 100644 generated/1.23/README.adoc create mode 100644 generated/1.23/apis/concierge/authentication/v1alpha1/doc.go create mode 100644 generated/1.23/apis/concierge/authentication/v1alpha1/register.go create mode 100644 generated/1.23/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go create mode 100644 generated/1.23/apis/concierge/authentication/v1alpha1/types_meta.go create mode 100644 generated/1.23/apis/concierge/authentication/v1alpha1/types_tls.go create mode 100644 generated/1.23/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go create mode 100644 generated/1.23/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.23/apis/concierge/config/v1alpha1/doc.go create mode 100644 generated/1.23/apis/concierge/config/v1alpha1/register.go create mode 100644 generated/1.23/apis/concierge/config/v1alpha1/types_credentialissuer.go create mode 100644 generated/1.23/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.23/apis/concierge/identity/doc.go create mode 100644 generated/1.23/apis/concierge/identity/register.go create mode 100644 generated/1.23/apis/concierge/identity/types_userinfo.go create mode 100644 generated/1.23/apis/concierge/identity/types_whoami.go create mode 100644 generated/1.23/apis/concierge/identity/v1alpha1/conversion.go create mode 100644 generated/1.23/apis/concierge/identity/v1alpha1/defaults.go create mode 100644 generated/1.23/apis/concierge/identity/v1alpha1/doc.go create mode 100644 generated/1.23/apis/concierge/identity/v1alpha1/register.go create mode 100644 generated/1.23/apis/concierge/identity/v1alpha1/types_userinfo.go create mode 100644 generated/1.23/apis/concierge/identity/v1alpha1/types_whoami.go create mode 100644 generated/1.23/apis/concierge/identity/v1alpha1/zz_generated.conversion.go create mode 100644 generated/1.23/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.23/apis/concierge/identity/v1alpha1/zz_generated.defaults.go create mode 100644 generated/1.23/apis/concierge/identity/validation/validation.go create mode 100644 generated/1.23/apis/concierge/identity/zz_generated.deepcopy.go create mode 100644 generated/1.23/apis/concierge/login/doc.go create mode 100644 generated/1.23/apis/concierge/login/register.go create mode 100644 generated/1.23/apis/concierge/login/types_clustercred.go create mode 100644 generated/1.23/apis/concierge/login/types_token.go create mode 100644 generated/1.23/apis/concierge/login/v1alpha1/conversion.go create mode 100644 generated/1.23/apis/concierge/login/v1alpha1/defaults.go create mode 100644 generated/1.23/apis/concierge/login/v1alpha1/doc.go create mode 100644 generated/1.23/apis/concierge/login/v1alpha1/register.go create mode 100644 generated/1.23/apis/concierge/login/v1alpha1/types_clustercred.go create mode 100644 generated/1.23/apis/concierge/login/v1alpha1/types_token.go create mode 100644 generated/1.23/apis/concierge/login/v1alpha1/zz_generated.conversion.go create mode 100644 generated/1.23/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.23/apis/concierge/login/v1alpha1/zz_generated.defaults.go create mode 100644 generated/1.23/apis/concierge/login/zz_generated.deepcopy.go create mode 100644 generated/1.23/apis/go.mod create mode 100644 generated/1.23/apis/go.sum create mode 100644 generated/1.23/apis/supervisor/config/v1alpha1/doc.go create mode 100644 generated/1.23/apis/supervisor/config/v1alpha1/register.go create mode 100644 generated/1.23/apis/supervisor/config/v1alpha1/types_federationdomain.go create mode 100644 generated/1.23/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.23/apis/supervisor/idp/v1alpha1/doc.go create mode 100644 generated/1.23/apis/supervisor/idp/v1alpha1/register.go create mode 100644 generated/1.23/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go create mode 100644 generated/1.23/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go create mode 100644 generated/1.23/apis/supervisor/idp/v1alpha1/types_meta.go create mode 100644 generated/1.23/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go create mode 100644 generated/1.23/apis/supervisor/idp/v1alpha1/types_tls.go create mode 100644 generated/1.23/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.23/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go create mode 100644 generated/1.23/apis/supervisor/oidc/types_supervisor_oidc.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/clientset.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/doc.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/fake/clientset_generated.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/fake/doc.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/fake/register.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/scheme/doc.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/scheme/register.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go create mode 100644 generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go create mode 100644 generated/1.23/client/concierge/informers/externalversions/authentication/interface.go create mode 100644 generated/1.23/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go create mode 100644 generated/1.23/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go create mode 100644 generated/1.23/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go create mode 100644 generated/1.23/client/concierge/informers/externalversions/config/interface.go create mode 100644 generated/1.23/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go create mode 100644 generated/1.23/client/concierge/informers/externalversions/config/v1alpha1/interface.go create mode 100644 generated/1.23/client/concierge/informers/externalversions/factory.go create mode 100644 generated/1.23/client/concierge/informers/externalversions/generic.go create mode 100644 generated/1.23/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go create mode 100644 generated/1.23/client/concierge/listers/authentication/v1alpha1/expansion_generated.go create mode 100644 generated/1.23/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go create mode 100644 generated/1.23/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go create mode 100644 generated/1.23/client/concierge/listers/config/v1alpha1/credentialissuer.go create mode 100644 generated/1.23/client/concierge/listers/config/v1alpha1/expansion_generated.go create mode 100644 generated/1.23/client/go.mod create mode 100644 generated/1.23/client/go.sum create mode 100644 generated/1.23/client/supervisor/clientset/versioned/clientset.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/doc.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/fake/clientset_generated.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/fake/doc.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/fake/register.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/scheme/doc.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/scheme/register.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go create mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go create mode 100644 generated/1.23/client/supervisor/informers/externalversions/config/interface.go create mode 100644 generated/1.23/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go create mode 100644 generated/1.23/client/supervisor/informers/externalversions/config/v1alpha1/interface.go create mode 100644 generated/1.23/client/supervisor/informers/externalversions/factory.go create mode 100644 generated/1.23/client/supervisor/informers/externalversions/generic.go create mode 100644 generated/1.23/client/supervisor/informers/externalversions/idp/interface.go create mode 100644 generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go create mode 100644 generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go create mode 100644 generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go create mode 100644 generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go create mode 100644 generated/1.23/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go create mode 100644 generated/1.23/client/supervisor/listers/config/v1alpha1/expansion_generated.go create mode 100644 generated/1.23/client/supervisor/listers/config/v1alpha1/federationdomain.go create mode 100644 generated/1.23/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go create mode 100644 generated/1.23/client/supervisor/listers/idp/v1alpha1/expansion_generated.go create mode 100644 generated/1.23/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go create mode 100644 generated/1.23/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go create mode 100644 generated/1.23/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml create mode 100644 generated/1.23/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml create mode 100644 generated/1.23/crds/config.concierge.pinniped.dev_credentialissuers.yaml create mode 100644 generated/1.23/crds/config.supervisor.pinniped.dev_federationdomains.yaml create mode 100644 generated/1.23/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml create mode 100644 generated/1.23/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml create mode 100644 generated/1.23/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml diff --git a/apis/concierge/authentication/v1alpha1/doc.go.tmpl b/apis/concierge/authentication/v1alpha1/doc.go.tmpl index 18505fea..d00d3ba6 100644 --- a/apis/concierge/authentication/v1alpha1/doc.go.tmpl +++ b/apis/concierge/authentication/v1alpha1/doc.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/apis/concierge/authentication/v1alpha1/register.go.tmpl b/apis/concierge/authentication/v1alpha1/register.go.tmpl index a00b5e9e..f58039e4 100644 --- a/apis/concierge/authentication/v1alpha1/register.go.tmpl +++ b/apis/concierge/authentication/v1alpha1/register.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go.tmpl b/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go.tmpl index 0d22d7af..a8596b22 100644 --- a/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go.tmpl +++ b/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/concierge/authentication/v1alpha1/types_meta.go.tmpl b/apis/concierge/authentication/v1alpha1/types_meta.go.tmpl index e59976ff..76a7d547 100644 --- a/apis/concierge/authentication/v1alpha1/types_meta.go.tmpl +++ b/apis/concierge/authentication/v1alpha1/types_meta.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/concierge/authentication/v1alpha1/types_tls.go.tmpl b/apis/concierge/authentication/v1alpha1/types_tls.go.tmpl index f882f2d6..12231665 100644 --- a/apis/concierge/authentication/v1alpha1/types_tls.go.tmpl +++ b/apis/concierge/authentication/v1alpha1/types_tls.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go.tmpl b/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go.tmpl index 2a66815d..77b1e045 100644 --- a/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go.tmpl +++ b/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/concierge/config/v1alpha1/doc.go.tmpl b/apis/concierge/config/v1alpha1/doc.go.tmpl index 6b94e609..97b2f212 100644 --- a/apis/concierge/config/v1alpha1/doc.go.tmpl +++ b/apis/concierge/config/v1alpha1/doc.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/apis/concierge/config/v1alpha1/register.go.tmpl b/apis/concierge/config/v1alpha1/register.go.tmpl index 7ada1d46..8d799898 100644 --- a/apis/concierge/config/v1alpha1/register.go.tmpl +++ b/apis/concierge/config/v1alpha1/register.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/concierge/config/v1alpha1/types_credentialissuer.go.tmpl b/apis/concierge/config/v1alpha1/types_credentialissuer.go.tmpl index 69b4fc13..d1cb160b 100644 --- a/apis/concierge/config/v1alpha1/types_credentialissuer.go.tmpl +++ b/apis/concierge/config/v1alpha1/types_credentialissuer.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/concierge/identity/doc.go.tmpl b/apis/concierge/identity/doc.go.tmpl index 6d821566..130e8942 100644 --- a/apis/concierge/identity/doc.go.tmpl +++ b/apis/concierge/identity/doc.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:deepcopy-gen=package diff --git a/apis/concierge/identity/register.go.tmpl b/apis/concierge/identity/register.go.tmpl index ad0fe3ab..0cefb834 100644 --- a/apis/concierge/identity/register.go.tmpl +++ b/apis/concierge/identity/register.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/apis/concierge/identity/types_userinfo.go.tmpl b/apis/concierge/identity/types_userinfo.go.tmpl index fdd5b258..65eb50cc 100644 --- a/apis/concierge/identity/types_userinfo.go.tmpl +++ b/apis/concierge/identity/types_userinfo.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/apis/concierge/identity/types_whoami.go.tmpl b/apis/concierge/identity/types_whoami.go.tmpl index 133a9a8e..4ba30607 100644 --- a/apis/concierge/identity/types_whoami.go.tmpl +++ b/apis/concierge/identity/types_whoami.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/apis/concierge/identity/v1alpha1/conversion.go.tmpl b/apis/concierge/identity/v1alpha1/conversion.go.tmpl index e7e86b85..63ae004e 100644 --- a/apis/concierge/identity/v1alpha1/conversion.go.tmpl +++ b/apis/concierge/identity/v1alpha1/conversion.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/concierge/identity/v1alpha1/defaults.go.tmpl b/apis/concierge/identity/v1alpha1/defaults.go.tmpl index 8953e608..15c2bec9 100644 --- a/apis/concierge/identity/v1alpha1/defaults.go.tmpl +++ b/apis/concierge/identity/v1alpha1/defaults.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/concierge/identity/v1alpha1/doc.go.tmpl b/apis/concierge/identity/v1alpha1/doc.go.tmpl index d5464c0c..ca854e87 100644 --- a/apis/concierge/identity/v1alpha1/doc.go.tmpl +++ b/apis/concierge/identity/v1alpha1/doc.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/apis/concierge/identity/v1alpha1/register.go.tmpl b/apis/concierge/identity/v1alpha1/register.go.tmpl index 09ecfad8..0e17d584 100644 --- a/apis/concierge/identity/v1alpha1/register.go.tmpl +++ b/apis/concierge/identity/v1alpha1/register.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/concierge/identity/v1alpha1/types_userinfo.go.tmpl b/apis/concierge/identity/v1alpha1/types_userinfo.go.tmpl index dc15fd36..4e509fc1 100644 --- a/apis/concierge/identity/v1alpha1/types_userinfo.go.tmpl +++ b/apis/concierge/identity/v1alpha1/types_userinfo.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/concierge/identity/v1alpha1/types_whoami.go.tmpl b/apis/concierge/identity/v1alpha1/types_whoami.go.tmpl index b9ecadb4..3d884346 100644 --- a/apis/concierge/identity/v1alpha1/types_whoami.go.tmpl +++ b/apis/concierge/identity/v1alpha1/types_whoami.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/concierge/identity/validation/validation.go.tmpl b/apis/concierge/identity/validation/validation.go.tmpl index 05eb0746..41c287f7 100644 --- a/apis/concierge/identity/validation/validation.go.tmpl +++ b/apis/concierge/identity/validation/validation.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package validation diff --git a/apis/concierge/login/doc.go.tmpl b/apis/concierge/login/doc.go.tmpl index d7bfbcbe..14af63a2 100644 --- a/apis/concierge/login/doc.go.tmpl +++ b/apis/concierge/login/doc.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:deepcopy-gen=package diff --git a/apis/concierge/login/register.go.tmpl b/apis/concierge/login/register.go.tmpl index f93663f8..1c3ba130 100644 --- a/apis/concierge/login/register.go.tmpl +++ b/apis/concierge/login/register.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/apis/concierge/login/types_clustercred.go.tmpl b/apis/concierge/login/types_clustercred.go.tmpl index fda1103a..dd683b81 100644 --- a/apis/concierge/login/types_clustercred.go.tmpl +++ b/apis/concierge/login/types_clustercred.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/apis/concierge/login/types_token.go.tmpl b/apis/concierge/login/types_token.go.tmpl index 17a341b2..e3af529e 100644 --- a/apis/concierge/login/types_token.go.tmpl +++ b/apis/concierge/login/types_token.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/apis/concierge/login/v1alpha1/conversion.go.tmpl b/apis/concierge/login/v1alpha1/conversion.go.tmpl index 226f6135..dca8bca2 100644 --- a/apis/concierge/login/v1alpha1/conversion.go.tmpl +++ b/apis/concierge/login/v1alpha1/conversion.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/concierge/login/v1alpha1/defaults.go.tmpl b/apis/concierge/login/v1alpha1/defaults.go.tmpl index 830aa010..12f0acd2 100644 --- a/apis/concierge/login/v1alpha1/defaults.go.tmpl +++ b/apis/concierge/login/v1alpha1/defaults.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/concierge/login/v1alpha1/doc.go.tmpl b/apis/concierge/login/v1alpha1/doc.go.tmpl index 1aa2b9f3..6f6fbdbc 100644 --- a/apis/concierge/login/v1alpha1/doc.go.tmpl +++ b/apis/concierge/login/v1alpha1/doc.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/apis/concierge/login/v1alpha1/register.go.tmpl b/apis/concierge/login/v1alpha1/register.go.tmpl index d5e1ee5e..60efec82 100644 --- a/apis/concierge/login/v1alpha1/register.go.tmpl +++ b/apis/concierge/login/v1alpha1/register.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/concierge/login/v1alpha1/types_clustercred.go.tmpl b/apis/concierge/login/v1alpha1/types_clustercred.go.tmpl index 574e8b51..eb50c7fe 100644 --- a/apis/concierge/login/v1alpha1/types_clustercred.go.tmpl +++ b/apis/concierge/login/v1alpha1/types_clustercred.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/concierge/login/v1alpha1/types_token.go.tmpl b/apis/concierge/login/v1alpha1/types_token.go.tmpl index 53e25645..c8f3b66e 100644 --- a/apis/concierge/login/v1alpha1/types_token.go.tmpl +++ b/apis/concierge/login/v1alpha1/types_token.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/supervisor/config/v1alpha1/doc.go.tmpl b/apis/supervisor/config/v1alpha1/doc.go.tmpl index e5c18a8a..152a2719 100644 --- a/apis/supervisor/config/v1alpha1/doc.go.tmpl +++ b/apis/supervisor/config/v1alpha1/doc.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/apis/supervisor/config/v1alpha1/register.go.tmpl b/apis/supervisor/config/v1alpha1/register.go.tmpl index 32c81af8..69045298 100644 --- a/apis/supervisor/config/v1alpha1/register.go.tmpl +++ b/apis/supervisor/config/v1alpha1/register.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/supervisor/config/v1alpha1/types_federationdomain.go.tmpl b/apis/supervisor/config/v1alpha1/types_federationdomain.go.tmpl index 15e94f62..e92303a9 100644 --- a/apis/supervisor/config/v1alpha1/types_federationdomain.go.tmpl +++ b/apis/supervisor/config/v1alpha1/types_federationdomain.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/supervisor/idp/v1alpha1/doc.go.tmpl b/apis/supervisor/idp/v1alpha1/doc.go.tmpl index 71f2737d..a9e91c47 100644 --- a/apis/supervisor/idp/v1alpha1/doc.go.tmpl +++ b/apis/supervisor/idp/v1alpha1/doc.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/apis/supervisor/idp/v1alpha1/register.go.tmpl b/apis/supervisor/idp/v1alpha1/register.go.tmpl index e3406a81..8829a863 100644 --- a/apis/supervisor/idp/v1alpha1/register.go.tmpl +++ b/apis/supervisor/idp/v1alpha1/register.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/supervisor/idp/v1alpha1/types_meta.go.tmpl b/apis/supervisor/idp/v1alpha1/types_meta.go.tmpl index e04c6f2a..76a7d547 100644 --- a/apis/supervisor/idp/v1alpha1/types_meta.go.tmpl +++ b/apis/supervisor/idp/v1alpha1/types_meta.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/supervisor/idp/v1alpha1/types_tls.go.tmpl b/apis/supervisor/idp/v1alpha1/types_tls.go.tmpl index fa4db315..1413a262 100644 --- a/apis/supervisor/idp/v1alpha1/types_tls.go.tmpl +++ b/apis/supervisor/idp/v1alpha1/types_tls.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go.tmpl b/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go.tmpl index 6ddebe9b..ea055090 100644 --- a/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go.tmpl +++ b/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/apis/supervisor/oidc/types_supervisor_oidc.go.tmpl b/apis/supervisor/oidc/types_supervisor_oidc.go.tmpl index 36d95d18..b35aafcb 100644 --- a/apis/supervisor/oidc/types_supervisor_oidc.go.tmpl +++ b/apis/supervisor/oidc/types_supervisor_oidc.go.tmpl @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package oidc diff --git a/generated/1.17/apis/concierge/authentication/v1alpha1/doc.go b/generated/1.17/apis/concierge/authentication/v1alpha1/doc.go index 18505fea..d00d3ba6 100644 --- a/generated/1.17/apis/concierge/authentication/v1alpha1/doc.go +++ b/generated/1.17/apis/concierge/authentication/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.17/apis/concierge/authentication/v1alpha1/register.go b/generated/1.17/apis/concierge/authentication/v1alpha1/register.go index a00b5e9e..f58039e4 100644 --- a/generated/1.17/apis/concierge/authentication/v1alpha1/register.go +++ b/generated/1.17/apis/concierge/authentication/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.17/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go index 0d22d7af..a8596b22 100644 --- a/generated/1.17/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go +++ b/generated/1.17/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/1.17/apis/concierge/authentication/v1alpha1/types_meta.go index e59976ff..76a7d547 100644 --- a/generated/1.17/apis/concierge/authentication/v1alpha1/types_meta.go +++ b/generated/1.17/apis/concierge/authentication/v1alpha1/types_meta.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/authentication/v1alpha1/types_tls.go b/generated/1.17/apis/concierge/authentication/v1alpha1/types_tls.go index f882f2d6..12231665 100644 --- a/generated/1.17/apis/concierge/authentication/v1alpha1/types_tls.go +++ b/generated/1.17/apis/concierge/authentication/v1alpha1/types_tls.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.17/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go index 2a66815d..77b1e045 100644 --- a/generated/1.17/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go +++ b/generated/1.17/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index a64567b2..011daf87 100644 --- a/generated/1.17/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.17/apis/concierge/config/v1alpha1/doc.go b/generated/1.17/apis/concierge/config/v1alpha1/doc.go index 6b94e609..97b2f212 100644 --- a/generated/1.17/apis/concierge/config/v1alpha1/doc.go +++ b/generated/1.17/apis/concierge/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.17/apis/concierge/config/v1alpha1/register.go b/generated/1.17/apis/concierge/config/v1alpha1/register.go index 7ada1d46..8d799898 100644 --- a/generated/1.17/apis/concierge/config/v1alpha1/register.go +++ b/generated/1.17/apis/concierge/config/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/config/v1alpha1/types_credentialissuer.go b/generated/1.17/apis/concierge/config/v1alpha1/types_credentialissuer.go index 69b4fc13..d1cb160b 100644 --- a/generated/1.17/apis/concierge/config/v1alpha1/types_credentialissuer.go +++ b/generated/1.17/apis/concierge/config/v1alpha1/types_credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go index cf679b2c..4f93cd1d 100644 --- a/generated/1.17/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.17/apis/concierge/identity/doc.go b/generated/1.17/apis/concierge/identity/doc.go index 6d821566..130e8942 100644 --- a/generated/1.17/apis/concierge/identity/doc.go +++ b/generated/1.17/apis/concierge/identity/doc.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:deepcopy-gen=package diff --git a/generated/1.17/apis/concierge/identity/register.go b/generated/1.17/apis/concierge/identity/register.go index ad0fe3ab..0cefb834 100644 --- a/generated/1.17/apis/concierge/identity/register.go +++ b/generated/1.17/apis/concierge/identity/register.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/generated/1.17/apis/concierge/identity/types_userinfo.go b/generated/1.17/apis/concierge/identity/types_userinfo.go index fdd5b258..65eb50cc 100644 --- a/generated/1.17/apis/concierge/identity/types_userinfo.go +++ b/generated/1.17/apis/concierge/identity/types_userinfo.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/generated/1.17/apis/concierge/identity/types_whoami.go b/generated/1.17/apis/concierge/identity/types_whoami.go index 133a9a8e..4ba30607 100644 --- a/generated/1.17/apis/concierge/identity/types_whoami.go +++ b/generated/1.17/apis/concierge/identity/types_whoami.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/generated/1.17/apis/concierge/identity/v1alpha1/conversion.go b/generated/1.17/apis/concierge/identity/v1alpha1/conversion.go index e7e86b85..63ae004e 100644 --- a/generated/1.17/apis/concierge/identity/v1alpha1/conversion.go +++ b/generated/1.17/apis/concierge/identity/v1alpha1/conversion.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/identity/v1alpha1/defaults.go b/generated/1.17/apis/concierge/identity/v1alpha1/defaults.go index 8953e608..15c2bec9 100644 --- a/generated/1.17/apis/concierge/identity/v1alpha1/defaults.go +++ b/generated/1.17/apis/concierge/identity/v1alpha1/defaults.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/identity/v1alpha1/doc.go b/generated/1.17/apis/concierge/identity/v1alpha1/doc.go index 12e348a2..697598d6 100644 --- a/generated/1.17/apis/concierge/identity/v1alpha1/doc.go +++ b/generated/1.17/apis/concierge/identity/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.17/apis/concierge/identity/v1alpha1/register.go b/generated/1.17/apis/concierge/identity/v1alpha1/register.go index 09ecfad8..0e17d584 100644 --- a/generated/1.17/apis/concierge/identity/v1alpha1/register.go +++ b/generated/1.17/apis/concierge/identity/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/identity/v1alpha1/types_userinfo.go b/generated/1.17/apis/concierge/identity/v1alpha1/types_userinfo.go index dc15fd36..4e509fc1 100644 --- a/generated/1.17/apis/concierge/identity/v1alpha1/types_userinfo.go +++ b/generated/1.17/apis/concierge/identity/v1alpha1/types_userinfo.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/identity/v1alpha1/types_whoami.go b/generated/1.17/apis/concierge/identity/v1alpha1/types_whoami.go index b9ecadb4..3d884346 100644 --- a/generated/1.17/apis/concierge/identity/v1alpha1/types_whoami.go +++ b/generated/1.17/apis/concierge/identity/v1alpha1/types_whoami.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.conversion.go index 8ff46c97..c3cc79c3 100644 --- a/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.conversion.go +++ b/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.conversion.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by conversion-gen. DO NOT EDIT. diff --git a/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go index a6733d9d..cb3cb300 100644 --- a/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.defaults.go index b954fa5e..13351449 100644 --- a/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.defaults.go +++ b/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.defaults.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by defaulter-gen. DO NOT EDIT. diff --git a/generated/1.17/apis/concierge/identity/validation/validation.go b/generated/1.17/apis/concierge/identity/validation/validation.go index 7cfab00c..04643e7e 100644 --- a/generated/1.17/apis/concierge/identity/validation/validation.go +++ b/generated/1.17/apis/concierge/identity/validation/validation.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package validation diff --git a/generated/1.17/apis/concierge/identity/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/identity/zz_generated.deepcopy.go index b80f7b8c..f176dfb0 100644 --- a/generated/1.17/apis/concierge/identity/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/identity/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.17/apis/concierge/login/doc.go b/generated/1.17/apis/concierge/login/doc.go index d7bfbcbe..14af63a2 100644 --- a/generated/1.17/apis/concierge/login/doc.go +++ b/generated/1.17/apis/concierge/login/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:deepcopy-gen=package diff --git a/generated/1.17/apis/concierge/login/register.go b/generated/1.17/apis/concierge/login/register.go index f93663f8..1c3ba130 100644 --- a/generated/1.17/apis/concierge/login/register.go +++ b/generated/1.17/apis/concierge/login/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/generated/1.17/apis/concierge/login/types_clustercred.go b/generated/1.17/apis/concierge/login/types_clustercred.go index fda1103a..dd683b81 100644 --- a/generated/1.17/apis/concierge/login/types_clustercred.go +++ b/generated/1.17/apis/concierge/login/types_clustercred.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/generated/1.17/apis/concierge/login/types_token.go b/generated/1.17/apis/concierge/login/types_token.go index 17a341b2..e3af529e 100644 --- a/generated/1.17/apis/concierge/login/types_token.go +++ b/generated/1.17/apis/concierge/login/types_token.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/generated/1.17/apis/concierge/login/v1alpha1/conversion.go b/generated/1.17/apis/concierge/login/v1alpha1/conversion.go index 226f6135..dca8bca2 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/conversion.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/conversion.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/login/v1alpha1/defaults.go b/generated/1.17/apis/concierge/login/v1alpha1/defaults.go index 830aa010..12f0acd2 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/defaults.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/defaults.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/login/v1alpha1/doc.go b/generated/1.17/apis/concierge/login/v1alpha1/doc.go index 424969e2..16371c01 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/doc.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.17/apis/concierge/login/v1alpha1/register.go b/generated/1.17/apis/concierge/login/v1alpha1/register.go index d5e1ee5e..60efec82 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/register.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/login/v1alpha1/types_clustercred.go b/generated/1.17/apis/concierge/login/v1alpha1/types_clustercred.go index 574e8b51..eb50c7fe 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/types_clustercred.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/types_clustercred.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/login/v1alpha1/types_token.go b/generated/1.17/apis/concierge/login/v1alpha1/types_token.go index 53e25645..c8f3b66e 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/types_token.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/types_token.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.conversion.go index 198e34dc..0bfc05b1 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by conversion-gen. DO NOT EDIT. diff --git a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go index c17260e8..18ca4b25 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.defaults.go index b954fa5e..13351449 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.defaults.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.defaults.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by defaulter-gen. DO NOT EDIT. diff --git a/generated/1.17/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/login/zz_generated.deepcopy.go index a65c9486..aa41974e 100644 --- a/generated/1.17/apis/concierge/login/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/login/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.17/apis/go.mod b/generated/1.17/apis/go.mod index 5104a8f1..1b5413f9 100644 --- a/generated/1.17/apis/go.mod +++ b/generated/1.17/apis/go.mod @@ -4,6 +4,6 @@ module go.pinniped.dev/generated/1.17/apis go 1.13 require ( - k8s.io/api v0.17.11 - k8s.io/apimachinery v0.17.11 + k8s.io/api v0.17.16 + k8s.io/apimachinery v0.17.16 ) diff --git a/generated/1.17/apis/go.sum b/generated/1.17/apis/go.sum index 971929d4..688beed9 100644 --- a/generated/1.17/apis/go.sum +++ b/generated/1.17/apis/go.sum @@ -7,7 +7,7 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= github.com/elazarl/goproxy v0.0.0-20170405201442-c4fc26588b6e/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/evanphx/json-patch v0.0.0-20200808040245-162e5629780b/go.mod h1:NAJj0yf/KaRKURN6nyi7A9IZydMivZEm9oQLWNjfKDc= +github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= @@ -29,7 +29,6 @@ github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+ github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.8 h1:QiWkFLKq0T7mpzwOTu6BzNDbfTE8OLrYhVKYMLF46Ok= github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= @@ -94,10 +93,10 @@ gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -k8s.io/api v0.17.11 h1:FAO+RMv/JhjBawixa33qZNZ2Yb5lNjgGuK8IjN2Ac3s= -k8s.io/api v0.17.11/go.mod h1:WR3CbTwCAxtfMcEB6c92W3l5aZw09unPCyxmxjYV3xg= -k8s.io/apimachinery v0.17.11 h1:hgMFLIR+ofBpaPb27lZkf44v3bLn3MLqcbnw32PgoGA= -k8s.io/apimachinery v0.17.11/go.mod h1:q+iFxLyaMeWIBhSlQ4OMkvdwbwrb8Ux0ALl90XD9paU= +k8s.io/api v0.17.16 h1:whKfZJJp9m5fklRnlvO8+mJzpXat0gX0n+90d1hWTu0= +k8s.io/api v0.17.16/go.mod h1:W8uKRxJeYRlAbWuk4CZv6BzuC7KuZnB6bSTPI7Pi8no= +k8s.io/apimachinery v0.17.16 h1:A9HqHhUGgUNwki1c1lY6w773WMY1Qx/jR3r9baX1unQ= +k8s.io/apimachinery v0.17.16/go.mod h1:T54ZSpncArE25c5r2PbUPsLeTpkPWY/ivafigSX6+xk= k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= diff --git a/generated/1.17/apis/supervisor/config/v1alpha1/doc.go b/generated/1.17/apis/supervisor/config/v1alpha1/doc.go index 37f84c0d..28e63b47 100644 --- a/generated/1.17/apis/supervisor/config/v1alpha1/doc.go +++ b/generated/1.17/apis/supervisor/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.17/apis/supervisor/config/v1alpha1/register.go b/generated/1.17/apis/supervisor/config/v1alpha1/register.go index 32c81af8..69045298 100644 --- a/generated/1.17/apis/supervisor/config/v1alpha1/register.go +++ b/generated/1.17/apis/supervisor/config/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/supervisor/config/v1alpha1/types_federationdomain.go b/generated/1.17/apis/supervisor/config/v1alpha1/types_federationdomain.go index 15e94f62..e92303a9 100644 --- a/generated/1.17/apis/supervisor/config/v1alpha1/types_federationdomain.go +++ b/generated/1.17/apis/supervisor/config/v1alpha1/types_federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index fbe695da..5c12910e 100644 --- a/generated/1.17/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.17/apis/supervisor/idp/v1alpha1/doc.go b/generated/1.17/apis/supervisor/idp/v1alpha1/doc.go index 71f2737d..a9e91c47 100644 --- a/generated/1.17/apis/supervisor/idp/v1alpha1/doc.go +++ b/generated/1.17/apis/supervisor/idp/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.17/apis/supervisor/idp/v1alpha1/register.go b/generated/1.17/apis/supervisor/idp/v1alpha1/register.go index e3406a81..8829a863 100644 --- a/generated/1.17/apis/supervisor/idp/v1alpha1/register.go +++ b/generated/1.17/apis/supervisor/idp/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/1.17/apis/supervisor/idp/v1alpha1/types_meta.go index e04c6f2a..76a7d547 100644 --- a/generated/1.17/apis/supervisor/idp/v1alpha1/types_meta.go +++ b/generated/1.17/apis/supervisor/idp/v1alpha1/types_meta.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/supervisor/idp/v1alpha1/types_tls.go b/generated/1.17/apis/supervisor/idp/v1alpha1/types_tls.go index fa4db315..1413a262 100644 --- a/generated/1.17/apis/supervisor/idp/v1alpha1/types_tls.go +++ b/generated/1.17/apis/supervisor/idp/v1alpha1/types_tls.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index 12e67583..b1e1c3dd 100644 --- a/generated/1.17/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.17/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go b/generated/1.17/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go index 6ddebe9b..ea055090 100644 --- a/generated/1.17/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go +++ b/generated/1.17/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.17/apis/supervisor/oidc/types_supervisor_oidc.go b/generated/1.17/apis/supervisor/oidc/types_supervisor_oidc.go index 36d95d18..b35aafcb 100644 --- a/generated/1.17/apis/supervisor/oidc/types_supervisor_oidc.go +++ b/generated/1.17/apis/supervisor/oidc/types_supervisor_oidc.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package oidc diff --git a/generated/1.17/client/concierge/clientset/versioned/clientset.go b/generated/1.17/client/concierge/clientset/versioned/clientset.go index d5fbc377..e1fd341e 100644 --- a/generated/1.17/client/concierge/clientset/versioned/clientset.go +++ b/generated/1.17/client/concierge/clientset/versioned/clientset.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/doc.go b/generated/1.17/client/concierge/clientset/versioned/doc.go index ecbdad66..5dc02e6e 100644 --- a/generated/1.17/client/concierge/clientset/versioned/doc.go +++ b/generated/1.17/client/concierge/clientset/versioned/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/fake/clientset_generated.go b/generated/1.17/client/concierge/clientset/versioned/fake/clientset_generated.go index 1752255e..c094a668 100644 --- a/generated/1.17/client/concierge/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.17/client/concierge/clientset/versioned/fake/clientset_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/fake/doc.go b/generated/1.17/client/concierge/clientset/versioned/fake/doc.go index a2db57bf..7c9538fd 100644 --- a/generated/1.17/client/concierge/clientset/versioned/fake/doc.go +++ b/generated/1.17/client/concierge/clientset/versioned/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/fake/register.go b/generated/1.17/client/concierge/clientset/versioned/fake/register.go index d590f7b5..16a0dcfb 100644 --- a/generated/1.17/client/concierge/clientset/versioned/fake/register.go +++ b/generated/1.17/client/concierge/clientset/versioned/fake/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/scheme/doc.go b/generated/1.17/client/concierge/clientset/versioned/scheme/doc.go index 7d24c5d2..cc02f1d3 100644 --- a/generated/1.17/client/concierge/clientset/versioned/scheme/doc.go +++ b/generated/1.17/client/concierge/clientset/versioned/scheme/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/scheme/register.go b/generated/1.17/client/concierge/clientset/versioned/scheme/register.go index 5e984daf..0f9d2e82 100644 --- a/generated/1.17/client/concierge/clientset/versioned/scheme/register.go +++ b/generated/1.17/client/concierge/clientset/versioned/scheme/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go index 2cb1df88..5b7f89e6 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go index 91739552..adacad84 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go index a3aaac9d..49b835c8 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go index 5b1b13e4..1a47ccc6 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go index 44fba43b..03757746 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go index 203602ad..bfbe8320 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go index 22f4fcb7..578a6c92 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go index 0e09896e..73009195 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go b/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go index 1c8c86e4..8ab2a8d6 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index c9cf176b..f5eb5d2c 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go b/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go index 139cc1ea..dd8d9e27 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index f98d40d0..294cd402 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go b/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go b/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go b/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go index fe0557e0..eb327552 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go b/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go index bf64bad7..c800c17d 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go b/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go index 8bea78ec..925d9ca3 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go b/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go index 17f274df..b7636286 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go b/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go index 7632d169..89628181 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go b/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go b/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go b/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go index 18772767..7b28369b 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go b/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go index aa794422..42724dd0 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go b/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go index 0d67146e..7ed35ca8 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go b/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go index 9df2b973..8ec61813 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go b/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go index 6e8cebee..14f631ae 100644 --- a/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go +++ b/generated/1.17/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/informers/externalversions/authentication/interface.go b/generated/1.17/client/concierge/informers/externalversions/authentication/interface.go index 4733b66e..c548eb94 100644 --- a/generated/1.17/client/concierge/informers/externalversions/authentication/interface.go +++ b/generated/1.17/client/concierge/informers/externalversions/authentication/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go b/generated/1.17/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go index d54f8f70..5f66a4d3 100644 --- a/generated/1.17/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go +++ b/generated/1.17/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go b/generated/1.17/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go index ab53e8d4..1d8d7bbc 100644 --- a/generated/1.17/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/1.17/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/1.17/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go index dd990fdc..a1233135 100644 --- a/generated/1.17/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/1.17/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/informers/externalversions/config/interface.go b/generated/1.17/client/concierge/informers/externalversions/config/interface.go index 3e9699be..0289afb9 100644 --- a/generated/1.17/client/concierge/informers/externalversions/config/interface.go +++ b/generated/1.17/client/concierge/informers/externalversions/config/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go b/generated/1.17/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go index cc5a4509..fc090320 100644 --- a/generated/1.17/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go +++ b/generated/1.17/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/informers/externalversions/config/v1alpha1/interface.go b/generated/1.17/client/concierge/informers/externalversions/config/v1alpha1/interface.go index bfc1bba2..9a9db6ad 100644 --- a/generated/1.17/client/concierge/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.17/client/concierge/informers/externalversions/config/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/informers/externalversions/factory.go b/generated/1.17/client/concierge/informers/externalversions/factory.go index d717e7ff..4552dd78 100644 --- a/generated/1.17/client/concierge/informers/externalversions/factory.go +++ b/generated/1.17/client/concierge/informers/externalversions/factory.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/informers/externalversions/generic.go b/generated/1.17/client/concierge/informers/externalversions/generic.go index d48146d4..dca3b22c 100644 --- a/generated/1.17/client/concierge/informers/externalversions/generic.go +++ b/generated/1.17/client/concierge/informers/externalversions/generic.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.17/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go index 78173a44..d1d7349c 100644 --- a/generated/1.17/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/1.17/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/listers/authentication/v1alpha1/expansion_generated.go b/generated/1.17/client/concierge/listers/authentication/v1alpha1/expansion_generated.go index d78e57b0..665b978e 100644 --- a/generated/1.17/client/concierge/listers/authentication/v1alpha1/expansion_generated.go +++ b/generated/1.17/client/concierge/listers/authentication/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go b/generated/1.17/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go index f06a8ae2..a34db844 100644 --- a/generated/1.17/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/1.17/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.17/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go index 5640e1eb..fd89b62c 100644 --- a/generated/1.17/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/1.17/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/listers/config/v1alpha1/credentialissuer.go b/generated/1.17/client/concierge/listers/config/v1alpha1/credentialissuer.go index 605d78fd..83963194 100644 --- a/generated/1.17/client/concierge/listers/config/v1alpha1/credentialissuer.go +++ b/generated/1.17/client/concierge/listers/config/v1alpha1/credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.17/client/concierge/listers/config/v1alpha1/expansion_generated.go b/generated/1.17/client/concierge/listers/config/v1alpha1/expansion_generated.go index 7fa5be2f..7212c891 100644 --- a/generated/1.17/client/concierge/listers/config/v1alpha1/expansion_generated.go +++ b/generated/1.17/client/concierge/listers/config/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.17/client/go.mod b/generated/1.17/client/go.mod index d9021cd5..d648ab26 100644 --- a/generated/1.17/client/go.mod +++ b/generated/1.17/client/go.mod @@ -4,9 +4,9 @@ module go.pinniped.dev/generated/1.17/client go 1.13 require ( - go.pinniped.dev/generated/1.17/apis v0.0.0-00010101000000-000000000000 - k8s.io/apimachinery v0.17.11 - k8s.io/client-go v0.17.11 + go.pinniped.dev/generated/1.17/apis v0.0.0 + k8s.io/apimachinery v0.17.16 + k8s.io/client-go v0.17.16 ) replace go.pinniped.dev/generated/1.17/apis => ../apis diff --git a/generated/1.17/client/go.sum b/generated/1.17/client/go.sum index fa2463b3..e6a9ec1c 100644 --- a/generated/1.17/client/go.sum +++ b/generated/1.17/client/go.sum @@ -20,8 +20,8 @@ github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZm github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= github.com/elazarl/goproxy v0.0.0-20170405201442-c4fc26588b6e/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/evanphx/json-patch v0.0.0-20200808040245-162e5629780b h1:vCplRbYcTTeBVLjIU0KvipEeVBSxl6sakUBRmeLBTkw= -github.com/evanphx/json-patch v0.0.0-20200808040245-162e5629780b/go.mod h1:NAJj0yf/KaRKURN6nyi7A9IZydMivZEm9oQLWNjfKDc= +github.com/evanphx/json-patch v4.9.0+incompatible h1:kLcOMZeuLAJvL2BPWLMIj5oaZQobrkAqrL+WFZwQses= +github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= @@ -63,7 +63,6 @@ github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.8 h1:QiWkFLKq0T7mpzwOTu6BzNDbfTE8OLrYhVKYMLF46Ok= github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= @@ -177,12 +176,12 @@ gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.17.11 h1:FAO+RMv/JhjBawixa33qZNZ2Yb5lNjgGuK8IjN2Ac3s= -k8s.io/api v0.17.11/go.mod h1:WR3CbTwCAxtfMcEB6c92W3l5aZw09unPCyxmxjYV3xg= -k8s.io/apimachinery v0.17.11 h1:hgMFLIR+ofBpaPb27lZkf44v3bLn3MLqcbnw32PgoGA= -k8s.io/apimachinery v0.17.11/go.mod h1:q+iFxLyaMeWIBhSlQ4OMkvdwbwrb8Ux0ALl90XD9paU= -k8s.io/client-go v0.17.11 h1:IswaAabeyBFGzKjz2eFm4QKXgSwBoWLaRolWXLkaY/M= -k8s.io/client-go v0.17.11/go.mod h1:gCpWJ1+skW2CjzFGChniiXrX2e51gflrCsDsbykZLLQ= +k8s.io/api v0.17.16 h1:whKfZJJp9m5fklRnlvO8+mJzpXat0gX0n+90d1hWTu0= +k8s.io/api v0.17.16/go.mod h1:W8uKRxJeYRlAbWuk4CZv6BzuC7KuZnB6bSTPI7Pi8no= +k8s.io/apimachinery v0.17.16 h1:A9HqHhUGgUNwki1c1lY6w773WMY1Qx/jR3r9baX1unQ= +k8s.io/apimachinery v0.17.16/go.mod h1:T54ZSpncArE25c5r2PbUPsLeTpkPWY/ivafigSX6+xk= +k8s.io/client-go v0.17.16 h1:5g4fmARsp1VFn8tSRZxYpk/DdrT4eGFF/ydYR1tW3VM= +k8s.io/client-go v0.17.16/go.mod h1:TwGfS07/0RyVp+PjSZEg9piBGveZ+hEg9zMUBg1Upbo= k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= diff --git a/generated/1.17/client/supervisor/clientset/versioned/clientset.go b/generated/1.17/client/supervisor/clientset/versioned/clientset.go index b00ba0ff..d1845d53 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/clientset.go +++ b/generated/1.17/client/supervisor/clientset/versioned/clientset.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/doc.go b/generated/1.17/client/supervisor/clientset/versioned/doc.go index ecbdad66..5dc02e6e 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/doc.go +++ b/generated/1.17/client/supervisor/clientset/versioned/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.17/client/supervisor/clientset/versioned/fake/clientset_generated.go index c1c95598..0bc2edfc 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.17/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/fake/doc.go b/generated/1.17/client/supervisor/clientset/versioned/fake/doc.go index a2db57bf..7c9538fd 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/fake/doc.go +++ b/generated/1.17/client/supervisor/clientset/versioned/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/fake/register.go b/generated/1.17/client/supervisor/clientset/versioned/fake/register.go index 1ec70068..5717b4eb 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/1.17/client/supervisor/clientset/versioned/fake/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/scheme/doc.go b/generated/1.17/client/supervisor/clientset/versioned/scheme/doc.go index 7d24c5d2..cc02f1d3 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/scheme/doc.go +++ b/generated/1.17/client/supervisor/clientset/versioned/scheme/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.17/client/supervisor/clientset/versioned/scheme/register.go index 54b4c31f..3d881a08 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/1.17/client/supervisor/clientset/versioned/scheme/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index 1084b248..f5c35bf5 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index 83263c44..406fcd8c 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go index 1f704ef0..4c654ec3 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go index 73b1ea26..dd58769c 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index 116ba682..ba9c9173 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go index bfcd3c10..ddd330a0 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go index 0b3842a0..9dcd4d10 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go index 4879c13e..de53623e 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go index e78bc2df..8ccbcbe0 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go index 2a5491be..e6846018 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go index a7fdb511..cbefaca4 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go index bcae95d9..b0e1d799 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go index 4410da01..b988ddd9 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go index acde992e..f7f6b39b 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/informers/externalversions/config/interface.go b/generated/1.17/client/supervisor/informers/externalversions/config/interface.go index 59025dce..9e8f13ba 100644 --- a/generated/1.17/client/supervisor/informers/externalversions/config/interface.go +++ b/generated/1.17/client/supervisor/informers/externalversions/config/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go b/generated/1.17/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go index bfd63ded..7be6488f 100644 --- a/generated/1.17/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go +++ b/generated/1.17/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.17/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index f1bc9a31..ae8561df 100644 --- a/generated/1.17/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.17/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/informers/externalversions/factory.go b/generated/1.17/client/supervisor/informers/externalversions/factory.go index 06762fd2..10a7bf92 100644 --- a/generated/1.17/client/supervisor/informers/externalversions/factory.go +++ b/generated/1.17/client/supervisor/informers/externalversions/factory.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/informers/externalversions/generic.go b/generated/1.17/client/supervisor/informers/externalversions/generic.go index b3f29c6a..945a84dd 100644 --- a/generated/1.17/client/supervisor/informers/externalversions/generic.go +++ b/generated/1.17/client/supervisor/informers/externalversions/generic.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/informers/externalversions/idp/interface.go b/generated/1.17/client/supervisor/informers/externalversions/idp/interface.go index 87190a8c..64d08063 100644 --- a/generated/1.17/client/supervisor/informers/externalversions/idp/interface.go +++ b/generated/1.17/client/supervisor/informers/externalversions/idp/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.17/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go index 4757c8ae..f15cc4c1 100644 --- a/generated/1.17/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.17/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go b/generated/1.17/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go index 4e29527e..e2a753cf 100644 --- a/generated/1.17/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go +++ b/generated/1.17/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go b/generated/1.17/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go index af8c9e06..98130139 100644 --- a/generated/1.17/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.17/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go b/generated/1.17/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go index c1c03129..c0611dfd 100644 --- a/generated/1.17/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.17/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.17/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go index fbca5c4c..236553a5 100644 --- a/generated/1.17/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/1.17/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.17/client/supervisor/listers/config/v1alpha1/expansion_generated.go index 4fd0edbc..d59892c4 100644 --- a/generated/1.17/client/supervisor/listers/config/v1alpha1/expansion_generated.go +++ b/generated/1.17/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/listers/config/v1alpha1/federationdomain.go b/generated/1.17/client/supervisor/listers/config/v1alpha1/federationdomain.go index 8cd73ffe..45aaba22 100644 --- a/generated/1.17/client/supervisor/listers/config/v1alpha1/federationdomain.go +++ b/generated/1.17/client/supervisor/listers/config/v1alpha1/federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.17/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go index 7dbde172..a5634374 100644 --- a/generated/1.17/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.17/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/listers/idp/v1alpha1/expansion_generated.go b/generated/1.17/client/supervisor/listers/idp/v1alpha1/expansion_generated.go index 7c625e80..d79cd0fe 100644 --- a/generated/1.17/client/supervisor/listers/idp/v1alpha1/expansion_generated.go +++ b/generated/1.17/client/supervisor/listers/idp/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go b/generated/1.17/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go index 9544d75d..a44ccfec 100644 --- a/generated/1.17/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.17/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.17/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go b/generated/1.17/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go index de7c98f7..09f81828 100644 --- a/generated/1.17/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.17/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.18/apis/concierge/authentication/v1alpha1/doc.go b/generated/1.18/apis/concierge/authentication/v1alpha1/doc.go index 18505fea..d00d3ba6 100644 --- a/generated/1.18/apis/concierge/authentication/v1alpha1/doc.go +++ b/generated/1.18/apis/concierge/authentication/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.18/apis/concierge/authentication/v1alpha1/register.go b/generated/1.18/apis/concierge/authentication/v1alpha1/register.go index a00b5e9e..f58039e4 100644 --- a/generated/1.18/apis/concierge/authentication/v1alpha1/register.go +++ b/generated/1.18/apis/concierge/authentication/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.18/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go index 0d22d7af..a8596b22 100644 --- a/generated/1.18/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go +++ b/generated/1.18/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/1.18/apis/concierge/authentication/v1alpha1/types_meta.go index e59976ff..76a7d547 100644 --- a/generated/1.18/apis/concierge/authentication/v1alpha1/types_meta.go +++ b/generated/1.18/apis/concierge/authentication/v1alpha1/types_meta.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/authentication/v1alpha1/types_tls.go b/generated/1.18/apis/concierge/authentication/v1alpha1/types_tls.go index f882f2d6..12231665 100644 --- a/generated/1.18/apis/concierge/authentication/v1alpha1/types_tls.go +++ b/generated/1.18/apis/concierge/authentication/v1alpha1/types_tls.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.18/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go index 2a66815d..77b1e045 100644 --- a/generated/1.18/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go +++ b/generated/1.18/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index a64567b2..011daf87 100644 --- a/generated/1.18/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.18/apis/concierge/config/v1alpha1/doc.go b/generated/1.18/apis/concierge/config/v1alpha1/doc.go index 6b94e609..97b2f212 100644 --- a/generated/1.18/apis/concierge/config/v1alpha1/doc.go +++ b/generated/1.18/apis/concierge/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.18/apis/concierge/config/v1alpha1/register.go b/generated/1.18/apis/concierge/config/v1alpha1/register.go index 7ada1d46..8d799898 100644 --- a/generated/1.18/apis/concierge/config/v1alpha1/register.go +++ b/generated/1.18/apis/concierge/config/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/config/v1alpha1/types_credentialissuer.go b/generated/1.18/apis/concierge/config/v1alpha1/types_credentialissuer.go index 69b4fc13..d1cb160b 100644 --- a/generated/1.18/apis/concierge/config/v1alpha1/types_credentialissuer.go +++ b/generated/1.18/apis/concierge/config/v1alpha1/types_credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go index cf679b2c..4f93cd1d 100644 --- a/generated/1.18/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.18/apis/concierge/identity/doc.go b/generated/1.18/apis/concierge/identity/doc.go index 6d821566..130e8942 100644 --- a/generated/1.18/apis/concierge/identity/doc.go +++ b/generated/1.18/apis/concierge/identity/doc.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:deepcopy-gen=package diff --git a/generated/1.18/apis/concierge/identity/register.go b/generated/1.18/apis/concierge/identity/register.go index ad0fe3ab..0cefb834 100644 --- a/generated/1.18/apis/concierge/identity/register.go +++ b/generated/1.18/apis/concierge/identity/register.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/generated/1.18/apis/concierge/identity/types_userinfo.go b/generated/1.18/apis/concierge/identity/types_userinfo.go index fdd5b258..65eb50cc 100644 --- a/generated/1.18/apis/concierge/identity/types_userinfo.go +++ b/generated/1.18/apis/concierge/identity/types_userinfo.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/generated/1.18/apis/concierge/identity/types_whoami.go b/generated/1.18/apis/concierge/identity/types_whoami.go index 133a9a8e..4ba30607 100644 --- a/generated/1.18/apis/concierge/identity/types_whoami.go +++ b/generated/1.18/apis/concierge/identity/types_whoami.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/generated/1.18/apis/concierge/identity/v1alpha1/conversion.go b/generated/1.18/apis/concierge/identity/v1alpha1/conversion.go index e7e86b85..63ae004e 100644 --- a/generated/1.18/apis/concierge/identity/v1alpha1/conversion.go +++ b/generated/1.18/apis/concierge/identity/v1alpha1/conversion.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/identity/v1alpha1/defaults.go b/generated/1.18/apis/concierge/identity/v1alpha1/defaults.go index 8953e608..15c2bec9 100644 --- a/generated/1.18/apis/concierge/identity/v1alpha1/defaults.go +++ b/generated/1.18/apis/concierge/identity/v1alpha1/defaults.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/identity/v1alpha1/doc.go b/generated/1.18/apis/concierge/identity/v1alpha1/doc.go index 7b075a7b..da7637f8 100644 --- a/generated/1.18/apis/concierge/identity/v1alpha1/doc.go +++ b/generated/1.18/apis/concierge/identity/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.18/apis/concierge/identity/v1alpha1/register.go b/generated/1.18/apis/concierge/identity/v1alpha1/register.go index 09ecfad8..0e17d584 100644 --- a/generated/1.18/apis/concierge/identity/v1alpha1/register.go +++ b/generated/1.18/apis/concierge/identity/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/identity/v1alpha1/types_userinfo.go b/generated/1.18/apis/concierge/identity/v1alpha1/types_userinfo.go index dc15fd36..4e509fc1 100644 --- a/generated/1.18/apis/concierge/identity/v1alpha1/types_userinfo.go +++ b/generated/1.18/apis/concierge/identity/v1alpha1/types_userinfo.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/identity/v1alpha1/types_whoami.go b/generated/1.18/apis/concierge/identity/v1alpha1/types_whoami.go index b9ecadb4..3d884346 100644 --- a/generated/1.18/apis/concierge/identity/v1alpha1/types_whoami.go +++ b/generated/1.18/apis/concierge/identity/v1alpha1/types_whoami.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.conversion.go index 7b705826..c4ac66f7 100644 --- a/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.conversion.go +++ b/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.conversion.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by conversion-gen. DO NOT EDIT. diff --git a/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go index a6733d9d..cb3cb300 100644 --- a/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.defaults.go index b954fa5e..13351449 100644 --- a/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.defaults.go +++ b/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.defaults.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by defaulter-gen. DO NOT EDIT. diff --git a/generated/1.18/apis/concierge/identity/validation/validation.go b/generated/1.18/apis/concierge/identity/validation/validation.go index 6b823a68..a5474391 100644 --- a/generated/1.18/apis/concierge/identity/validation/validation.go +++ b/generated/1.18/apis/concierge/identity/validation/validation.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package validation diff --git a/generated/1.18/apis/concierge/identity/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/identity/zz_generated.deepcopy.go index b80f7b8c..f176dfb0 100644 --- a/generated/1.18/apis/concierge/identity/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/identity/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.18/apis/concierge/login/doc.go b/generated/1.18/apis/concierge/login/doc.go index d7bfbcbe..14af63a2 100644 --- a/generated/1.18/apis/concierge/login/doc.go +++ b/generated/1.18/apis/concierge/login/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:deepcopy-gen=package diff --git a/generated/1.18/apis/concierge/login/register.go b/generated/1.18/apis/concierge/login/register.go index f93663f8..1c3ba130 100644 --- a/generated/1.18/apis/concierge/login/register.go +++ b/generated/1.18/apis/concierge/login/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/generated/1.18/apis/concierge/login/types_clustercred.go b/generated/1.18/apis/concierge/login/types_clustercred.go index fda1103a..dd683b81 100644 --- a/generated/1.18/apis/concierge/login/types_clustercred.go +++ b/generated/1.18/apis/concierge/login/types_clustercred.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/generated/1.18/apis/concierge/login/types_token.go b/generated/1.18/apis/concierge/login/types_token.go index 17a341b2..e3af529e 100644 --- a/generated/1.18/apis/concierge/login/types_token.go +++ b/generated/1.18/apis/concierge/login/types_token.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/generated/1.18/apis/concierge/login/v1alpha1/conversion.go b/generated/1.18/apis/concierge/login/v1alpha1/conversion.go index 226f6135..dca8bca2 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/conversion.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/conversion.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/login/v1alpha1/defaults.go b/generated/1.18/apis/concierge/login/v1alpha1/defaults.go index 830aa010..12f0acd2 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/defaults.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/defaults.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/login/v1alpha1/doc.go b/generated/1.18/apis/concierge/login/v1alpha1/doc.go index ade5af8f..c410cff4 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/doc.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.18/apis/concierge/login/v1alpha1/register.go b/generated/1.18/apis/concierge/login/v1alpha1/register.go index d5e1ee5e..60efec82 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/register.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/login/v1alpha1/types_clustercred.go b/generated/1.18/apis/concierge/login/v1alpha1/types_clustercred.go index 574e8b51..eb50c7fe 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/types_clustercred.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/types_clustercred.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/login/v1alpha1/types_token.go b/generated/1.18/apis/concierge/login/v1alpha1/types_token.go index 53e25645..c8f3b66e 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/types_token.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/types_token.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.conversion.go index 00d03184..23a85fce 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by conversion-gen. DO NOT EDIT. diff --git a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go index c17260e8..18ca4b25 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.defaults.go index b954fa5e..13351449 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.defaults.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.defaults.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by defaulter-gen. DO NOT EDIT. diff --git a/generated/1.18/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/login/zz_generated.deepcopy.go index a65c9486..aa41974e 100644 --- a/generated/1.18/apis/concierge/login/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/login/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.18/apis/go.mod b/generated/1.18/apis/go.mod index 6940a6e9..831c21cf 100644 --- a/generated/1.18/apis/go.mod +++ b/generated/1.18/apis/go.mod @@ -4,6 +4,6 @@ module go.pinniped.dev/generated/1.18/apis go 1.13 require ( - k8s.io/api v0.18.2 - k8s.io/apimachinery v0.18.2 + k8s.io/api v0.18.18 + k8s.io/apimachinery v0.18.18 ) diff --git a/generated/1.18/apis/go.sum b/generated/1.18/apis/go.sum index 4ee816ab..3cbc46a4 100644 --- a/generated/1.18/apis/go.sum +++ b/generated/1.18/apis/go.sum @@ -7,7 +7,7 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= @@ -15,8 +15,8 @@ github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+ github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= -github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls= -github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -34,7 +34,7 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.8 h1:QiWkFLKq0T7mpzwOTu6BzNDbfTE8OLrYhVKYMLF46Ok= github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= @@ -55,6 +55,7 @@ github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= @@ -64,25 +65,46 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20191004110552-13f9640d40b9 h1:rjwSpXsdiK0dV8/Naq3kAw9ymfAeJIyd0upUIElB+lI= -golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201110031124-69a78807bb2b h1:uwuIcX0g4Yl1NC5XAz37xsr2lTtcqevgzYNVt49waME= +golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7 h1:HmbHVPwrPEKPGLAcHSrMe6+hqSUlvZU0rab6x5EXfGU= -golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201112073958-5cba982894dd h1:5CtCZbICpIOFdgO940moixOPjc0178IU44m4EjOO5IY= +golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -94,15 +116,15 @@ gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -k8s.io/api v0.18.2 h1:wG5g5ZmSVgm5B+eHMIbI9EGATS2L8Z72rda19RIEgY8= -k8s.io/api v0.18.2/go.mod h1:SJCWI7OLzhZSvbY7U8zwNl9UA4o1fizoug34OV/2r78= -k8s.io/apimachinery v0.18.2 h1:44CmtbmkzVDAhCpRVSiP2R5PPrC2RtlIv/MoB8xpdRA= -k8s.io/apimachinery v0.18.2/go.mod h1:9SnR/e11v5IbyPCGbvJViimtJ0SwHG4nfZFjU77ftcA= +k8s.io/api v0.18.18 h1:h+IFTkmyQ5ZwJGy3kG+JXcNYxjRgkJCXHdiFvF284D4= +k8s.io/api v0.18.18/go.mod h1:Gq0a7seDxpP8TmcLbtdKv/2kulShUvq7MH4jIh7FiWU= +k8s.io/apimachinery v0.18.18 h1:gKUaOQ0LVklTxXJUs4MbUmGQF8tuthnkhhPyXLZEbQw= +k8s.io/apimachinery v0.18.18/go.mod h1:z3HWT24PKvOWfgF+z68R7+Jj761mphku1J34CGG9NDc= k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= -k8s.io/kube-openapi v0.0.0-20200121204235-bf4fb3bd569c/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E= +k8s.io/kube-openapi v0.0.0-20200410145947-61e04a5be9a6/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E= sigs.k8s.io/structured-merge-diff/v3 v3.0.0-20200116222232-67a7b8c61874/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw= sigs.k8s.io/structured-merge-diff/v3 v3.0.0 h1:dOmIZBMfhcHS09XZkMyUgkq5trg3/jRyJYFZUiaOp8E= sigs.k8s.io/structured-merge-diff/v3 v3.0.0/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw= diff --git a/generated/1.18/apis/supervisor/config/v1alpha1/doc.go b/generated/1.18/apis/supervisor/config/v1alpha1/doc.go index 3b292e25..4fd26eb1 100644 --- a/generated/1.18/apis/supervisor/config/v1alpha1/doc.go +++ b/generated/1.18/apis/supervisor/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.18/apis/supervisor/config/v1alpha1/register.go b/generated/1.18/apis/supervisor/config/v1alpha1/register.go index 32c81af8..69045298 100644 --- a/generated/1.18/apis/supervisor/config/v1alpha1/register.go +++ b/generated/1.18/apis/supervisor/config/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/supervisor/config/v1alpha1/types_federationdomain.go b/generated/1.18/apis/supervisor/config/v1alpha1/types_federationdomain.go index 15e94f62..e92303a9 100644 --- a/generated/1.18/apis/supervisor/config/v1alpha1/types_federationdomain.go +++ b/generated/1.18/apis/supervisor/config/v1alpha1/types_federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index fbe695da..5c12910e 100644 --- a/generated/1.18/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.18/apis/supervisor/idp/v1alpha1/doc.go b/generated/1.18/apis/supervisor/idp/v1alpha1/doc.go index 71f2737d..a9e91c47 100644 --- a/generated/1.18/apis/supervisor/idp/v1alpha1/doc.go +++ b/generated/1.18/apis/supervisor/idp/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.18/apis/supervisor/idp/v1alpha1/register.go b/generated/1.18/apis/supervisor/idp/v1alpha1/register.go index e3406a81..8829a863 100644 --- a/generated/1.18/apis/supervisor/idp/v1alpha1/register.go +++ b/generated/1.18/apis/supervisor/idp/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/1.18/apis/supervisor/idp/v1alpha1/types_meta.go index e04c6f2a..76a7d547 100644 --- a/generated/1.18/apis/supervisor/idp/v1alpha1/types_meta.go +++ b/generated/1.18/apis/supervisor/idp/v1alpha1/types_meta.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/supervisor/idp/v1alpha1/types_tls.go b/generated/1.18/apis/supervisor/idp/v1alpha1/types_tls.go index fa4db315..1413a262 100644 --- a/generated/1.18/apis/supervisor/idp/v1alpha1/types_tls.go +++ b/generated/1.18/apis/supervisor/idp/v1alpha1/types_tls.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index 12e67583..b1e1c3dd 100644 --- a/generated/1.18/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.18/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go b/generated/1.18/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go index 6ddebe9b..ea055090 100644 --- a/generated/1.18/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go +++ b/generated/1.18/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.18/apis/supervisor/oidc/types_supervisor_oidc.go b/generated/1.18/apis/supervisor/oidc/types_supervisor_oidc.go index 36d95d18..b35aafcb 100644 --- a/generated/1.18/apis/supervisor/oidc/types_supervisor_oidc.go +++ b/generated/1.18/apis/supervisor/oidc/types_supervisor_oidc.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package oidc diff --git a/generated/1.18/client/concierge/clientset/versioned/clientset.go b/generated/1.18/client/concierge/clientset/versioned/clientset.go index 20ce843f..7f7bef95 100644 --- a/generated/1.18/client/concierge/clientset/versioned/clientset.go +++ b/generated/1.18/client/concierge/clientset/versioned/clientset.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/doc.go b/generated/1.18/client/concierge/clientset/versioned/doc.go index ecbdad66..5dc02e6e 100644 --- a/generated/1.18/client/concierge/clientset/versioned/doc.go +++ b/generated/1.18/client/concierge/clientset/versioned/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/fake/clientset_generated.go b/generated/1.18/client/concierge/clientset/versioned/fake/clientset_generated.go index a448cbf4..e8fd0238 100644 --- a/generated/1.18/client/concierge/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.18/client/concierge/clientset/versioned/fake/clientset_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/fake/doc.go b/generated/1.18/client/concierge/clientset/versioned/fake/doc.go index a2db57bf..7c9538fd 100644 --- a/generated/1.18/client/concierge/clientset/versioned/fake/doc.go +++ b/generated/1.18/client/concierge/clientset/versioned/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/fake/register.go b/generated/1.18/client/concierge/clientset/versioned/fake/register.go index e0487917..8f940ac7 100644 --- a/generated/1.18/client/concierge/clientset/versioned/fake/register.go +++ b/generated/1.18/client/concierge/clientset/versioned/fake/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/scheme/doc.go b/generated/1.18/client/concierge/clientset/versioned/scheme/doc.go index 7d24c5d2..cc02f1d3 100644 --- a/generated/1.18/client/concierge/clientset/versioned/scheme/doc.go +++ b/generated/1.18/client/concierge/clientset/versioned/scheme/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/scheme/register.go b/generated/1.18/client/concierge/clientset/versioned/scheme/register.go index 863de6c7..9814107f 100644 --- a/generated/1.18/client/concierge/clientset/versioned/scheme/register.go +++ b/generated/1.18/client/concierge/clientset/versioned/scheme/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go index 99b79a6e..26474c16 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go index 217ed9d2..a29ee13b 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go index 8645ed3f..4d1950e0 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go index 9067a446..b412904c 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go index 44fba43b..03757746 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go index ed50a527..967b5dbd 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go index 2c4ae776..69072c3a 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go index 0e336ed6..9014a1a4 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go b/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go index 6e8e86b5..b2b7f23b 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index 9df502b9..5b170a43 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go b/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go index acf07df2..05cd7585 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index f98d40d0..294cd402 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go b/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go b/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go b/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go index 16bf0245..1aedb412 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go b/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go index a948ade0..712fe9fc 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go b/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go index 8bea78ec..925d9ca3 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go b/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go index 826a49fe..a87ece87 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go b/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go index c6043305..5ad96f74 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go b/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go b/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go b/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go index 129da501..7c88c45c 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go b/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go index 73f18d32..080dae06 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go b/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go index 0d67146e..7ed35ca8 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go b/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go index 7f86030f..ef206290 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go b/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go index 56514418..383ca7f5 100644 --- a/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go +++ b/generated/1.18/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/informers/externalversions/authentication/interface.go b/generated/1.18/client/concierge/informers/externalversions/authentication/interface.go index 11a03463..3751cd90 100644 --- a/generated/1.18/client/concierge/informers/externalversions/authentication/interface.go +++ b/generated/1.18/client/concierge/informers/externalversions/authentication/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go b/generated/1.18/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go index 4c78e3a5..f091e84e 100644 --- a/generated/1.18/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go +++ b/generated/1.18/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go b/generated/1.18/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go index 17d19ead..93b0ff1d 100644 --- a/generated/1.18/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/1.18/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/1.18/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go index bdfc3121..3e2740a0 100644 --- a/generated/1.18/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/1.18/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/informers/externalversions/config/interface.go b/generated/1.18/client/concierge/informers/externalversions/config/interface.go index f299579d..2683f9c2 100644 --- a/generated/1.18/client/concierge/informers/externalversions/config/interface.go +++ b/generated/1.18/client/concierge/informers/externalversions/config/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go b/generated/1.18/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go index 3e3b0b06..9f987106 100644 --- a/generated/1.18/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go +++ b/generated/1.18/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/informers/externalversions/config/v1alpha1/interface.go b/generated/1.18/client/concierge/informers/externalversions/config/v1alpha1/interface.go index f10e7bd7..cbf2a92b 100644 --- a/generated/1.18/client/concierge/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.18/client/concierge/informers/externalversions/config/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/informers/externalversions/factory.go b/generated/1.18/client/concierge/informers/externalversions/factory.go index c6c36cb7..9e124237 100644 --- a/generated/1.18/client/concierge/informers/externalversions/factory.go +++ b/generated/1.18/client/concierge/informers/externalversions/factory.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/informers/externalversions/generic.go b/generated/1.18/client/concierge/informers/externalversions/generic.go index 6bdf7347..3015bb65 100644 --- a/generated/1.18/client/concierge/informers/externalversions/generic.go +++ b/generated/1.18/client/concierge/informers/externalversions/generic.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.18/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go index a62a57b5..cdb5ce2f 100644 --- a/generated/1.18/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/1.18/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/listers/authentication/v1alpha1/expansion_generated.go b/generated/1.18/client/concierge/listers/authentication/v1alpha1/expansion_generated.go index d78e57b0..665b978e 100644 --- a/generated/1.18/client/concierge/listers/authentication/v1alpha1/expansion_generated.go +++ b/generated/1.18/client/concierge/listers/authentication/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go b/generated/1.18/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go index 0626d014..c20bcbc6 100644 --- a/generated/1.18/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/1.18/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.18/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go index b96e315b..879c17a3 100644 --- a/generated/1.18/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/1.18/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/listers/config/v1alpha1/credentialissuer.go b/generated/1.18/client/concierge/listers/config/v1alpha1/credentialissuer.go index aaeb5b86..8b24c1ed 100644 --- a/generated/1.18/client/concierge/listers/config/v1alpha1/credentialissuer.go +++ b/generated/1.18/client/concierge/listers/config/v1alpha1/credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.18/client/concierge/listers/config/v1alpha1/expansion_generated.go b/generated/1.18/client/concierge/listers/config/v1alpha1/expansion_generated.go index 7fa5be2f..7212c891 100644 --- a/generated/1.18/client/concierge/listers/config/v1alpha1/expansion_generated.go +++ b/generated/1.18/client/concierge/listers/config/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.18/client/go.mod b/generated/1.18/client/go.mod index 15dfad87..72e3cc48 100644 --- a/generated/1.18/client/go.mod +++ b/generated/1.18/client/go.mod @@ -4,9 +4,9 @@ module go.pinniped.dev/generated/1.18/client go 1.13 require ( - go.pinniped.dev/generated/1.18/apis v0.0.0-00010101000000-000000000000 - k8s.io/apimachinery v0.18.2 - k8s.io/client-go v0.18.2 + go.pinniped.dev/generated/1.18/apis v0.0.0 + k8s.io/apimachinery v0.18.18 + k8s.io/client-go v0.18.18 ) replace go.pinniped.dev/generated/1.18/apis => ../apis diff --git a/generated/1.18/client/go.sum b/generated/1.18/client/go.sum index 3628076f..ffa5cdd5 100644 --- a/generated/1.18/client/go.sum +++ b/generated/1.18/client/go.sum @@ -20,8 +20,8 @@ github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZm github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/evanphx/json-patch v4.2.0+incompatible h1:fUDGZCv/7iAN7u0puUVhvKCcsR6vRfwrJatElLBEf0I= -github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch v4.9.0+incompatible h1:kLcOMZeuLAJvL2BPWLMIj5oaZQobrkAqrL+WFZwQses= +github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= @@ -30,8 +30,8 @@ github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+ github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= -github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls= -github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903 h1:LbsanbbD6LieFkXbj9YNNBupiGHJgFeLpO0j0Fza1h8= github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -69,7 +69,7 @@ github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCV github.com/json-iterator/go v1.1.8 h1:QiWkFLKq0T7mpzwOTu6BzNDbfTE8OLrYhVKYMLF46Ok= github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= -github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= @@ -93,6 +93,8 @@ github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGV github.com/onsi/gomega v1.7.0 h1:XPnZz8VVBHjVsy1vzJmRwIcSwiUO+JFfrv/xGiigmME= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= +github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= @@ -103,15 +105,20 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975 h1:/Tl7pH94bvbAAHBdZJT947M/+gp0+CqQXDtMRC0fseo= -golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -120,8 +127,11 @@ golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73r golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20191004110552-13f9640d40b9 h1:rjwSpXsdiK0dV8/Naq3kAw9ymfAeJIyd0upUIElB+lI= -golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201110031124-69a78807bb2b h1:uwuIcX0g4Yl1NC5XAz37xsr2lTtcqevgzYNVt49waME= +golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45 h1:SVwTIAaPC2U/AvvLNZ2a7OVsmBpC8L5BlwK1whH3hm0= @@ -130,28 +140,38 @@ golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7 h1:HmbHVPwrPEKPGLAcHSrMe6+hqSUlvZU0rab6x5EXfGU= -golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201112073958-5cba982894dd h1:5CtCZbICpIOFdgO940moixOPjc0178IU44m4EjOO5IY= +golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -176,19 +196,19 @@ gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.18.2 h1:wG5g5ZmSVgm5B+eHMIbI9EGATS2L8Z72rda19RIEgY8= -k8s.io/api v0.18.2/go.mod h1:SJCWI7OLzhZSvbY7U8zwNl9UA4o1fizoug34OV/2r78= -k8s.io/apimachinery v0.18.2 h1:44CmtbmkzVDAhCpRVSiP2R5PPrC2RtlIv/MoB8xpdRA= -k8s.io/apimachinery v0.18.2/go.mod h1:9SnR/e11v5IbyPCGbvJViimtJ0SwHG4nfZFjU77ftcA= -k8s.io/client-go v0.18.2 h1:aLB0iaD4nmwh7arT2wIn+lMnAq7OswjaejkQ8p9bBYE= -k8s.io/client-go v0.18.2/go.mod h1:Xcm5wVGXX9HAA2JJ2sSBUn3tCJ+4SVlCbl2MNNv+CIU= +k8s.io/api v0.18.18 h1:h+IFTkmyQ5ZwJGy3kG+JXcNYxjRgkJCXHdiFvF284D4= +k8s.io/api v0.18.18/go.mod h1:Gq0a7seDxpP8TmcLbtdKv/2kulShUvq7MH4jIh7FiWU= +k8s.io/apimachinery v0.18.18 h1:gKUaOQ0LVklTxXJUs4MbUmGQF8tuthnkhhPyXLZEbQw= +k8s.io/apimachinery v0.18.18/go.mod h1:z3HWT24PKvOWfgF+z68R7+Jj761mphku1J34CGG9NDc= +k8s.io/client-go v0.18.18 h1:UBrr6T0aE58M7xRN1/yKk/c7pPaZDxGje7IR3DBSYZE= +k8s.io/client-go v0.18.18/go.mod h1:QwpPMoXp10trnFR4Dd+VRrkqbTqokwu0BgkJ63v/iRE= k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= -k8s.io/kube-openapi v0.0.0-20200121204235-bf4fb3bd569c h1:/KUFqjjqAcY4Us6luF5RDNZ16KJtb49HfR3ZHB9qYXM= -k8s.io/kube-openapi v0.0.0-20200121204235-bf4fb3bd569c/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E= +k8s.io/kube-openapi v0.0.0-20200410145947-61e04a5be9a6 h1:Oh3Mzx5pJ+yIumsAD0MOECPVeXsVot0UkiaCGVyfGQY= +k8s.io/kube-openapi v0.0.0-20200410145947-61e04a5be9a6/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E= k8s.io/utils v0.0.0-20200324210504-a9aa75ae1b89 h1:d4vVOjXm687F1iLSP2q3lyPPuyvTUt3aVoBpi2DqRsU= k8s.io/utils v0.0.0-20200324210504-a9aa75ae1b89/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= sigs.k8s.io/structured-merge-diff/v3 v3.0.0-20200116222232-67a7b8c61874/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw= diff --git a/generated/1.18/client/supervisor/clientset/versioned/clientset.go b/generated/1.18/client/supervisor/clientset/versioned/clientset.go index fec5c6b4..1427efc1 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/clientset.go +++ b/generated/1.18/client/supervisor/clientset/versioned/clientset.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/doc.go b/generated/1.18/client/supervisor/clientset/versioned/doc.go index ecbdad66..5dc02e6e 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/doc.go +++ b/generated/1.18/client/supervisor/clientset/versioned/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.18/client/supervisor/clientset/versioned/fake/clientset_generated.go index 5198f399..4a5361d2 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.18/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/fake/doc.go b/generated/1.18/client/supervisor/clientset/versioned/fake/doc.go index a2db57bf..7c9538fd 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/fake/doc.go +++ b/generated/1.18/client/supervisor/clientset/versioned/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/fake/register.go b/generated/1.18/client/supervisor/clientset/versioned/fake/register.go index 7b1793f3..20b81309 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/1.18/client/supervisor/clientset/versioned/fake/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/scheme/doc.go b/generated/1.18/client/supervisor/clientset/versioned/scheme/doc.go index 7d24c5d2..cc02f1d3 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/scheme/doc.go +++ b/generated/1.18/client/supervisor/clientset/versioned/scheme/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.18/client/supervisor/clientset/versioned/scheme/register.go index 249ee1d1..23788bd1 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/1.18/client/supervisor/clientset/versioned/scheme/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index 3b1d4a05..1bdb3362 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index 86890d6c..0aeb5048 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go index 8453f513..f9dc1b73 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go index c0f7feb0..d1e8f455 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index 116ba682..ba9c9173 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go index 5d2cd3ca..f075e4d9 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go index d3f12004..fe5f9ce2 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go index 669a43cb..5f7f57e8 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go index 26a4b77f..51882ac4 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go index 84ab0ea2..69369117 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go index a7fdb511..cbefaca4 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go index 208b4543..fd378b84 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go index 314b5d65..b78f0f0e 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go index 462a73b3..cab24db5 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/informers/externalversions/config/interface.go b/generated/1.18/client/supervisor/informers/externalversions/config/interface.go index 3153fbc3..39ae45c9 100644 --- a/generated/1.18/client/supervisor/informers/externalversions/config/interface.go +++ b/generated/1.18/client/supervisor/informers/externalversions/config/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go b/generated/1.18/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go index 0aec6290..38f0bd9d 100644 --- a/generated/1.18/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go +++ b/generated/1.18/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.18/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index 6a019f1f..54d42593 100644 --- a/generated/1.18/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.18/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/informers/externalversions/factory.go b/generated/1.18/client/supervisor/informers/externalversions/factory.go index 9f764007..997de893 100644 --- a/generated/1.18/client/supervisor/informers/externalversions/factory.go +++ b/generated/1.18/client/supervisor/informers/externalversions/factory.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/informers/externalversions/generic.go b/generated/1.18/client/supervisor/informers/externalversions/generic.go index 9a2e9853..665f95b9 100644 --- a/generated/1.18/client/supervisor/informers/externalversions/generic.go +++ b/generated/1.18/client/supervisor/informers/externalversions/generic.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/informers/externalversions/idp/interface.go b/generated/1.18/client/supervisor/informers/externalversions/idp/interface.go index a5b81903..d31938e7 100644 --- a/generated/1.18/client/supervisor/informers/externalversions/idp/interface.go +++ b/generated/1.18/client/supervisor/informers/externalversions/idp/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.18/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go index 54647c94..4f86f4ee 100644 --- a/generated/1.18/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.18/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go b/generated/1.18/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go index 9456d5e2..191f7731 100644 --- a/generated/1.18/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go +++ b/generated/1.18/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go b/generated/1.18/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go index a9151158..759e56ea 100644 --- a/generated/1.18/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.18/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go b/generated/1.18/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go index be193e03..05f2af93 100644 --- a/generated/1.18/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.18/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.18/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go index 5b116510..bd5e9a80 100644 --- a/generated/1.18/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/1.18/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.18/client/supervisor/listers/config/v1alpha1/expansion_generated.go index 4fd0edbc..d59892c4 100644 --- a/generated/1.18/client/supervisor/listers/config/v1alpha1/expansion_generated.go +++ b/generated/1.18/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/listers/config/v1alpha1/federationdomain.go b/generated/1.18/client/supervisor/listers/config/v1alpha1/federationdomain.go index a0babef0..1ad91c7f 100644 --- a/generated/1.18/client/supervisor/listers/config/v1alpha1/federationdomain.go +++ b/generated/1.18/client/supervisor/listers/config/v1alpha1/federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.18/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go index 91025764..1e18c091 100644 --- a/generated/1.18/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.18/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/listers/idp/v1alpha1/expansion_generated.go b/generated/1.18/client/supervisor/listers/idp/v1alpha1/expansion_generated.go index 7c625e80..d79cd0fe 100644 --- a/generated/1.18/client/supervisor/listers/idp/v1alpha1/expansion_generated.go +++ b/generated/1.18/client/supervisor/listers/idp/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go b/generated/1.18/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go index d7957df2..6cb848a6 100644 --- a/generated/1.18/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.18/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.18/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go b/generated/1.18/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go index e1b18c4e..3e27a711 100644 --- a/generated/1.18/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.18/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.19/apis/concierge/authentication/v1alpha1/doc.go b/generated/1.19/apis/concierge/authentication/v1alpha1/doc.go index 18505fea..d00d3ba6 100644 --- a/generated/1.19/apis/concierge/authentication/v1alpha1/doc.go +++ b/generated/1.19/apis/concierge/authentication/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.19/apis/concierge/authentication/v1alpha1/register.go b/generated/1.19/apis/concierge/authentication/v1alpha1/register.go index a00b5e9e..f58039e4 100644 --- a/generated/1.19/apis/concierge/authentication/v1alpha1/register.go +++ b/generated/1.19/apis/concierge/authentication/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.19/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go index 0d22d7af..a8596b22 100644 --- a/generated/1.19/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go +++ b/generated/1.19/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/1.19/apis/concierge/authentication/v1alpha1/types_meta.go index e59976ff..76a7d547 100644 --- a/generated/1.19/apis/concierge/authentication/v1alpha1/types_meta.go +++ b/generated/1.19/apis/concierge/authentication/v1alpha1/types_meta.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/authentication/v1alpha1/types_tls.go b/generated/1.19/apis/concierge/authentication/v1alpha1/types_tls.go index f882f2d6..12231665 100644 --- a/generated/1.19/apis/concierge/authentication/v1alpha1/types_tls.go +++ b/generated/1.19/apis/concierge/authentication/v1alpha1/types_tls.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.19/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go index 2a66815d..77b1e045 100644 --- a/generated/1.19/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go +++ b/generated/1.19/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index a64567b2..011daf87 100644 --- a/generated/1.19/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.19/apis/concierge/config/v1alpha1/doc.go b/generated/1.19/apis/concierge/config/v1alpha1/doc.go index 6b94e609..97b2f212 100644 --- a/generated/1.19/apis/concierge/config/v1alpha1/doc.go +++ b/generated/1.19/apis/concierge/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.19/apis/concierge/config/v1alpha1/register.go b/generated/1.19/apis/concierge/config/v1alpha1/register.go index 7ada1d46..8d799898 100644 --- a/generated/1.19/apis/concierge/config/v1alpha1/register.go +++ b/generated/1.19/apis/concierge/config/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/config/v1alpha1/types_credentialissuer.go b/generated/1.19/apis/concierge/config/v1alpha1/types_credentialissuer.go index 69b4fc13..d1cb160b 100644 --- a/generated/1.19/apis/concierge/config/v1alpha1/types_credentialissuer.go +++ b/generated/1.19/apis/concierge/config/v1alpha1/types_credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go index cf679b2c..4f93cd1d 100644 --- a/generated/1.19/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.19/apis/concierge/identity/doc.go b/generated/1.19/apis/concierge/identity/doc.go index 6d821566..130e8942 100644 --- a/generated/1.19/apis/concierge/identity/doc.go +++ b/generated/1.19/apis/concierge/identity/doc.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:deepcopy-gen=package diff --git a/generated/1.19/apis/concierge/identity/register.go b/generated/1.19/apis/concierge/identity/register.go index ad0fe3ab..0cefb834 100644 --- a/generated/1.19/apis/concierge/identity/register.go +++ b/generated/1.19/apis/concierge/identity/register.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/generated/1.19/apis/concierge/identity/types_userinfo.go b/generated/1.19/apis/concierge/identity/types_userinfo.go index fdd5b258..65eb50cc 100644 --- a/generated/1.19/apis/concierge/identity/types_userinfo.go +++ b/generated/1.19/apis/concierge/identity/types_userinfo.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/generated/1.19/apis/concierge/identity/types_whoami.go b/generated/1.19/apis/concierge/identity/types_whoami.go index 133a9a8e..4ba30607 100644 --- a/generated/1.19/apis/concierge/identity/types_whoami.go +++ b/generated/1.19/apis/concierge/identity/types_whoami.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/generated/1.19/apis/concierge/identity/v1alpha1/conversion.go b/generated/1.19/apis/concierge/identity/v1alpha1/conversion.go index e7e86b85..63ae004e 100644 --- a/generated/1.19/apis/concierge/identity/v1alpha1/conversion.go +++ b/generated/1.19/apis/concierge/identity/v1alpha1/conversion.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/identity/v1alpha1/defaults.go b/generated/1.19/apis/concierge/identity/v1alpha1/defaults.go index 8953e608..15c2bec9 100644 --- a/generated/1.19/apis/concierge/identity/v1alpha1/defaults.go +++ b/generated/1.19/apis/concierge/identity/v1alpha1/defaults.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/identity/v1alpha1/doc.go b/generated/1.19/apis/concierge/identity/v1alpha1/doc.go index 246b9db1..f8a6fca0 100644 --- a/generated/1.19/apis/concierge/identity/v1alpha1/doc.go +++ b/generated/1.19/apis/concierge/identity/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.19/apis/concierge/identity/v1alpha1/register.go b/generated/1.19/apis/concierge/identity/v1alpha1/register.go index 09ecfad8..0e17d584 100644 --- a/generated/1.19/apis/concierge/identity/v1alpha1/register.go +++ b/generated/1.19/apis/concierge/identity/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/identity/v1alpha1/types_userinfo.go b/generated/1.19/apis/concierge/identity/v1alpha1/types_userinfo.go index dc15fd36..4e509fc1 100644 --- a/generated/1.19/apis/concierge/identity/v1alpha1/types_userinfo.go +++ b/generated/1.19/apis/concierge/identity/v1alpha1/types_userinfo.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/identity/v1alpha1/types_whoami.go b/generated/1.19/apis/concierge/identity/v1alpha1/types_whoami.go index b9ecadb4..3d884346 100644 --- a/generated/1.19/apis/concierge/identity/v1alpha1/types_whoami.go +++ b/generated/1.19/apis/concierge/identity/v1alpha1/types_whoami.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.conversion.go index 43d1c9a3..2bdd0f25 100644 --- a/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.conversion.go +++ b/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.conversion.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by conversion-gen. DO NOT EDIT. diff --git a/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go index a6733d9d..cb3cb300 100644 --- a/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.defaults.go index b954fa5e..13351449 100644 --- a/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.defaults.go +++ b/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.defaults.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by defaulter-gen. DO NOT EDIT. diff --git a/generated/1.19/apis/concierge/identity/validation/validation.go b/generated/1.19/apis/concierge/identity/validation/validation.go index c860cc96..7cb5a886 100644 --- a/generated/1.19/apis/concierge/identity/validation/validation.go +++ b/generated/1.19/apis/concierge/identity/validation/validation.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package validation diff --git a/generated/1.19/apis/concierge/identity/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/identity/zz_generated.deepcopy.go index b80f7b8c..f176dfb0 100644 --- a/generated/1.19/apis/concierge/identity/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/identity/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.19/apis/concierge/login/doc.go b/generated/1.19/apis/concierge/login/doc.go index d7bfbcbe..14af63a2 100644 --- a/generated/1.19/apis/concierge/login/doc.go +++ b/generated/1.19/apis/concierge/login/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:deepcopy-gen=package diff --git a/generated/1.19/apis/concierge/login/register.go b/generated/1.19/apis/concierge/login/register.go index f93663f8..1c3ba130 100644 --- a/generated/1.19/apis/concierge/login/register.go +++ b/generated/1.19/apis/concierge/login/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/generated/1.19/apis/concierge/login/types_clustercred.go b/generated/1.19/apis/concierge/login/types_clustercred.go index fda1103a..dd683b81 100644 --- a/generated/1.19/apis/concierge/login/types_clustercred.go +++ b/generated/1.19/apis/concierge/login/types_clustercred.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/generated/1.19/apis/concierge/login/types_token.go b/generated/1.19/apis/concierge/login/types_token.go index 17a341b2..e3af529e 100644 --- a/generated/1.19/apis/concierge/login/types_token.go +++ b/generated/1.19/apis/concierge/login/types_token.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/generated/1.19/apis/concierge/login/v1alpha1/conversion.go b/generated/1.19/apis/concierge/login/v1alpha1/conversion.go index 226f6135..dca8bca2 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/conversion.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/conversion.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/login/v1alpha1/defaults.go b/generated/1.19/apis/concierge/login/v1alpha1/defaults.go index 830aa010..12f0acd2 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/defaults.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/defaults.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/login/v1alpha1/doc.go b/generated/1.19/apis/concierge/login/v1alpha1/doc.go index 6633266e..989cbb9f 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/doc.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.19/apis/concierge/login/v1alpha1/register.go b/generated/1.19/apis/concierge/login/v1alpha1/register.go index d5e1ee5e..60efec82 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/register.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/login/v1alpha1/types_clustercred.go b/generated/1.19/apis/concierge/login/v1alpha1/types_clustercred.go index 574e8b51..eb50c7fe 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/types_clustercred.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/types_clustercred.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/login/v1alpha1/types_token.go b/generated/1.19/apis/concierge/login/v1alpha1/types_token.go index 53e25645..c8f3b66e 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/types_token.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/types_token.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.conversion.go index abece478..b14331de 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by conversion-gen. DO NOT EDIT. diff --git a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go index c17260e8..18ca4b25 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.defaults.go index b954fa5e..13351449 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.defaults.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.defaults.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by defaulter-gen. DO NOT EDIT. diff --git a/generated/1.19/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/login/zz_generated.deepcopy.go index a65c9486..aa41974e 100644 --- a/generated/1.19/apis/concierge/login/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/login/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.19/apis/go.mod b/generated/1.19/apis/go.mod index def99f4d..be417432 100644 --- a/generated/1.19/apis/go.mod +++ b/generated/1.19/apis/go.mod @@ -4,6 +4,6 @@ module go.pinniped.dev/generated/1.19/apis go 1.13 require ( - k8s.io/api v0.19.5 - k8s.io/apimachinery v0.19.5 + k8s.io/api v0.19.15 + k8s.io/apimachinery v0.19.15 ) diff --git a/generated/1.19/apis/go.sum b/generated/1.19/apis/go.sum index 51d92738..32c6cf1a 100644 --- a/generated/1.19/apis/go.sum +++ b/generated/1.19/apis/go.sum @@ -25,8 +25,8 @@ github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+ github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= -github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls= -github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= @@ -55,7 +55,7 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68= github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kr/pretty v0.2.0 h1:s5hAObm+yFO5uHYt5dYjxi2rXrsnmRpJx4OYvIWUaQs= github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= @@ -87,26 +87,36 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b h1:uwuIcX0g4Yl1NC5XAz37xsr2lTtcqevgzYNVt49waME= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -121,13 +131,18 @@ golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= @@ -158,17 +173,18 @@ gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.19.5 h1:p0MRzyhokJ9Kn5jcJAHNup0s+COMBPfn1mTasls6mMg= -k8s.io/api v0.19.5/go.mod h1:yGZReuNa0vj56op6eT+NLrXJne0R0u9ktexZ8jdJzpc= -k8s.io/apimachinery v0.19.5 h1:Yvz6dOE0WbVE+FXBEFqc9lSvo87VPtq6mCSsrtC95HI= -k8s.io/apimachinery v0.19.5/go.mod h1:6sRbGRAVY5DOCuZwB5XkqguBqpqLU6q/kOaOdk29z6Q= +k8s.io/api v0.19.15 h1:i22aQYrQ9gaBHEAS9XvyR5ZfrTDAd+Q+JwWM+xIBv30= +k8s.io/api v0.19.15/go.mod h1:rMRWjnIJQmurd/FdLobht6dCSbJQ+UDpyOwPaoFS7lI= +k8s.io/apimachinery v0.19.15 h1:P37ni6/yFxRMrqgM75k/vt5xq9vnNiR3rJPTmWXrNho= +k8s.io/apimachinery v0.19.15/go.mod h1:RMyblyny2ZcDQ/oVE+lC31u7XTHUaSXEK2IhgtwGxfc= k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.2.0 h1:XRvcwJozkgZ1UQJmfMGpvRthQHOvihEhYtDfAaxMz/A= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o= -sigs.k8s.io/structured-merge-diff/v4 v4.0.1 h1:YXTMot5Qz/X1iBRJhAt+vI+HVttY0WkSqqhKxQ0xVbA= sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= +sigs.k8s.io/structured-merge-diff/v4 v4.1.2 h1:Hr/htKFmJEbtMgS/UD0N+gtgctAqz81t3nu+sPzynno= +sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/generated/1.19/apis/supervisor/config/v1alpha1/doc.go b/generated/1.19/apis/supervisor/config/v1alpha1/doc.go index 5fa14efd..b8b205fc 100644 --- a/generated/1.19/apis/supervisor/config/v1alpha1/doc.go +++ b/generated/1.19/apis/supervisor/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.19/apis/supervisor/config/v1alpha1/register.go b/generated/1.19/apis/supervisor/config/v1alpha1/register.go index 32c81af8..69045298 100644 --- a/generated/1.19/apis/supervisor/config/v1alpha1/register.go +++ b/generated/1.19/apis/supervisor/config/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/supervisor/config/v1alpha1/types_federationdomain.go b/generated/1.19/apis/supervisor/config/v1alpha1/types_federationdomain.go index 15e94f62..e92303a9 100644 --- a/generated/1.19/apis/supervisor/config/v1alpha1/types_federationdomain.go +++ b/generated/1.19/apis/supervisor/config/v1alpha1/types_federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index fbe695da..5c12910e 100644 --- a/generated/1.19/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.19/apis/supervisor/idp/v1alpha1/doc.go b/generated/1.19/apis/supervisor/idp/v1alpha1/doc.go index 71f2737d..a9e91c47 100644 --- a/generated/1.19/apis/supervisor/idp/v1alpha1/doc.go +++ b/generated/1.19/apis/supervisor/idp/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.19/apis/supervisor/idp/v1alpha1/register.go b/generated/1.19/apis/supervisor/idp/v1alpha1/register.go index e3406a81..8829a863 100644 --- a/generated/1.19/apis/supervisor/idp/v1alpha1/register.go +++ b/generated/1.19/apis/supervisor/idp/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/1.19/apis/supervisor/idp/v1alpha1/types_meta.go index e04c6f2a..76a7d547 100644 --- a/generated/1.19/apis/supervisor/idp/v1alpha1/types_meta.go +++ b/generated/1.19/apis/supervisor/idp/v1alpha1/types_meta.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/supervisor/idp/v1alpha1/types_tls.go b/generated/1.19/apis/supervisor/idp/v1alpha1/types_tls.go index fa4db315..1413a262 100644 --- a/generated/1.19/apis/supervisor/idp/v1alpha1/types_tls.go +++ b/generated/1.19/apis/supervisor/idp/v1alpha1/types_tls.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index 12e67583..b1e1c3dd 100644 --- a/generated/1.19/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.19/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go b/generated/1.19/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go index 6ddebe9b..ea055090 100644 --- a/generated/1.19/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go +++ b/generated/1.19/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.19/apis/supervisor/oidc/types_supervisor_oidc.go b/generated/1.19/apis/supervisor/oidc/types_supervisor_oidc.go index 36d95d18..b35aafcb 100644 --- a/generated/1.19/apis/supervisor/oidc/types_supervisor_oidc.go +++ b/generated/1.19/apis/supervisor/oidc/types_supervisor_oidc.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package oidc diff --git a/generated/1.19/client/concierge/clientset/versioned/clientset.go b/generated/1.19/client/concierge/clientset/versioned/clientset.go index 5f7bfe9d..f4ade752 100644 --- a/generated/1.19/client/concierge/clientset/versioned/clientset.go +++ b/generated/1.19/client/concierge/clientset/versioned/clientset.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/doc.go b/generated/1.19/client/concierge/clientset/versioned/doc.go index ecbdad66..5dc02e6e 100644 --- a/generated/1.19/client/concierge/clientset/versioned/doc.go +++ b/generated/1.19/client/concierge/clientset/versioned/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/fake/clientset_generated.go b/generated/1.19/client/concierge/clientset/versioned/fake/clientset_generated.go index 0158b754..84f6235a 100644 --- a/generated/1.19/client/concierge/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.19/client/concierge/clientset/versioned/fake/clientset_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/fake/doc.go b/generated/1.19/client/concierge/clientset/versioned/fake/doc.go index a2db57bf..7c9538fd 100644 --- a/generated/1.19/client/concierge/clientset/versioned/fake/doc.go +++ b/generated/1.19/client/concierge/clientset/versioned/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/fake/register.go b/generated/1.19/client/concierge/clientset/versioned/fake/register.go index d249d942..27b8644b 100644 --- a/generated/1.19/client/concierge/clientset/versioned/fake/register.go +++ b/generated/1.19/client/concierge/clientset/versioned/fake/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/scheme/doc.go b/generated/1.19/client/concierge/clientset/versioned/scheme/doc.go index 7d24c5d2..cc02f1d3 100644 --- a/generated/1.19/client/concierge/clientset/versioned/scheme/doc.go +++ b/generated/1.19/client/concierge/clientset/versioned/scheme/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/scheme/register.go b/generated/1.19/client/concierge/clientset/versioned/scheme/register.go index 81d16a18..d4823fa9 100644 --- a/generated/1.19/client/concierge/clientset/versioned/scheme/register.go +++ b/generated/1.19/client/concierge/clientset/versioned/scheme/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go index 1da92457..1066a2a2 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go index 87c9b5f3..2d24d955 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go index 9da6fc39..68936f4a 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go index 5af5041a..02a31b44 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go index 44fba43b..03757746 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go index 17da8ecc..2bd0bdd7 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go index 6b72e188..ab16d067 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go index c5a7d645..8916c595 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go b/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go index ee2f4805..1b265284 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index ae5b3e19..b71dc455 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go b/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go index 910b9cf3..6484fa73 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index f98d40d0..294cd402 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go b/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go b/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go b/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go index 370c0246..d8f86f4d 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go b/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go index ea53ebfb..7f89c359 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go b/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go index 8bea78ec..925d9ca3 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go b/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go index e9031f28..80b93db3 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go b/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go index 11c17e6c..06e47a81 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go b/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go b/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go b/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go index 945cbe41..e2425c72 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go b/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go index 9b448405..2fbbcc49 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go b/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go index 0d67146e..7ed35ca8 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go b/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go index 1e4e2de8..aa79d065 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go b/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go index 67bbe88c..cba0a2d4 100644 --- a/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go +++ b/generated/1.19/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/informers/externalversions/authentication/interface.go b/generated/1.19/client/concierge/informers/externalversions/authentication/interface.go index 5bcf9bd6..faa807b8 100644 --- a/generated/1.19/client/concierge/informers/externalversions/authentication/interface.go +++ b/generated/1.19/client/concierge/informers/externalversions/authentication/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go b/generated/1.19/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go index 837963d6..04deb7db 100644 --- a/generated/1.19/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go +++ b/generated/1.19/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go b/generated/1.19/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go index 9f51fb2b..a4f2df33 100644 --- a/generated/1.19/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/1.19/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/1.19/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go index a5aa2613..d46deaab 100644 --- a/generated/1.19/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/1.19/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/informers/externalversions/config/interface.go b/generated/1.19/client/concierge/informers/externalversions/config/interface.go index a90b4913..17dd5207 100644 --- a/generated/1.19/client/concierge/informers/externalversions/config/interface.go +++ b/generated/1.19/client/concierge/informers/externalversions/config/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go b/generated/1.19/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go index 9f0aa436..920466a3 100644 --- a/generated/1.19/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go +++ b/generated/1.19/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/informers/externalversions/config/v1alpha1/interface.go b/generated/1.19/client/concierge/informers/externalversions/config/v1alpha1/interface.go index 84c5c637..97ec99c0 100644 --- a/generated/1.19/client/concierge/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.19/client/concierge/informers/externalversions/config/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/informers/externalversions/factory.go b/generated/1.19/client/concierge/informers/externalversions/factory.go index a912786b..d82a1c04 100644 --- a/generated/1.19/client/concierge/informers/externalversions/factory.go +++ b/generated/1.19/client/concierge/informers/externalversions/factory.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/informers/externalversions/generic.go b/generated/1.19/client/concierge/informers/externalversions/generic.go index 0f74fe8c..15971769 100644 --- a/generated/1.19/client/concierge/informers/externalversions/generic.go +++ b/generated/1.19/client/concierge/informers/externalversions/generic.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.19/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go index 834ed550..3e1cbb5a 100644 --- a/generated/1.19/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/1.19/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/listers/authentication/v1alpha1/expansion_generated.go b/generated/1.19/client/concierge/listers/authentication/v1alpha1/expansion_generated.go index d78e57b0..665b978e 100644 --- a/generated/1.19/client/concierge/listers/authentication/v1alpha1/expansion_generated.go +++ b/generated/1.19/client/concierge/listers/authentication/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go b/generated/1.19/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go index 233ac3fc..5a956bab 100644 --- a/generated/1.19/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/1.19/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.19/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go index 8f96b39b..70b39899 100644 --- a/generated/1.19/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/1.19/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/listers/config/v1alpha1/credentialissuer.go b/generated/1.19/client/concierge/listers/config/v1alpha1/credentialissuer.go index b997cd34..f3a577ac 100644 --- a/generated/1.19/client/concierge/listers/config/v1alpha1/credentialissuer.go +++ b/generated/1.19/client/concierge/listers/config/v1alpha1/credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.19/client/concierge/listers/config/v1alpha1/expansion_generated.go b/generated/1.19/client/concierge/listers/config/v1alpha1/expansion_generated.go index 7fa5be2f..7212c891 100644 --- a/generated/1.19/client/concierge/listers/config/v1alpha1/expansion_generated.go +++ b/generated/1.19/client/concierge/listers/config/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.19/client/go.mod b/generated/1.19/client/go.mod index 228ba3f1..3ffb69b7 100644 --- a/generated/1.19/client/go.mod +++ b/generated/1.19/client/go.mod @@ -4,9 +4,9 @@ module go.pinniped.dev/generated/1.19/client go 1.13 require ( - go.pinniped.dev/generated/1.19/apis v0.0.0-00010101000000-000000000000 - k8s.io/apimachinery v0.19.5 - k8s.io/client-go v0.19.5 + go.pinniped.dev/generated/1.19/apis v0.0.0 + k8s.io/apimachinery v0.19.15 + k8s.io/client-go v0.19.15 ) replace go.pinniped.dev/generated/1.19/apis => ../apis diff --git a/generated/1.19/client/go.sum b/generated/1.19/client/go.sum index 9b415bcc..cf7abe3c 100644 --- a/generated/1.19/client/go.sum +++ b/generated/1.19/client/go.sum @@ -56,8 +56,8 @@ github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+ github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= -github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls= -github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7 h1:5ZkaAPbicIKTF2I64qf5Fh8Aa83Q/dnOafMYV0OMwjA= @@ -111,7 +111,7 @@ github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0 h1:s5hAObm+yFO5uHYt5dYjxi2rXrsnmRpJx4OYvIWUaQs= @@ -150,6 +150,8 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -179,6 +181,8 @@ golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCc golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -191,7 +195,9 @@ golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b h1:uwuIcX0g4Yl1NC5XAz37xsr2lTtcqevgzYNVt49waME= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -205,6 +211,7 @@ golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -232,7 +239,6 @@ golang.org/x/time v0.0.0-20191024005414-555d28b269f0 h1:/5xXl8Y5W96D+TtHSlonuFqG golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= @@ -247,12 +253,16 @@ golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= @@ -310,12 +320,12 @@ honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= -k8s.io/api v0.19.5 h1:p0MRzyhokJ9Kn5jcJAHNup0s+COMBPfn1mTasls6mMg= -k8s.io/api v0.19.5/go.mod h1:yGZReuNa0vj56op6eT+NLrXJne0R0u9ktexZ8jdJzpc= -k8s.io/apimachinery v0.19.5 h1:Yvz6dOE0WbVE+FXBEFqc9lSvo87VPtq6mCSsrtC95HI= -k8s.io/apimachinery v0.19.5/go.mod h1:6sRbGRAVY5DOCuZwB5XkqguBqpqLU6q/kOaOdk29z6Q= -k8s.io/client-go v0.19.5 h1:Y7LsFwgbm9+5oVXER04KNCSPhY6TblYRgG1DQdVq+ig= -k8s.io/client-go v0.19.5/go.mod h1:BSG3iuxI40Bs0nNDLS1JRa/7ReBQDHzf0x8nZZrK0fo= +k8s.io/api v0.19.15 h1:i22aQYrQ9gaBHEAS9XvyR5ZfrTDAd+Q+JwWM+xIBv30= +k8s.io/api v0.19.15/go.mod h1:rMRWjnIJQmurd/FdLobht6dCSbJQ+UDpyOwPaoFS7lI= +k8s.io/apimachinery v0.19.15 h1:P37ni6/yFxRMrqgM75k/vt5xq9vnNiR3rJPTmWXrNho= +k8s.io/apimachinery v0.19.15/go.mod h1:RMyblyny2ZcDQ/oVE+lC31u7XTHUaSXEK2IhgtwGxfc= +k8s.io/client-go v0.19.15 h1:lDBvFBjDIExh0mFS6JbG+5B7ghuPhqXjBzlaxG81ToU= +k8s.io/client-go v0.19.15/go.mod h1:OJMQWgHQJRDtO2BVtpkHUQOq/e5WHpXc02lSdPI0S/k= k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.2.0 h1:XRvcwJozkgZ1UQJmfMGpvRthQHOvihEhYtDfAaxMz/A= @@ -325,8 +335,9 @@ k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H k8s.io/utils v0.0.0-20200729134348-d5654de09c73 h1:uJmqzgNWG7XyClnU/mLPBWwfKKF1K8Hf8whTseBgJcg= k8s.io/utils v0.0.0-20200729134348-d5654de09c73/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= -sigs.k8s.io/structured-merge-diff/v4 v4.0.1 h1:YXTMot5Qz/X1iBRJhAt+vI+HVttY0WkSqqhKxQ0xVbA= sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= +sigs.k8s.io/structured-merge-diff/v4 v4.1.2 h1:Hr/htKFmJEbtMgS/UD0N+gtgctAqz81t3nu+sPzynno= +sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/generated/1.19/client/supervisor/clientset/versioned/clientset.go b/generated/1.19/client/supervisor/clientset/versioned/clientset.go index 66b7d45f..a5d5b43c 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/clientset.go +++ b/generated/1.19/client/supervisor/clientset/versioned/clientset.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/doc.go b/generated/1.19/client/supervisor/clientset/versioned/doc.go index ecbdad66..5dc02e6e 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/doc.go +++ b/generated/1.19/client/supervisor/clientset/versioned/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.19/client/supervisor/clientset/versioned/fake/clientset_generated.go index 7d13245b..6fbd1410 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.19/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/fake/doc.go b/generated/1.19/client/supervisor/clientset/versioned/fake/doc.go index a2db57bf..7c9538fd 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/fake/doc.go +++ b/generated/1.19/client/supervisor/clientset/versioned/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/fake/register.go b/generated/1.19/client/supervisor/clientset/versioned/fake/register.go index ed82c167..93a34271 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/1.19/client/supervisor/clientset/versioned/fake/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/scheme/doc.go b/generated/1.19/client/supervisor/clientset/versioned/scheme/doc.go index 7d24c5d2..cc02f1d3 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/scheme/doc.go +++ b/generated/1.19/client/supervisor/clientset/versioned/scheme/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.19/client/supervisor/clientset/versioned/scheme/register.go index 568775b7..0f2ac77b 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/1.19/client/supervisor/clientset/versioned/scheme/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index 4b100393..ecfa976c 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index e811dd56..c725f508 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go index 9f63e35b..e2788b27 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go index 48e50e81..db71f8fb 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index 116ba682..ba9c9173 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go index bf585258..3fb92414 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go index 696aab0e..1673b11a 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go index ea0ea195..ba0f24cd 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go index 84f3f24f..57e794fb 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go index e9b262a7..61bf0059 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go index a7fdb511..cbefaca4 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go index bfdf55a3..205d842a 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go index ee93d165..ae04705f 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go index 14f19304..08037e24 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/informers/externalversions/config/interface.go b/generated/1.19/client/supervisor/informers/externalversions/config/interface.go index fdbae25b..f1130d71 100644 --- a/generated/1.19/client/supervisor/informers/externalversions/config/interface.go +++ b/generated/1.19/client/supervisor/informers/externalversions/config/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go b/generated/1.19/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go index be26d97b..44575d6f 100644 --- a/generated/1.19/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go +++ b/generated/1.19/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.19/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index 75f74d13..33b72e12 100644 --- a/generated/1.19/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.19/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/informers/externalversions/factory.go b/generated/1.19/client/supervisor/informers/externalversions/factory.go index 4c459a19..0ad18aae 100644 --- a/generated/1.19/client/supervisor/informers/externalversions/factory.go +++ b/generated/1.19/client/supervisor/informers/externalversions/factory.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/informers/externalversions/generic.go b/generated/1.19/client/supervisor/informers/externalversions/generic.go index 77b758f2..644f1b12 100644 --- a/generated/1.19/client/supervisor/informers/externalversions/generic.go +++ b/generated/1.19/client/supervisor/informers/externalversions/generic.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/informers/externalversions/idp/interface.go b/generated/1.19/client/supervisor/informers/externalversions/idp/interface.go index 88de7c7e..5ade40fa 100644 --- a/generated/1.19/client/supervisor/informers/externalversions/idp/interface.go +++ b/generated/1.19/client/supervisor/informers/externalversions/idp/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.19/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go index 6601bd4b..54f823e7 100644 --- a/generated/1.19/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.19/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go b/generated/1.19/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go index dda26a61..b3a5f3e1 100644 --- a/generated/1.19/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go +++ b/generated/1.19/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go b/generated/1.19/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go index c9c548d7..0cf6c634 100644 --- a/generated/1.19/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.19/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go b/generated/1.19/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go index 094e926e..443aaf7d 100644 --- a/generated/1.19/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.19/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.19/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go index 35ff1bb9..e469b80a 100644 --- a/generated/1.19/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/1.19/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.19/client/supervisor/listers/config/v1alpha1/expansion_generated.go index 4fd0edbc..d59892c4 100644 --- a/generated/1.19/client/supervisor/listers/config/v1alpha1/expansion_generated.go +++ b/generated/1.19/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/listers/config/v1alpha1/federationdomain.go b/generated/1.19/client/supervisor/listers/config/v1alpha1/federationdomain.go index 264396a1..ee77104d 100644 --- a/generated/1.19/client/supervisor/listers/config/v1alpha1/federationdomain.go +++ b/generated/1.19/client/supervisor/listers/config/v1alpha1/federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.19/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go index 21cbeee5..ae41135b 100644 --- a/generated/1.19/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.19/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/listers/idp/v1alpha1/expansion_generated.go b/generated/1.19/client/supervisor/listers/idp/v1alpha1/expansion_generated.go index 7c625e80..d79cd0fe 100644 --- a/generated/1.19/client/supervisor/listers/idp/v1alpha1/expansion_generated.go +++ b/generated/1.19/client/supervisor/listers/idp/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go b/generated/1.19/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go index 37e5406c..ac524bca 100644 --- a/generated/1.19/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.19/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.19/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go b/generated/1.19/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go index 1680b60d..cf386965 100644 --- a/generated/1.19/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.19/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.20/apis/concierge/authentication/v1alpha1/doc.go b/generated/1.20/apis/concierge/authentication/v1alpha1/doc.go index 18505fea..d00d3ba6 100644 --- a/generated/1.20/apis/concierge/authentication/v1alpha1/doc.go +++ b/generated/1.20/apis/concierge/authentication/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.20/apis/concierge/authentication/v1alpha1/register.go b/generated/1.20/apis/concierge/authentication/v1alpha1/register.go index a00b5e9e..f58039e4 100644 --- a/generated/1.20/apis/concierge/authentication/v1alpha1/register.go +++ b/generated/1.20/apis/concierge/authentication/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.20/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go index 0d22d7af..a8596b22 100644 --- a/generated/1.20/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go +++ b/generated/1.20/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/1.20/apis/concierge/authentication/v1alpha1/types_meta.go index e59976ff..76a7d547 100644 --- a/generated/1.20/apis/concierge/authentication/v1alpha1/types_meta.go +++ b/generated/1.20/apis/concierge/authentication/v1alpha1/types_meta.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/authentication/v1alpha1/types_tls.go b/generated/1.20/apis/concierge/authentication/v1alpha1/types_tls.go index f882f2d6..12231665 100644 --- a/generated/1.20/apis/concierge/authentication/v1alpha1/types_tls.go +++ b/generated/1.20/apis/concierge/authentication/v1alpha1/types_tls.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.20/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go index 2a66815d..77b1e045 100644 --- a/generated/1.20/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go +++ b/generated/1.20/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.20/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index a64567b2..011daf87 100644 --- a/generated/1.20/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.20/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.20/apis/concierge/config/v1alpha1/doc.go b/generated/1.20/apis/concierge/config/v1alpha1/doc.go index 6b94e609..97b2f212 100644 --- a/generated/1.20/apis/concierge/config/v1alpha1/doc.go +++ b/generated/1.20/apis/concierge/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.20/apis/concierge/config/v1alpha1/register.go b/generated/1.20/apis/concierge/config/v1alpha1/register.go index 7ada1d46..8d799898 100644 --- a/generated/1.20/apis/concierge/config/v1alpha1/register.go +++ b/generated/1.20/apis/concierge/config/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/config/v1alpha1/types_credentialissuer.go b/generated/1.20/apis/concierge/config/v1alpha1/types_credentialissuer.go index 69b4fc13..d1cb160b 100644 --- a/generated/1.20/apis/concierge/config/v1alpha1/types_credentialissuer.go +++ b/generated/1.20/apis/concierge/config/v1alpha1/types_credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.20/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go index cf679b2c..4f93cd1d 100644 --- a/generated/1.20/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.20/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.20/apis/concierge/identity/doc.go b/generated/1.20/apis/concierge/identity/doc.go index 6d821566..130e8942 100644 --- a/generated/1.20/apis/concierge/identity/doc.go +++ b/generated/1.20/apis/concierge/identity/doc.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:deepcopy-gen=package diff --git a/generated/1.20/apis/concierge/identity/register.go b/generated/1.20/apis/concierge/identity/register.go index ad0fe3ab..0cefb834 100644 --- a/generated/1.20/apis/concierge/identity/register.go +++ b/generated/1.20/apis/concierge/identity/register.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/generated/1.20/apis/concierge/identity/types_userinfo.go b/generated/1.20/apis/concierge/identity/types_userinfo.go index fdd5b258..65eb50cc 100644 --- a/generated/1.20/apis/concierge/identity/types_userinfo.go +++ b/generated/1.20/apis/concierge/identity/types_userinfo.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/generated/1.20/apis/concierge/identity/types_whoami.go b/generated/1.20/apis/concierge/identity/types_whoami.go index 133a9a8e..4ba30607 100644 --- a/generated/1.20/apis/concierge/identity/types_whoami.go +++ b/generated/1.20/apis/concierge/identity/types_whoami.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/generated/1.20/apis/concierge/identity/v1alpha1/conversion.go b/generated/1.20/apis/concierge/identity/v1alpha1/conversion.go index e7e86b85..63ae004e 100644 --- a/generated/1.20/apis/concierge/identity/v1alpha1/conversion.go +++ b/generated/1.20/apis/concierge/identity/v1alpha1/conversion.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/identity/v1alpha1/defaults.go b/generated/1.20/apis/concierge/identity/v1alpha1/defaults.go index 8953e608..15c2bec9 100644 --- a/generated/1.20/apis/concierge/identity/v1alpha1/defaults.go +++ b/generated/1.20/apis/concierge/identity/v1alpha1/defaults.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/identity/v1alpha1/doc.go b/generated/1.20/apis/concierge/identity/v1alpha1/doc.go index 6325569a..7cdcd478 100644 --- a/generated/1.20/apis/concierge/identity/v1alpha1/doc.go +++ b/generated/1.20/apis/concierge/identity/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.20/apis/concierge/identity/v1alpha1/register.go b/generated/1.20/apis/concierge/identity/v1alpha1/register.go index 09ecfad8..0e17d584 100644 --- a/generated/1.20/apis/concierge/identity/v1alpha1/register.go +++ b/generated/1.20/apis/concierge/identity/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/identity/v1alpha1/types_userinfo.go b/generated/1.20/apis/concierge/identity/v1alpha1/types_userinfo.go index dc15fd36..4e509fc1 100644 --- a/generated/1.20/apis/concierge/identity/v1alpha1/types_userinfo.go +++ b/generated/1.20/apis/concierge/identity/v1alpha1/types_userinfo.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/identity/v1alpha1/types_whoami.go b/generated/1.20/apis/concierge/identity/v1alpha1/types_whoami.go index b9ecadb4..3d884346 100644 --- a/generated/1.20/apis/concierge/identity/v1alpha1/types_whoami.go +++ b/generated/1.20/apis/concierge/identity/v1alpha1/types_whoami.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.conversion.go index e5dad82d..7b7aef34 100644 --- a/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.conversion.go +++ b/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.conversion.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by conversion-gen. DO NOT EDIT. diff --git a/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go index a6733d9d..cb3cb300 100644 --- a/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.defaults.go index b954fa5e..13351449 100644 --- a/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.defaults.go +++ b/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.defaults.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by defaulter-gen. DO NOT EDIT. diff --git a/generated/1.20/apis/concierge/identity/validation/validation.go b/generated/1.20/apis/concierge/identity/validation/validation.go index ce9671e0..f5b7bd7c 100644 --- a/generated/1.20/apis/concierge/identity/validation/validation.go +++ b/generated/1.20/apis/concierge/identity/validation/validation.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package validation diff --git a/generated/1.20/apis/concierge/identity/zz_generated.deepcopy.go b/generated/1.20/apis/concierge/identity/zz_generated.deepcopy.go index b80f7b8c..f176dfb0 100644 --- a/generated/1.20/apis/concierge/identity/zz_generated.deepcopy.go +++ b/generated/1.20/apis/concierge/identity/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.20/apis/concierge/login/doc.go b/generated/1.20/apis/concierge/login/doc.go index d7bfbcbe..14af63a2 100644 --- a/generated/1.20/apis/concierge/login/doc.go +++ b/generated/1.20/apis/concierge/login/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:deepcopy-gen=package diff --git a/generated/1.20/apis/concierge/login/register.go b/generated/1.20/apis/concierge/login/register.go index f93663f8..1c3ba130 100644 --- a/generated/1.20/apis/concierge/login/register.go +++ b/generated/1.20/apis/concierge/login/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/generated/1.20/apis/concierge/login/types_clustercred.go b/generated/1.20/apis/concierge/login/types_clustercred.go index fda1103a..dd683b81 100644 --- a/generated/1.20/apis/concierge/login/types_clustercred.go +++ b/generated/1.20/apis/concierge/login/types_clustercred.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/generated/1.20/apis/concierge/login/types_token.go b/generated/1.20/apis/concierge/login/types_token.go index 17a341b2..e3af529e 100644 --- a/generated/1.20/apis/concierge/login/types_token.go +++ b/generated/1.20/apis/concierge/login/types_token.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/generated/1.20/apis/concierge/login/v1alpha1/conversion.go b/generated/1.20/apis/concierge/login/v1alpha1/conversion.go index 226f6135..dca8bca2 100644 --- a/generated/1.20/apis/concierge/login/v1alpha1/conversion.go +++ b/generated/1.20/apis/concierge/login/v1alpha1/conversion.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/login/v1alpha1/defaults.go b/generated/1.20/apis/concierge/login/v1alpha1/defaults.go index 830aa010..12f0acd2 100644 --- a/generated/1.20/apis/concierge/login/v1alpha1/defaults.go +++ b/generated/1.20/apis/concierge/login/v1alpha1/defaults.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/login/v1alpha1/doc.go b/generated/1.20/apis/concierge/login/v1alpha1/doc.go index 88e43e8a..efd1d7cd 100644 --- a/generated/1.20/apis/concierge/login/v1alpha1/doc.go +++ b/generated/1.20/apis/concierge/login/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.20/apis/concierge/login/v1alpha1/register.go b/generated/1.20/apis/concierge/login/v1alpha1/register.go index d5e1ee5e..60efec82 100644 --- a/generated/1.20/apis/concierge/login/v1alpha1/register.go +++ b/generated/1.20/apis/concierge/login/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/login/v1alpha1/types_clustercred.go b/generated/1.20/apis/concierge/login/v1alpha1/types_clustercred.go index 574e8b51..eb50c7fe 100644 --- a/generated/1.20/apis/concierge/login/v1alpha1/types_clustercred.go +++ b/generated/1.20/apis/concierge/login/v1alpha1/types_clustercred.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/login/v1alpha1/types_token.go b/generated/1.20/apis/concierge/login/v1alpha1/types_token.go index 53e25645..c8f3b66e 100644 --- a/generated/1.20/apis/concierge/login/v1alpha1/types_token.go +++ b/generated/1.20/apis/concierge/login/v1alpha1/types_token.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.conversion.go index a1f5f27f..f14f64f4 100644 --- a/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by conversion-gen. DO NOT EDIT. diff --git a/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go index c17260e8..18ca4b25 100644 --- a/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.defaults.go index b954fa5e..13351449 100644 --- a/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.defaults.go +++ b/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.defaults.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by defaulter-gen. DO NOT EDIT. diff --git a/generated/1.20/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.20/apis/concierge/login/zz_generated.deepcopy.go index a65c9486..aa41974e 100644 --- a/generated/1.20/apis/concierge/login/zz_generated.deepcopy.go +++ b/generated/1.20/apis/concierge/login/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.20/apis/go.mod b/generated/1.20/apis/go.mod index 8dea9abe..6eee615b 100644 --- a/generated/1.20/apis/go.mod +++ b/generated/1.20/apis/go.mod @@ -4,6 +4,6 @@ module go.pinniped.dev/generated/1.20/apis go 1.13 require ( - k8s.io/api v0.20.4 - k8s.io/apimachinery v0.20.4 + k8s.io/api v0.20.14 + k8s.io/apimachinery v0.20.14 ) diff --git a/generated/1.20/apis/go.sum b/generated/1.20/apis/go.sum index e0714bf5..d1ac6c2a 100644 --- a/generated/1.20/apis/go.sum +++ b/generated/1.20/apis/go.sum @@ -29,8 +29,8 @@ github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL9 github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls= -github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= @@ -62,7 +62,7 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68= github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0 h1:s5hAObm+yFO5uHYt5dYjxi2rXrsnmRpJx4OYvIWUaQs= @@ -99,14 +99,19 @@ github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoH github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -114,14 +119,19 @@ golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73r golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b h1:uwuIcX0g4Yl1NC5XAz37xsr2lTtcqevgzYNVt49waME= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -135,15 +145,19 @@ golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.4 h1:0YWbFKbhXG/wIiuHDSKpS0Iy7FSA+u45VtBMfQcFTTc= -golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -180,17 +194,18 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.20.4 h1:xZjKidCirayzX6tHONRQyTNDVIR55TYVqgATqo6ZULY= -k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= -k8s.io/apimachinery v0.20.4 h1:vhxQ0PPUUU2Ns1b9r4/UFp13UPs8cw2iOoTjnY9faa0= -k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= +k8s.io/api v0.20.14 h1:vAI3AdDY0Ou9oAkOy/fQ3K0F+FOT+TyZqykKGKHJYQA= +k8s.io/api v0.20.14/go.mod h1:l/ErofD0cbemY3VGAuqcyQFu0+FoSYD1sOAi6PwUCis= +k8s.io/apimachinery v0.20.14 h1:LG7YY3R3ZRO5UxaIsInDk8adAb9J744CP2EfckAIM7w= +k8s.io/apimachinery v0.20.14/go.mod h1:4KFiDSxCoGviCiRk9kTXIROsIf4VSGkVYjVJjJln3pg= k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.4.0 h1:7+X0fUguPyrKEC4WjH8iGDg3laWgMo5tMnRTIGTTxGQ= k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= -sigs.k8s.io/structured-merge-diff/v4 v4.0.2 h1:YHQV7Dajm86OuqnIR6zAelnDWBRjo+YhYV9PmGrh1s8= +k8s.io/kube-openapi v0.0.0-20211110013926-83f114cd0513/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= +sigs.k8s.io/structured-merge-diff/v4 v4.1.2 h1:Hr/htKFmJEbtMgS/UD0N+gtgctAqz81t3nu+sPzynno= +sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/generated/1.20/apis/supervisor/config/v1alpha1/doc.go b/generated/1.20/apis/supervisor/config/v1alpha1/doc.go index 8ed47615..2bae2c5c 100644 --- a/generated/1.20/apis/supervisor/config/v1alpha1/doc.go +++ b/generated/1.20/apis/supervisor/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.20/apis/supervisor/config/v1alpha1/register.go b/generated/1.20/apis/supervisor/config/v1alpha1/register.go index 32c81af8..69045298 100644 --- a/generated/1.20/apis/supervisor/config/v1alpha1/register.go +++ b/generated/1.20/apis/supervisor/config/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/supervisor/config/v1alpha1/types_federationdomain.go b/generated/1.20/apis/supervisor/config/v1alpha1/types_federationdomain.go index 15e94f62..e92303a9 100644 --- a/generated/1.20/apis/supervisor/config/v1alpha1/types_federationdomain.go +++ b/generated/1.20/apis/supervisor/config/v1alpha1/types_federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.20/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index fbe695da..5c12910e 100644 --- a/generated/1.20/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.20/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.20/apis/supervisor/idp/v1alpha1/doc.go b/generated/1.20/apis/supervisor/idp/v1alpha1/doc.go index 71f2737d..a9e91c47 100644 --- a/generated/1.20/apis/supervisor/idp/v1alpha1/doc.go +++ b/generated/1.20/apis/supervisor/idp/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/1.20/apis/supervisor/idp/v1alpha1/register.go b/generated/1.20/apis/supervisor/idp/v1alpha1/register.go index e3406a81..8829a863 100644 --- a/generated/1.20/apis/supervisor/idp/v1alpha1/register.go +++ b/generated/1.20/apis/supervisor/idp/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/1.20/apis/supervisor/idp/v1alpha1/types_meta.go index e04c6f2a..76a7d547 100644 --- a/generated/1.20/apis/supervisor/idp/v1alpha1/types_meta.go +++ b/generated/1.20/apis/supervisor/idp/v1alpha1/types_meta.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/supervisor/idp/v1alpha1/types_tls.go b/generated/1.20/apis/supervisor/idp/v1alpha1/types_tls.go index fa4db315..1413a262 100644 --- a/generated/1.20/apis/supervisor/idp/v1alpha1/types_tls.go +++ b/generated/1.20/apis/supervisor/idp/v1alpha1/types_tls.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.20/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index 12e67583..b1e1c3dd 100644 --- a/generated/1.20/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.20/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/1.20/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go b/generated/1.20/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go index 6ddebe9b..ea055090 100644 --- a/generated/1.20/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go +++ b/generated/1.20/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/1.20/apis/supervisor/oidc/types_supervisor_oidc.go b/generated/1.20/apis/supervisor/oidc/types_supervisor_oidc.go index 36d95d18..b35aafcb 100644 --- a/generated/1.20/apis/supervisor/oidc/types_supervisor_oidc.go +++ b/generated/1.20/apis/supervisor/oidc/types_supervisor_oidc.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package oidc diff --git a/generated/1.20/client/concierge/clientset/versioned/clientset.go b/generated/1.20/client/concierge/clientset/versioned/clientset.go index cd07daa3..130453dc 100644 --- a/generated/1.20/client/concierge/clientset/versioned/clientset.go +++ b/generated/1.20/client/concierge/clientset/versioned/clientset.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/doc.go b/generated/1.20/client/concierge/clientset/versioned/doc.go index ecbdad66..5dc02e6e 100644 --- a/generated/1.20/client/concierge/clientset/versioned/doc.go +++ b/generated/1.20/client/concierge/clientset/versioned/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/fake/clientset_generated.go b/generated/1.20/client/concierge/clientset/versioned/fake/clientset_generated.go index c1dd5d72..a7ae64d6 100644 --- a/generated/1.20/client/concierge/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.20/client/concierge/clientset/versioned/fake/clientset_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/fake/doc.go b/generated/1.20/client/concierge/clientset/versioned/fake/doc.go index a2db57bf..7c9538fd 100644 --- a/generated/1.20/client/concierge/clientset/versioned/fake/doc.go +++ b/generated/1.20/client/concierge/clientset/versioned/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/fake/register.go b/generated/1.20/client/concierge/clientset/versioned/fake/register.go index e5cf24bd..2f87f27b 100644 --- a/generated/1.20/client/concierge/clientset/versioned/fake/register.go +++ b/generated/1.20/client/concierge/clientset/versioned/fake/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/scheme/doc.go b/generated/1.20/client/concierge/clientset/versioned/scheme/doc.go index 7d24c5d2..cc02f1d3 100644 --- a/generated/1.20/client/concierge/clientset/versioned/scheme/doc.go +++ b/generated/1.20/client/concierge/clientset/versioned/scheme/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/scheme/register.go b/generated/1.20/client/concierge/clientset/versioned/scheme/register.go index 3e2f61dd..221ff453 100644 --- a/generated/1.20/client/concierge/clientset/versioned/scheme/register.go +++ b/generated/1.20/client/concierge/clientset/versioned/scheme/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go index 055ca7c4..4d93782d 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go index 51e6c056..689c4d10 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go index a6f47934..ab2878f5 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go index be312ba3..02e8e302 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go index 44fba43b..03757746 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go index 8dee34f1..7f62ff4c 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go index 96d4d6f8..ce2da966 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go index 0b6924cd..e8f3cf9a 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go b/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go index aee312fe..77c7f2cb 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index a65a1392..c9a77616 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go b/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go index 5dd4fe3e..7269c6a4 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index f98d40d0..294cd402 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go b/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go b/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go b/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go index bacb41ae..b1988ce6 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go b/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go index feaf4daf..751294a9 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go b/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go index 8bea78ec..925d9ca3 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go b/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go index b323d720..49825aa4 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go b/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go index 97adee72..be11af76 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go b/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go b/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go b/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go index d28d50d5..620e6b51 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go b/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go index f9333fda..2c9e9282 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go b/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go index 0d67146e..7ed35ca8 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go b/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go index 80dfe917..96589544 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go b/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go index cf5ba4ac..6970aae0 100644 --- a/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go +++ b/generated/1.20/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/informers/externalversions/authentication/interface.go b/generated/1.20/client/concierge/informers/externalversions/authentication/interface.go index 422264fd..310b31d5 100644 --- a/generated/1.20/client/concierge/informers/externalversions/authentication/interface.go +++ b/generated/1.20/client/concierge/informers/externalversions/authentication/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go b/generated/1.20/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go index f2b8f98b..66703842 100644 --- a/generated/1.20/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go +++ b/generated/1.20/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go b/generated/1.20/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go index 291cb86e..e01e08af 100644 --- a/generated/1.20/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/1.20/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/1.20/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go index 5fc61d5a..9a088560 100644 --- a/generated/1.20/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/1.20/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/informers/externalversions/config/interface.go b/generated/1.20/client/concierge/informers/externalversions/config/interface.go index cca5c220..240e00b6 100644 --- a/generated/1.20/client/concierge/informers/externalversions/config/interface.go +++ b/generated/1.20/client/concierge/informers/externalversions/config/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go b/generated/1.20/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go index 3c2b8aa7..7283b197 100644 --- a/generated/1.20/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go +++ b/generated/1.20/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/informers/externalversions/config/v1alpha1/interface.go b/generated/1.20/client/concierge/informers/externalversions/config/v1alpha1/interface.go index 0581eec7..fb7a1d92 100644 --- a/generated/1.20/client/concierge/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.20/client/concierge/informers/externalversions/config/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/informers/externalversions/factory.go b/generated/1.20/client/concierge/informers/externalversions/factory.go index ff430da3..ebd9440e 100644 --- a/generated/1.20/client/concierge/informers/externalversions/factory.go +++ b/generated/1.20/client/concierge/informers/externalversions/factory.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/informers/externalversions/generic.go b/generated/1.20/client/concierge/informers/externalversions/generic.go index 50349ec8..7ab8b83a 100644 --- a/generated/1.20/client/concierge/informers/externalversions/generic.go +++ b/generated/1.20/client/concierge/informers/externalversions/generic.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.20/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go index 61f17d9f..c3a6348f 100644 --- a/generated/1.20/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/1.20/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/listers/authentication/v1alpha1/expansion_generated.go b/generated/1.20/client/concierge/listers/authentication/v1alpha1/expansion_generated.go index d78e57b0..665b978e 100644 --- a/generated/1.20/client/concierge/listers/authentication/v1alpha1/expansion_generated.go +++ b/generated/1.20/client/concierge/listers/authentication/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go b/generated/1.20/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go index e6354c74..eadb4579 100644 --- a/generated/1.20/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/1.20/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.20/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go index b66ddc31..d8db9c3d 100644 --- a/generated/1.20/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/1.20/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/listers/config/v1alpha1/credentialissuer.go b/generated/1.20/client/concierge/listers/config/v1alpha1/credentialissuer.go index f94dde56..a650fc36 100644 --- a/generated/1.20/client/concierge/listers/config/v1alpha1/credentialissuer.go +++ b/generated/1.20/client/concierge/listers/config/v1alpha1/credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.20/client/concierge/listers/config/v1alpha1/expansion_generated.go b/generated/1.20/client/concierge/listers/config/v1alpha1/expansion_generated.go index 7fa5be2f..7212c891 100644 --- a/generated/1.20/client/concierge/listers/config/v1alpha1/expansion_generated.go +++ b/generated/1.20/client/concierge/listers/config/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.20/client/go.mod b/generated/1.20/client/go.mod index e46aa24f..9d068aae 100644 --- a/generated/1.20/client/go.mod +++ b/generated/1.20/client/go.mod @@ -4,9 +4,9 @@ module go.pinniped.dev/generated/1.20/client go 1.13 require ( - go.pinniped.dev/generated/1.20/apis v0.0.0-00010101000000-000000000000 - k8s.io/apimachinery v0.20.4 - k8s.io/client-go v0.20.4 + go.pinniped.dev/generated/1.20/apis v0.0.0 + k8s.io/apimachinery v0.20.14 + k8s.io/client-go v0.20.14 ) replace go.pinniped.dev/generated/1.20/apis => ../apis diff --git a/generated/1.20/client/go.sum b/generated/1.20/client/go.sum index b4aa6655..a29c2c00 100644 --- a/generated/1.20/client/go.sum +++ b/generated/1.20/client/go.sum @@ -71,8 +71,8 @@ github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL9 github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls= -github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -135,7 +135,7 @@ github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0 h1:s5hAObm+yFO5uHYt5dYjxi2rXrsnmRpJx4OYvIWUaQs= @@ -179,6 +179,8 @@ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UV github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -220,6 +222,7 @@ golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -241,6 +244,7 @@ golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b h1:uwuIcX0g4Yl1NC5XAz37xsr2lTtcqevgzYNVt49waME= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -255,6 +259,7 @@ golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -285,15 +290,14 @@ golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.4 h1:0YWbFKbhXG/wIiuHDSKpS0Iy7FSA+u45VtBMfQcFTTc= -golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e h1:EHBhcS0mlXEAVwNyO2dLfjToGsyY4j24pTs2ScHnX7s= golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= @@ -324,6 +328,8 @@ golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapK golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -404,25 +410,26 @@ honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.20.4 h1:xZjKidCirayzX6tHONRQyTNDVIR55TYVqgATqo6ZULY= -k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= -k8s.io/apimachinery v0.20.4 h1:vhxQ0PPUUU2Ns1b9r4/UFp13UPs8cw2iOoTjnY9faa0= -k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= -k8s.io/client-go v0.20.4 h1:85crgh1IotNkLpKYKZHVNI1JT86nr/iDCvq2iWKsql4= -k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= +k8s.io/api v0.20.14 h1:vAI3AdDY0Ou9oAkOy/fQ3K0F+FOT+TyZqykKGKHJYQA= +k8s.io/api v0.20.14/go.mod h1:l/ErofD0cbemY3VGAuqcyQFu0+FoSYD1sOAi6PwUCis= +k8s.io/apimachinery v0.20.14 h1:LG7YY3R3ZRO5UxaIsInDk8adAb9J744CP2EfckAIM7w= +k8s.io/apimachinery v0.20.14/go.mod h1:4KFiDSxCoGviCiRk9kTXIROsIf4VSGkVYjVJjJln3pg= +k8s.io/client-go v0.20.14 h1:DAtFSq905IE49N/WOzI1PvwnifI6Vduti5v8A2xJEt8= +k8s.io/client-go v0.20.14/go.mod h1:NP3va0ehKLBNmXBUIQD6ddTvK7Pu/wioGuitv++pYow= k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.4.0 h1:7+X0fUguPyrKEC4WjH8iGDg3laWgMo5tMnRTIGTTxGQ= k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd h1:sOHNzJIkytDF6qadMNKhhDRpc6ODik8lVC6nOur7B2c= -k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= +k8s.io/kube-openapi v0.0.0-20211110013926-83f114cd0513 h1:pbudjNtv90nOgR0/DUhPwKHnQ55Khz8+sNhJBIK7A5M= +k8s.io/kube-openapi v0.0.0-20211110013926-83f114cd0513/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= k8s.io/utils v0.0.0-20201110183641-67b214c5f920 h1:CbnUZsM497iRC5QMVkHwyl8s2tB3g7yaSHkYPkpgelw= k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/structured-merge-diff/v4 v4.0.2 h1:YHQV7Dajm86OuqnIR6zAelnDWBRjo+YhYV9PmGrh1s8= sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= +sigs.k8s.io/structured-merge-diff/v4 v4.1.2 h1:Hr/htKFmJEbtMgS/UD0N+gtgctAqz81t3nu+sPzynno= +sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/generated/1.20/client/supervisor/clientset/versioned/clientset.go b/generated/1.20/client/supervisor/clientset/versioned/clientset.go index d4c995f9..47592892 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/clientset.go +++ b/generated/1.20/client/supervisor/clientset/versioned/clientset.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/doc.go b/generated/1.20/client/supervisor/clientset/versioned/doc.go index ecbdad66..5dc02e6e 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/doc.go +++ b/generated/1.20/client/supervisor/clientset/versioned/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.20/client/supervisor/clientset/versioned/fake/clientset_generated.go index 241b73e1..4f710f0b 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.20/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/fake/doc.go b/generated/1.20/client/supervisor/clientset/versioned/fake/doc.go index a2db57bf..7c9538fd 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/fake/doc.go +++ b/generated/1.20/client/supervisor/clientset/versioned/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/fake/register.go b/generated/1.20/client/supervisor/clientset/versioned/fake/register.go index 762d1b95..7587d602 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/1.20/client/supervisor/clientset/versioned/fake/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/scheme/doc.go b/generated/1.20/client/supervisor/clientset/versioned/scheme/doc.go index 7d24c5d2..cc02f1d3 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/scheme/doc.go +++ b/generated/1.20/client/supervisor/clientset/versioned/scheme/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.20/client/supervisor/clientset/versioned/scheme/register.go index ba40f0f5..af0ed68f 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/1.20/client/supervisor/clientset/versioned/scheme/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index e553af9e..5baa9401 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index baa5fb7c..67628cf9 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go index 6fe43a56..9de7846a 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go index e06bf890..2f305afc 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index 116ba682..ba9c9173 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go index 2958cb14..f6211a02 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go index 27ace5a2..88501233 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go index ff95d783..d4d3a407 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go index 103c22db..08d95a64 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go index 76f9c967..6d6a9d6f 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go index a7fdb511..cbefaca4 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go index fa865322..4f735a3b 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go index 73a20836..5e46a947 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go index 67e638d3..61de4043 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/informers/externalversions/config/interface.go b/generated/1.20/client/supervisor/informers/externalversions/config/interface.go index b781ca57..6ee415f8 100644 --- a/generated/1.20/client/supervisor/informers/externalversions/config/interface.go +++ b/generated/1.20/client/supervisor/informers/externalversions/config/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go b/generated/1.20/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go index 565d5c5a..87e63727 100644 --- a/generated/1.20/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go +++ b/generated/1.20/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.20/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index 59a966ec..399bc958 100644 --- a/generated/1.20/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.20/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/informers/externalversions/factory.go b/generated/1.20/client/supervisor/informers/externalversions/factory.go index ba1c31e1..60395f1f 100644 --- a/generated/1.20/client/supervisor/informers/externalversions/factory.go +++ b/generated/1.20/client/supervisor/informers/externalversions/factory.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/informers/externalversions/generic.go b/generated/1.20/client/supervisor/informers/externalversions/generic.go index f8460123..0b11db8b 100644 --- a/generated/1.20/client/supervisor/informers/externalversions/generic.go +++ b/generated/1.20/client/supervisor/informers/externalversions/generic.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/informers/externalversions/idp/interface.go b/generated/1.20/client/supervisor/informers/externalversions/idp/interface.go index 3e6d2e3b..51b84c42 100644 --- a/generated/1.20/client/supervisor/informers/externalversions/idp/interface.go +++ b/generated/1.20/client/supervisor/informers/externalversions/idp/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.20/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go index 2d620294..3e19f791 100644 --- a/generated/1.20/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.20/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go b/generated/1.20/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go index 5bd81fac..27f17ac7 100644 --- a/generated/1.20/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go +++ b/generated/1.20/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go b/generated/1.20/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go index 9dfcfc5a..c6596179 100644 --- a/generated/1.20/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.20/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go b/generated/1.20/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go index e4f5db48..aed369f6 100644 --- a/generated/1.20/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.20/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.20/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go index 33848ad9..41dcbae7 100644 --- a/generated/1.20/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/1.20/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.20/client/supervisor/listers/config/v1alpha1/expansion_generated.go index 4fd0edbc..d59892c4 100644 --- a/generated/1.20/client/supervisor/listers/config/v1alpha1/expansion_generated.go +++ b/generated/1.20/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/listers/config/v1alpha1/federationdomain.go b/generated/1.20/client/supervisor/listers/config/v1alpha1/federationdomain.go index 494804ac..c22f3d30 100644 --- a/generated/1.20/client/supervisor/listers/config/v1alpha1/federationdomain.go +++ b/generated/1.20/client/supervisor/listers/config/v1alpha1/federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.20/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go index 7008d59a..5b5a8e92 100644 --- a/generated/1.20/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/1.20/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/listers/idp/v1alpha1/expansion_generated.go b/generated/1.20/client/supervisor/listers/idp/v1alpha1/expansion_generated.go index 7c625e80..d79cd0fe 100644 --- a/generated/1.20/client/supervisor/listers/idp/v1alpha1/expansion_generated.go +++ b/generated/1.20/client/supervisor/listers/idp/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go b/generated/1.20/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go index c8215897..89ef6366 100644 --- a/generated/1.20/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/1.20/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.20/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go b/generated/1.20/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go index 80278004..6a6ca822 100644 --- a/generated/1.20/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/1.20/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/1.21/README.adoc b/generated/1.21/README.adoc new file mode 100644 index 00000000..3036885a --- /dev/null +++ b/generated/1.21/README.adoc @@ -0,0 +1,1334 @@ +// Generated documentation. Please do not edit. +:anchor_prefix: k8s-api + +[id="{p}-api-reference"] +== API Reference + +.Packages +- xref:{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1[$$authentication.concierge.pinniped.dev/v1alpha1$$] +- xref:{anchor_prefix}-config-concierge-pinniped-dev-v1alpha1[$$config.concierge.pinniped.dev/v1alpha1$$] +- xref:{anchor_prefix}-config-supervisor-pinniped-dev-v1alpha1[$$config.supervisor.pinniped.dev/v1alpha1$$] +- xref:{anchor_prefix}-identity-concierge-pinniped-dev-identity[$$identity.concierge.pinniped.dev/identity$$] +- xref:{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1[$$identity.concierge.pinniped.dev/v1alpha1$$] +- xref:{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1[$$idp.supervisor.pinniped.dev/v1alpha1$$] +- xref:{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1[$$login.concierge.pinniped.dev/v1alpha1$$] + + +[id="{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1"] +=== authentication.concierge.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-condition"] +==== Condition + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) +| *`status`* __ConditionStatus__ | status of the condition, one of True, False, Unknown. +| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. +| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. +| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. +| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-conditionstatus"] +==== ConditionStatus (string) + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-jwtauthenticator"] +==== JWTAuthenticator + +JWTAuthenticator describes the configuration of a JWT authenticator. + Upon receiving a signed JWT, a JWTAuthenticator will performs some validation on it (e.g., valid signature, existence of claims, etc.) and extract the username and groups from the token. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-jwtauthenticatorlist[$$JWTAuthenticatorList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$]__ | Spec for configuring the authenticator. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$]__ | Status of the authenticator. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec"] +==== JWTAuthenticatorSpec + +Spec for configuring a JWT authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`issuer`* __string__ | Issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is also used to validate the "iss" JWT claim. +| *`audience`* __string__ | Audience is the required value of the "aud" JWT claim. +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$]__ | Claims allows customization of the claims that will be mapped to user identity for Kubernetes access. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for communicating with the OIDC provider. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus"] +==== JWTAuthenticatorStatus + +Status of a JWT authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-jwttokenclaims"] +==== JWTTokenClaims + +JWTTokenClaims allows customization of the claims that will be mapped to user identity for Kubernetes access. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`groups`* __string__ | Groups is the name of the claim which should be read to extract the user's group membership from the JWT token. When not specified, it will default to "groups". +| *`username`* __string__ | Username is the name of the claim which should be read to extract the username from the JWT token. When not specified, it will default to "username". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-tlsspec"] +==== TLSSpec + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-webhookauthenticator"] +==== WebhookAuthenticator + +WebhookAuthenticator describes the configuration of a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] +==== WebhookAuthenticatorSpec + +Spec for configuring a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`endpoint`* __string__ | Webhook server endpoint URL. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] +==== WebhookAuthenticatorStatus + +Status of a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +|=== + + + +[id="{anchor_prefix}-config-concierge-pinniped-dev-v1alpha1"] +=== config.concierge.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuer"] +==== CredentialIssuer + +CredentialIssuer describes the configuration and status of the Pinniped Concierge credential issuer. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$]__ | Spec describes the intended configuration of the Concierge. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | CredentialIssuerStatus describes the status of the Concierge. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerfrontend"] +==== CredentialIssuerFrontend + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __FrontendType__ | Type describes which frontend mechanism clients can use with a strategy. +| *`tokenCredentialRequestInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo[$$TokenCredentialRequestAPIInfo$$]__ | TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. This field is only set when Type is "TokenCredentialRequestAPI". +| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-impersonationproxyinfo[$$ImpersonationProxyInfo$$]__ | ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. This field is only set when Type is "ImpersonationProxy". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"] +==== CredentialIssuerKubeConfigInfo + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`server`* __string__ | The K8s API server URL. +| *`certificateAuthorityData`* __string__ | The K8s API server CA bundle. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerspec"] +==== CredentialIssuerSpec + +CredentialIssuerSpec describes the intended configuration of the Concierge. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`impersonationProxy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$]__ | ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerstatus"] +==== CredentialIssuerStatus + +CredentialIssuerStatus describes the status of the Concierge. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. +| *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. This field is deprecated and will be removed in a future version. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerstrategy"] +==== CredentialIssuerStrategy + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __StrategyType__ | Type of integration attempted. +| *`status`* __StrategyStatus__ | Status of the attempted integration strategy. +| *`reason`* __StrategyReason__ | Reason for the current status. +| *`message`* __string__ | Human-readable description of the current status. +| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#time-v1-meta[$$Time$$]__ | When the status was last checked. +| *`frontend`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$]__ | Frontend describes how clients can connect using this strategy. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-impersonationproxyinfo"] +==== ImpersonationProxyInfo + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`endpoint`* __string__ | Endpoint is the HTTPS endpoint of the impersonation proxy. +| *`certificateAuthorityData`* __string__ | CertificateAuthorityData is the base64-encoded PEM CA bundle of the impersonation proxy. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-impersonationproxymode"] +==== ImpersonationProxyMode (string) + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-impersonationproxyservicespec"] +==== ImpersonationProxyServiceSpec + +ImpersonationProxyServiceSpec describes how the Concierge should provision a Service to expose the impersonation proxy. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __ImpersonationProxyServiceType__ | Type specifies the type of Service to provision for the impersonation proxy. + If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. +| *`loadBalancerIP`* __string__ | LoadBalancerIP specifies the IP address to set in the spec.loadBalancerIP field of the provisioned Service. This is not supported on all cloud providers. +| *`annotations`* __object (keys:string, values:string)__ | Annotations specifies zero or more key/value pairs to set as annotations on the provisioned Service. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-impersonationproxyservicetype"] +==== ImpersonationProxyServiceType (string) + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-impersonationproxyspec"] +==== ImpersonationProxySpec + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`mode`* __ImpersonationProxyMode__ | Mode configures whether the impersonation proxy should be started: - "disabled" explicitly disables the impersonation proxy. This is the default. - "enabled" explicitly enables the impersonation proxy. - "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. +| *`service`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$]__ | Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. +| *`externalEndpoint`* __string__ | ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will be served using the external name of the LoadBalancer service or the cluster service DNS name. + This field must be non-empty when spec.impersonationProxy.service.type is "None". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo"] +==== TokenCredentialRequestAPIInfo + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`server`* __string__ | Server is the Kubernetes API server URL. +| *`certificateAuthorityData`* __string__ | CertificateAuthorityData is the base64-encoded Kubernetes API server CA bundle. +|=== + + + +[id="{anchor_prefix}-config-supervisor-pinniped-dev-v1alpha1"] +=== config.supervisor.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuration API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-federationdomain"] +==== FederationDomain + +FederationDomain describes the configuration of an OIDC provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-federationdomainlist[$$FederationDomainList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$]__ | Spec of the OIDC provider. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$]__ | Status of the OIDC provider. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-federationdomainsecrets"] +==== FederationDomainSecrets + +FederationDomainSecrets holds information about this OIDC Provider's secrets. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`jwks`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are stored. If it is empty, then the signing/verification keys are either unknown or they don't exist. +| *`tokenSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for signing tokens is stored. +| *`stateSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for signing state parameters is stored. +| *`stateEncryptionKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for encrypting state parameters is stored. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-federationdomainspec"] +==== FederationDomainSpec + +FederationDomainSpec is a struct that describes an OIDC Provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`issuer`* __string__ | Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the identifier that it will use for the iss claim in issued JWTs. This field will also be used as the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is https://example.com/foo, then your authorization endpoint will look like https://example.com/foo/some/path/to/auth/endpoint). + See https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-federationdomaintlsspec[$$FederationDomainTLSSpec$$]__ | TLS configures how this FederationDomain is served over Transport Layer Security (TLS). +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-federationdomainstatus"] +==== FederationDomainStatus + +FederationDomainStatus is a struct that describes the actual state of an OIDC Provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`status`* __FederationDomainStatusCondition__ | Status holds an enum that describes the state of this OIDC Provider. Note that this Status can represent success or failure. +| *`message`* __string__ | Message provides human-readable details about the Status. +| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#time-v1-meta[$$Time$$]__ | LastUpdateTime holds the time at which the Status was last updated. It is a pointer to get around some undesirable behavior with respect to the empty metav1.Time value (see https://github.com/kubernetes/kubernetes/issues/86811). +| *`secrets`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-federationdomainsecrets[$$FederationDomainSecrets$$]__ | Secrets contains information about this OIDC Provider's secrets. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-federationdomaintlsspec"] +==== FederationDomainTLSSpec + +FederationDomainTLSSpec is a struct that describes the TLS configuration for an OIDC Provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`secretName`* __string__ | SecretName is an optional name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains the TLS serving certificate for the HTTPS endpoints served by this FederationDomain. When provided, the TLS Secret named here must contain keys named `tls.crt` and `tls.key` that contain the certificate and private key to use for TLS. + Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) supported by all major browsers. + SecretName is required if you would like to use different TLS certificates for issuers of different hostnames. SNI requests do not include port numbers, so all issuers with the same DNS hostname must use the same SecretName value even if they have different port numbers. + SecretName is not required when you would like to use only the HTTP endpoints (e.g. when terminating TLS at an Ingress). It is also not required when you would like all requests to this OIDC Provider's HTTPS endpoints to use the default TLS certificate, which is configured elsewhere. + When your Issuer URL's host is an IP address, then this field is ignored. SNI does not work for IP addresses. +|=== + + + +[id="{anchor_prefix}-identity-concierge-pinniped-dev-identity"] +=== identity.concierge.pinniped.dev/identity + +Package identity is the internal version of the Pinniped identity API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-extravalue"] +==== ExtraValue + +ExtraValue masks the value so protobuf can generate + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-userinfo[$$UserInfo$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-kubernetesuserinfo"] +==== KubernetesUserInfo + +KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. Copied from the Kubernetes token review API. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`User`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. +| *`Audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-userinfo"] +==== UserInfo + +UserInfo holds the information about the user needed to implement the user.Info interface. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`Username`* __string__ | The name that uniquely identifies this user among all active users. +| *`UID`* __string__ | A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs. +| *`Groups`* __string array__ | The names of groups this user is a part of. +| *`Extra`* __object (keys:string, values:string array)__ | Any additional information provided by the authenticator. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-whoamirequest"] +==== WhoAmIRequest + +WhoAmIRequest submits a request to echo back the current authenticated user. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-whoamirequestlist[$$WhoAmIRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#objectmeta-v1-meta[$$ObjectMeta$$]__ | +| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | +| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | +|=== + + + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-whoamirequeststatus"] +==== WhoAmIRequestStatus + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`KubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. +|=== + + + +[id="{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1"] +=== identity.concierge.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-v1alpha1-extravalue"] +==== ExtraValue + +ExtraValue masks the value so protobuf can generate + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-v1alpha1-kubernetesuserinfo"] +==== KubernetesUserInfo + +KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. Copied from the Kubernetes token review API. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`user`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. +| *`audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-v1alpha1-userinfo"] +==== UserInfo + +UserInfo holds the information about the user needed to implement the user.Info interface. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`username`* __string__ | The name that uniquely identifies this user among all active users. +| *`uid`* __string__ | A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs. +| *`groups`* __string array__ | The names of groups this user is a part of. +| *`extra`* __object (keys:string, values:string array)__ | Any additional information provided by the authenticator. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-v1alpha1-whoamirequest"] +==== WhoAmIRequest + +WhoAmIRequest submits a request to echo back the current authenticated user. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-v1alpha1-whoamirequestlist[$$WhoAmIRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-v1alpha1-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | +|=== + + + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-v1alpha1-whoamirequeststatus"] +==== WhoAmIRequestStatus + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`kubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. +|=== + + + +[id="{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1"] +=== idp.supervisor.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor identity provider (IDP) API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider"] +==== ActiveDirectoryIdentityProvider + +ActiveDirectoryIdentityProvider describes the configuration of an upstream Microsoft Active Directory identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderlist[$$ActiveDirectoryIdentityProviderList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$]__ | Spec for configuring the identity provider. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$]__ | Status of the identity provider. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind"] +==== ActiveDirectoryIdentityProviderBind + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the username and password for an Active Directory bind user. This account will be used to perform LDAP searches. The Secret should be of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". The password must be non-empty. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch"] +==== ActiveDirectoryIdentityProviderGroupSearch + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. "ou=groups,dc=example,dc=com". Optional, when not specified it will be based on the result of a query for the defaultNamingContext (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). The default behavior searches your entire domain for groups. It may make sense to specify a subtree as a search base if you wish to exclude some groups for security reasons or to make searches faster. +| *`filter`* __string__ | Filter is the ActiveDirectory search filter which should be applied when searching for groups for a user. The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the dn (distinguished name) of the user entry found as a result of the user search. E.g. "member={}" or "&(objectClass=groupOfNames)(member={})". For more information about ActiveDirectory filters, see https://ldap.com/ldap-filters. Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. Optional. When not specified, the default will act as if the filter were specified as "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={})". This searches nested groups by default. Note that nested group search can be slow for some Active Directory servers. To disable it, you can set the filter to "(&(objectClass=group)(member={})" +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes[$$ActiveDirectoryIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as the result of the group search. +| *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor to obtain new credentials (as their old credentials expire). This allows group membership changes to be quickly reflected into Kubernetes clusters. Since group membership is often used to bind authorization policies, it is important to keep the groups observed in Kubernetes clusters in-sync with the identity provider. + In some environments, frequent group membership queries may result in a significant performance impact on the identity provider and/or the supervisor. The best approach to handle performance impacts is to tweak the group query to be more performant, for example by disabling nested group search or by using a more targeted group search base. + If the group search query cannot be made performant and you are willing to have group memberships remain static for approximately a day, then set skipGroupRefresh to true. This is an insecure configuration as authorization policies that are bound to group membership will not notice if a user has been removed from a particular group until their next login. + This is an experimental feature that may be removed or significantly altered in the future. Consumers of this configuration should carefully read all release notes before upgrading to ensure that the meaning of this field has not changed. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes"] +==== ActiveDirectoryIdentityProviderGroupSearchAttributes + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`groupName`* __string__ | GroupName specifies the name of the attribute in the Active Directory entries whose value shall become a group name in the user's list of groups after a successful authentication. The value of this field is case-sensitive and must match the case of the attribute name returned by the ActiveDirectory server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". Optional. When not specified, this defaults to a custom field that looks like "sAMAccountName@domain", where domain is constructed from the domain components of the group DN. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec"] +==== ActiveDirectoryIdentityProviderSpec + +Spec for configuring an ActiveDirectory identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`host`* __string__ | Host is the hostname of this Active Directory identity provider, i.e., where to connect. For example: ldap.example.com:636. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. +| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind[$$ActiveDirectoryIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. +| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in Active Directory. +| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus"] +==== ActiveDirectoryIdentityProviderStatus + +Status of an Active Directory identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`phase`* __ActiveDirectoryIdentityProviderPhase__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch"] +==== ActiveDirectoryIdentityProviderUserSearch + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for users. E.g. "ou=users,dc=example,dc=com". Optional, when not specified it will be based on the result of a query for the defaultNamingContext (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). The default behavior searches your entire domain for users. It may make sense to specify a subtree as a search base if you wish to exclude some users or to make searches faster. +| *`filter`* __string__ | Filter is the search filter which should be applied when searching for users. The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the username for which the search is being run. E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see https://ldap.com/ldap-filters. Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. Optional. When not specified, the default will be '(&(objectClass=person)(!(objectClass=computer))(!(showInAdvancedViewOnly=TRUE))(|(sAMAccountName={}")(mail={})(userPrincipalName={})(sAMAccountType=805306368))' This means that the user is a person, is not a computer, the sAMAccountType is for a normal user account, and is not shown in advanced view only (which would likely mean its a system created service account with advanced permissions). Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes[$$ActiveDirectoryIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as the result of the user search. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes"] +==== ActiveDirectoryIdentityProviderUserSearchAttributes + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`username`* __string__ | Username specifies the name of the attribute in Active Directory entry whose value shall become the username of the user after a successful authentication. Optional, when empty this defaults to "userPrincipalName". +| *`uid`* __string__ | UID specifies the name of the attribute in the ActiveDirectory entry which whose value shall be used to uniquely identify the user within this ActiveDirectory provider after a successful authentication. Optional, when empty this defaults to "objectGUID". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-condition"] +==== Condition + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) +| *`status`* __ConditionStatus__ | status of the condition, one of True, False, Unknown. +| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. +| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. +| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. +| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-conditionstatus"] +==== ConditionStatus (string) + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] +==== LDAPIdentityProvider + +LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access Protocol (LDAP) identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderlist[$$LDAPIdentityProviderList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$]__ | Spec for configuring the identity provider. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$]__ | Status of the identity provider. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind"] +==== LDAPIdentityProviderBind + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the username and password for an LDAP bind user. This account will be used to perform LDAP searches. The Secret should be of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". The password must be non-empty. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch"] +==== LDAPIdentityProviderGroupSearch + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. "ou=groups,dc=example,dc=com". When not specified, no group search will be performed and authenticated users will not belong to any groups from the LDAP provider. Also, when not specified, the values of Filter and Attributes are ignored. +| *`filter`* __string__ | Filter is the LDAP search filter which should be applied when searching for groups for a user. The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the dn (distinguished name) of the user entry found as a result of the user search. E.g. "member={}" or "&(objectClass=groupOfNames)(member={})". For more information about LDAP filters, see https://ldap.com/ldap-filters. Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. Optional. When not specified, the default will act as if the Filter were specified as "member={}". +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes[$$LDAPIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each LDAP entry which was found as the result of the group search. +| *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor to obtain new credentials (as their old credentials expire). This allows group membership changes to be quickly reflected into Kubernetes clusters. Since group membership is often used to bind authorization policies, it is important to keep the groups observed in Kubernetes clusters in-sync with the identity provider. + In some environments, frequent group membership queries may result in a significant performance impact on the identity provider and/or the supervisor. The best approach to handle performance impacts is to tweak the group query to be more performant, for example by disabling nested group search or by using a more targeted group search base. + If the group search query cannot be made performant and you are willing to have group memberships remain static for approximately a day, then set skipGroupRefresh to true. This is an insecure configuration as authorization policies that are bound to group membership will not notice if a user has been removed from a particular group until their next login. + This is an experimental feature that may be removed or significantly altered in the future. Consumers of this configuration should carefully read all release notes before upgrading to ensure that the meaning of this field has not changed. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes"] +==== LDAPIdentityProviderGroupSearchAttributes + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`groupName`* __string__ | GroupName specifies the name of the attribute in the LDAP entries whose value shall become a group name in the user's list of groups after a successful authentication. The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". Optional. When not specified, the default will act as if the GroupName were specified as "dn" (distinguished name). +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec"] +==== LDAPIdentityProviderSpec + +Spec for configuring an LDAP identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`host`* __string__ | Host is the hostname of this LDAP identity provider, i.e., where to connect. For example: ldap.example.com:636. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. +| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind[$$LDAPIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. +| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in the LDAP provider. +| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus"] +==== LDAPIdentityProviderStatus + +Status of an LDAP identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`phase`* __LDAPIdentityProviderPhase__ | Phase summarizes the overall status of the LDAPIdentityProvider. +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch"] +==== LDAPIdentityProviderUserSearch + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for users. E.g. "ou=users,dc=example,dc=com". +| *`filter`* __string__ | Filter is the LDAP search filter which should be applied when searching for users. The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the username for which the search is being run. E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see https://ldap.com/ldap-filters. Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. Optional. When not specified, the default will act as if the Filter were specified as the value from Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be explicitly specified, since the default value of "dn={}" would not work. +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes[$$LDAPIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the LDAP entry which was found as the result of the user search. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes"] +==== LDAPIdentityProviderUserSearchAttributes + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`username`* __string__ | Username specifies the name of the attribute in the LDAP entry whose value shall become the username of the user after a successful authentication. This would typically be the same attribute name used in the user search filter, although it can be different. E.g. "mail" or "uid" or "userPrincipalName". The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP server in the user's entry. Distinguished names can be used by specifying lower-case "dn". When this field is set to "dn" then the LDAPIdentityProviderUserSearch's Filter field cannot be blank, since the default value of "dn={}" would not work. +| *`uid`* __string__ | UID specifies the name of the attribute in the LDAP entry which whose value shall be used to uniquely identify the user within this LDAP provider after a successful authentication. E.g. "uidNumber" or "objectGUID". The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP server in the user's entry. Distinguished names can be used by specifying lower-case "dn". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig"] +==== OIDCAuthorizationConfig + +OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization request parameters. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`additionalScopes`* __string array__ | additionalScopes are the additional scopes that will be requested from your OIDC provider in the authorization request during an OIDC Authorization Code Flow and in the token request during a Resource Owner Password Credentials Grant. Note that the "openid" scope will always be requested regardless of the value in this setting, since it is always required according to the OIDC spec. By default, when this field is not set, the Supervisor will request the following scopes: "openid", "offline_access", "email", and "profile". See https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims for a description of the "profile" and "email" scopes. See https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess for a description of the "offline_access" scope. This default value may change in future versions of Pinniped as the standard evolves, or as common patterns used by providers who implement the standard in the ecosystem evolve. By setting this list to anything other than an empty list, you are overriding the default value, so you may wish to include some of "offline_access", "email", and "profile" in your override list. If you do not want any of these scopes to be requested, you may set this list to contain only "openid". Some OIDC providers may also require a scope to get access to the user's group membership, in which case you may wish to include it in this list. Sometimes the scope to request the user's group membership is called "groups", but unfortunately this is not specified in the OIDC standard. Generally speaking, you should include any scopes required to cause the appropriate claims to be the returned by your OIDC provider in the ID token or userinfo endpoint results for those claims which you would like to use in the oidcClaims settings to determine the usernames and group memberships of your Kubernetes users. See your OIDC provider's documentation for more information about what scopes are available to request claims. Additionally, the Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the Supervisor from these authorization flows. For most OIDC providers, the scope required to receive refresh tokens will be "offline_access". See the documentation of your OIDC provider's authorization and token endpoints for its requirements for what to include in the request in order to receive a refresh token in the response, if anything. Note that it may be safe to send "offline_access" even to providers which do not require it, since the provider may ignore scopes that it does not understand or require (see https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the "offline_access" scope, then you must override the default value of this setting. This is required if your OIDC provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). +| *`additionalAuthorizeParameters`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-parameter[$$Parameter$$] array__ | additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", "state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be included in this setting. Additionally, the "hd" parameter cannot be included in this setting at this time. The "hd" parameter is used by Google's OIDC provider to provide a hint as to which "hosted domain" the user should use during login. However, Pinniped does not yet support validating the hosted domain in the resulting ID token, so it is not yet safe to use this feature of Google's OIDC provider with Pinniped. This setting does not influence the parameters sent to the token endpoint in the Resource Owner Password Credentials Grant. The Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the Supervisor from the authorization flows. Some OIDC providers may require a certain value for the "prompt" parameter in order to properly request refresh tokens. See the documentation of your OIDC provider's authorization endpoint for its requirements for what to include in the request in order to receive a refresh token in the response, if anything. If your provider requires the prompt parameter to request a refresh token, then include it here. Also note that most providers also require a certain scope to be requested in order to receive refresh tokens. See the additionalScopes setting for more information about using scopes to request refresh tokens. +| *`allowPasswordGrant`* __boolean__ | allowPasswordGrant, when true, will allow the use of OAuth 2.0's Resource Owner Password Credentials Grant (see https://datatracker.ietf.org/doc/html/rfc6749#section-4.3) to authenticate to the OIDC provider using a username and password without a web browser, in addition to the usual browser-based OIDC Authorization Code Flow. The Resource Owner Password Credentials Grant is not officially part of the OIDC specification, so it may not be supported by your OIDC provider. If your OIDC provider supports returning ID tokens from a Resource Owner Password Credentials Grant token request, then you can choose to set this field to true. This will allow end users to choose to present their username and password to the kubectl CLI (using the Pinniped plugin) to authenticate to the cluster, without using a web browser to log in as is customary in OIDC Authorization Code Flow. This may be convenient for users, especially for identities from your OIDC provider which are not intended to represent a human actor, such as service accounts performing actions in a CI/CD environment. Even if your OIDC provider supports it, you may wish to disable this behavior by setting this field to false when you prefer to only allow users of this OIDCIdentityProvider to log in via the browser-based OIDC Authorization Code Flow. Using the Resource Owner Password Credentials Grant means that the Pinniped CLI and Pinniped Supervisor will directly handle your end users' passwords (similar to LDAPIdentityProvider), and you will not be able to require multi-factor authentication or use the other web-based login features of your OIDC provider during Resource Owner Password Credentials Grant logins. allowPasswordGrant defaults to false. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcclaims"] +==== OIDCClaims + +OIDCClaims provides a mapping from upstream claims into identities. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`groups`* __string__ | Groups provides the name of the ID token claim or userinfo endpoint response claim that will be used to ascertain the groups to which an identity belongs. By default, the identities will not include any group memberships when this setting is not configured. +| *`username`* __string__ | Username provides the name of the ID token claim or userinfo endpoint response claim that will be used to ascertain an identity's username. When not set, the username will be an automatically constructed unique string which will include the issuer URL of your OIDC provider along with the value of the "sub" (subject) claim from the ID token. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcclient"] +==== OIDCClient + +OIDCClient contains information about an OIDC client (e.g., client ID and client secret). + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the clientID and clientSecret for an OIDC client. If only the SecretName is specified in an OIDCClient struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oidc-client" with keys "clientID" and "clientSecret". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcidentityprovider"] +==== OIDCIdentityProvider + +OIDCIdentityProvider describes the configuration of an upstream OpenID Connect identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcidentityproviderlist[$$OIDCIdentityProviderList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$]__ | Spec for configuring the identity provider. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$]__ | Status of the identity provider. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec"] +==== OIDCIdentityProviderSpec + +OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`issuer`* __string__ | Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch /.well-known/openid-configuration. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for discovery/JWKS requests to the issuer. +| *`authorizationConfig`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$]__ | AuthorizationConfig holds information about how to form the OAuth2 authorization request parameters to be used with this OIDC identity provider. +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcclaims[$$OIDCClaims$$]__ | Claims provides the names of token claims that will be used when inspecting an identity from this OIDC identity provider. +| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcclient[$$OIDCClient$$]__ | OIDCClient contains OIDC client information to be used used with this OIDC identity provider. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus"] +==== OIDCIdentityProviderStatus + +OIDCIdentityProviderStatus is the status of an OIDC identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`phase`* __OIDCIdentityProviderPhase__ | Phase summarizes the overall status of the OIDCIdentityProvider. +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-parameter"] +==== Parameter + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`name`* __string__ | The name of the parameter. Required. +| *`value`* __string__ | The value of the parameter. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-tlsspec"] +==== TLSSpec + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. +|=== + + + +[id="{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1"] +=== login.concierge.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped login API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-login-v1alpha1-clustercredential"] +==== ClusterCredential + +ClusterCredential is the cluster-specific credential returned on a successful credential request. It contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`expirationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#time-v1-meta[$$Time$$]__ | ExpirationTimestamp indicates a time when the provided credentials expire. +| *`token`* __string__ | Token is a bearer token used by the client for request authentication. +| *`clientCertificateData`* __string__ | PEM-encoded client TLS certificates (including intermediates, if any). +| *`clientKeyData`* __string__ | PEM-encoded private key for the above certificate. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-login-v1alpha1-tokencredentialrequest"] +==== TokenCredentialRequest + +TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-login-v1alpha1-tokencredentialrequestlist[$$TokenCredentialRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-login-v1alpha1-tokencredentialrequestspec[$$TokenCredentialRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$]__ | +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-login-v1alpha1-tokencredentialrequestspec"] +==== TokenCredentialRequestSpec + +TokenCredentialRequestSpec is the specification of a TokenCredentialRequest, expected on requests to the Pinniped API. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`token`* __string__ | Bearer token supplied with the credential request. +| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-login-v1alpha1-tokencredentialrequeststatus"] +==== TokenCredentialRequestStatus + +TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`credential`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-concierge-login-v1alpha1-clustercredential[$$ClusterCredential$$]__ | A Credential will be returned for a successful credential request. +| *`message`* __string__ | An error message will be returned for an unsuccessful credential request. +|=== + + diff --git a/generated/1.21/apis/concierge/authentication/v1alpha1/doc.go b/generated/1.21/apis/concierge/authentication/v1alpha1/doc.go new file mode 100644 index 00000000..d00d3ba6 --- /dev/null +++ b/generated/1.21/apis/concierge/authentication/v1alpha1/doc.go @@ -0,0 +1,10 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:defaulter-gen=TypeMeta +// +groupName=authentication.concierge.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. +package v1alpha1 diff --git a/generated/1.21/apis/concierge/authentication/v1alpha1/register.go b/generated/1.21/apis/concierge/authentication/v1alpha1/register.go new file mode 100644 index 00000000..f58039e4 --- /dev/null +++ b/generated/1.21/apis/concierge/authentication/v1alpha1/register.go @@ -0,0 +1,45 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "authentication.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &WebhookAuthenticator{}, + &WebhookAuthenticatorList{}, + &JWTAuthenticator{}, + &JWTAuthenticatorList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.21/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.21/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go new file mode 100644 index 00000000..a8596b22 --- /dev/null +++ b/generated/1.21/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -0,0 +1,85 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// Status of a JWT authenticator. +type JWTAuthenticatorStatus struct { + // Represents the observations of the authenticator's current state. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} + +// Spec for configuring a JWT authenticator. +type JWTAuthenticatorSpec struct { + // Issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is + // also used to validate the "iss" JWT claim. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://` + Issuer string `json:"issuer"` + + // Audience is the required value of the "aud" JWT claim. + // +kubebuilder:validation:MinLength=1 + Audience string `json:"audience"` + + // Claims allows customization of the claims that will be mapped to user identity + // for Kubernetes access. + // +optional + Claims JWTTokenClaims `json:"claims"` + + // TLS configuration for communicating with the OIDC provider. + // +optional + TLS *TLSSpec `json:"tls,omitempty"` +} + +// JWTTokenClaims allows customization of the claims that will be mapped to user identity +// for Kubernetes access. +type JWTTokenClaims struct { + // Groups is the name of the claim which should be read to extract the user's + // group membership from the JWT token. When not specified, it will default to "groups". + // +optional + Groups string `json:"groups"` + + // Username is the name of the claim which should be read to extract the + // username from the JWT token. When not specified, it will default to "username". + // +optional + Username string `json:"username"` +} + +// JWTAuthenticator describes the configuration of a JWT authenticator. +// +// Upon receiving a signed JWT, a JWTAuthenticator will performs some validation on it (e.g., valid +// signature, existence of claims, etc.) and extract the username and groups from the token. +// +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped;pinniped-authenticator;pinniped-authenticators,scope=Cluster +// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer` +// +kubebuilder:printcolumn:name="Audience",type=string,JSONPath=`.spec.audience` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type JWTAuthenticator struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec for configuring the authenticator. + Spec JWTAuthenticatorSpec `json:"spec"` + + // Status of the authenticator. + Status JWTAuthenticatorStatus `json:"status,omitempty"` +} + +// List of JWTAuthenticator objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type JWTAuthenticatorList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []JWTAuthenticator `json:"items"` +} diff --git a/generated/1.21/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/1.21/apis/concierge/authentication/v1alpha1/types_meta.go new file mode 100644 index 00000000..76a7d547 --- /dev/null +++ b/generated/1.21/apis/concierge/authentication/v1alpha1/types_meta.go @@ -0,0 +1,75 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// ConditionStatus is effectively an enum type for Condition.Status. +type ConditionStatus string + +// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. +// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes +// can't decide if a resource is in the condition or not. In the future, we could add other +// intermediate conditions, e.g. ConditionDegraded. +const ( + ConditionTrue ConditionStatus = "True" + ConditionFalse ConditionStatus = "False" + ConditionUnknown ConditionStatus = "Unknown" +) + +// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API +// version we can switch to using the upstream type. +// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. +type Condition struct { + // type of condition in CamelCase or in foo.example.com/CamelCase. + // --- + // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + // useful (see .node.status.conditions), the ability to deconflict is important. + // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` + // +kubebuilder:validation:MaxLength=316 + Type string `json:"type"` + + // status of the condition, one of True, False, Unknown. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Enum=True;False;Unknown + Status ConditionStatus `json:"status"` + + // observedGeneration represents the .metadata.generation that the condition was set based upon. + // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + // with respect to the current state of the instance. + // +optional + // +kubebuilder:validation:Minimum=0 + ObservedGeneration int64 `json:"observedGeneration,omitempty"` + + // lastTransitionTime is the last time the condition transitioned from one status to another. + // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Type=string + // +kubebuilder:validation:Format=date-time + LastTransitionTime metav1.Time `json:"lastTransitionTime"` + + // reason contains a programmatic identifier indicating the reason for the condition's last transition. + // Producers of specific condition types may define expected values and meanings for this field, + // and whether the values are considered a guaranteed API. + // The value should be a CamelCase string. + // This field may not be empty. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:MaxLength=1024 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` + Reason string `json:"reason"` + + // message is a human readable message indicating details about the transition. + // This may be an empty string. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:MaxLength=32768 + Message string `json:"message"` +} diff --git a/generated/1.21/apis/concierge/authentication/v1alpha1/types_tls.go b/generated/1.21/apis/concierge/authentication/v1alpha1/types_tls.go new file mode 100644 index 00000000..12231665 --- /dev/null +++ b/generated/1.21/apis/concierge/authentication/v1alpha1/types_tls.go @@ -0,0 +1,11 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +// Configuration for configuring TLS on various authenticators. +type TLSSpec struct { + // X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + // +optional + CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` +} diff --git a/generated/1.21/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.21/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go new file mode 100644 index 00000000..77b1e045 --- /dev/null +++ b/generated/1.21/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -0,0 +1,56 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// Status of a webhook authenticator. +type WebhookAuthenticatorStatus struct { + // Represents the observations of the authenticator's current state. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} + +// Spec for configuring a webhook authenticator. +type WebhookAuthenticatorSpec struct { + // Webhook server endpoint URL. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://` + Endpoint string `json:"endpoint"` + + // TLS configuration. + // +optional + TLS *TLSSpec `json:"tls,omitempty"` +} + +// WebhookAuthenticator describes the configuration of a webhook authenticator. +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped;pinniped-authenticator;pinniped-authenticators,scope=Cluster +// +kubebuilder:printcolumn:name="Endpoint",type=string,JSONPath=`.spec.endpoint` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type WebhookAuthenticator struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec for configuring the authenticator. + Spec WebhookAuthenticatorSpec `json:"spec"` + + // Status of the authenticator. + Status WebhookAuthenticatorStatus `json:"status,omitempty"` +} + +// List of WebhookAuthenticator objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type WebhookAuthenticatorList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []WebhookAuthenticator `json:"items"` +} diff --git a/generated/1.21/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.21/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..883959bf --- /dev/null +++ b/generated/1.21/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,273 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Condition) DeepCopyInto(out *Condition) { + *out = *in + in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. +func (in *Condition) DeepCopy() *Condition { + if in == nil { + return nil + } + out := new(Condition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWTAuthenticator) DeepCopyInto(out *JWTAuthenticator) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticator. +func (in *JWTAuthenticator) DeepCopy() *JWTAuthenticator { + if in == nil { + return nil + } + out := new(JWTAuthenticator) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *JWTAuthenticator) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWTAuthenticatorList) DeepCopyInto(out *JWTAuthenticatorList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]JWTAuthenticator, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorList. +func (in *JWTAuthenticatorList) DeepCopy() *JWTAuthenticatorList { + if in == nil { + return nil + } + out := new(JWTAuthenticatorList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *JWTAuthenticatorList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWTAuthenticatorSpec) DeepCopyInto(out *JWTAuthenticatorSpec) { + *out = *in + out.Claims = in.Claims + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(TLSSpec) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorSpec. +func (in *JWTAuthenticatorSpec) DeepCopy() *JWTAuthenticatorSpec { + if in == nil { + return nil + } + out := new(JWTAuthenticatorSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWTAuthenticatorStatus) DeepCopyInto(out *JWTAuthenticatorStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorStatus. +func (in *JWTAuthenticatorStatus) DeepCopy() *JWTAuthenticatorStatus { + if in == nil { + return nil + } + out := new(JWTAuthenticatorStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWTTokenClaims) DeepCopyInto(out *JWTTokenClaims) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTTokenClaims. +func (in *JWTTokenClaims) DeepCopy() *JWTTokenClaims { + if in == nil { + return nil + } + out := new(JWTTokenClaims) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSSpec) DeepCopyInto(out *TLSSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSSpec. +func (in *TLSSpec) DeepCopy() *TLSSpec { + if in == nil { + return nil + } + out := new(TLSSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookAuthenticator) DeepCopyInto(out *WebhookAuthenticator) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticator. +func (in *WebhookAuthenticator) DeepCopy() *WebhookAuthenticator { + if in == nil { + return nil + } + out := new(WebhookAuthenticator) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WebhookAuthenticator) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookAuthenticatorList) DeepCopyInto(out *WebhookAuthenticatorList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]WebhookAuthenticator, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorList. +func (in *WebhookAuthenticatorList) DeepCopy() *WebhookAuthenticatorList { + if in == nil { + return nil + } + out := new(WebhookAuthenticatorList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WebhookAuthenticatorList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookAuthenticatorSpec) DeepCopyInto(out *WebhookAuthenticatorSpec) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(TLSSpec) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorSpec. +func (in *WebhookAuthenticatorSpec) DeepCopy() *WebhookAuthenticatorSpec { + if in == nil { + return nil + } + out := new(WebhookAuthenticatorSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorStatus. +func (in *WebhookAuthenticatorStatus) DeepCopy() *WebhookAuthenticatorStatus { + if in == nil { + return nil + } + out := new(WebhookAuthenticatorStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.21/apis/concierge/config/v1alpha1/doc.go b/generated/1.21/apis/concierge/config/v1alpha1/doc.go new file mode 100644 index 00000000..97b2f212 --- /dev/null +++ b/generated/1.21/apis/concierge/config/v1alpha1/doc.go @@ -0,0 +1,10 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:defaulter-gen=TypeMeta +// +groupName=config.concierge.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration API. +package v1alpha1 diff --git a/generated/1.21/apis/concierge/config/v1alpha1/register.go b/generated/1.21/apis/concierge/config/v1alpha1/register.go new file mode 100644 index 00000000..8d799898 --- /dev/null +++ b/generated/1.21/apis/concierge/config/v1alpha1/register.go @@ -0,0 +1,43 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "config.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &CredentialIssuer{}, + &CredentialIssuerList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.21/apis/concierge/config/v1alpha1/types_credentialissuer.go b/generated/1.21/apis/concierge/config/v1alpha1/types_credentialissuer.go new file mode 100644 index 00000000..d1cb160b --- /dev/null +++ b/generated/1.21/apis/concierge/config/v1alpha1/types_credentialissuer.go @@ -0,0 +1,244 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// StrategyType enumerates a type of "strategy" used to implement credential access on a cluster. +// +kubebuilder:validation:Enum=KubeClusterSigningCertificate;ImpersonationProxy +type StrategyType string + +// FrontendType enumerates a type of "frontend" used to provide access to users of a cluster. +// +kubebuilder:validation:Enum=TokenCredentialRequestAPI;ImpersonationProxy +type FrontendType string + +// StrategyStatus enumerates whether a strategy is working on a cluster. +// +kubebuilder:validation:Enum=Success;Error +type StrategyStatus string + +// StrategyReason enumerates the detailed reason why a strategy is in a particular status. +// +kubebuilder:validation:Enum=Listening;Pending;Disabled;ErrorDuringSetup;CouldNotFetchKey;CouldNotGetClusterInfo;FetchedKey +type StrategyReason string + +const ( + KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate") + ImpersonationProxyStrategyType = StrategyType("ImpersonationProxy") + + TokenCredentialRequestAPIFrontendType = FrontendType("TokenCredentialRequestAPI") + ImpersonationProxyFrontendType = FrontendType("ImpersonationProxy") + + SuccessStrategyStatus = StrategyStatus("Success") + ErrorStrategyStatus = StrategyStatus("Error") + + ListeningStrategyReason = StrategyReason("Listening") + PendingStrategyReason = StrategyReason("Pending") + DisabledStrategyReason = StrategyReason("Disabled") + ErrorDuringSetupStrategyReason = StrategyReason("ErrorDuringSetup") + CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey") + CouldNotGetClusterInfoStrategyReason = StrategyReason("CouldNotGetClusterInfo") + FetchedKeyStrategyReason = StrategyReason("FetchedKey") +) + +// CredentialIssuerSpec describes the intended configuration of the Concierge. +type CredentialIssuerSpec struct { + // ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. + ImpersonationProxy *ImpersonationProxySpec `json:"impersonationProxy"` +} + +// ImpersonationProxyMode enumerates the configuration modes for the impersonation proxy. +// +// +kubebuilder:validation:Enum=auto;enabled;disabled +type ImpersonationProxyMode string + +const ( + // ImpersonationProxyModeDisabled explicitly disables the impersonation proxy. + ImpersonationProxyModeDisabled = ImpersonationProxyMode("disabled") + + // ImpersonationProxyModeEnabled explicitly enables the impersonation proxy. + ImpersonationProxyModeEnabled = ImpersonationProxyMode("enabled") + + // ImpersonationProxyModeAuto enables or disables the impersonation proxy based upon the cluster in which it is running. + ImpersonationProxyModeAuto = ImpersonationProxyMode("auto") +) + +// ImpersonationProxyServiceType enumerates the types of service that can be provisioned for the impersonation proxy. +// +// +kubebuilder:validation:Enum=LoadBalancer;ClusterIP;None +type ImpersonationProxyServiceType string + +const ( + // ImpersonationProxyServiceTypeLoadBalancer provisions a service of type LoadBalancer. + ImpersonationProxyServiceTypeLoadBalancer = ImpersonationProxyServiceType("LoadBalancer") + + // ImpersonationProxyServiceTypeClusterIP provisions a service of type ClusterIP. + ImpersonationProxyServiceTypeClusterIP = ImpersonationProxyServiceType("ClusterIP") + + // ImpersonationProxyServiceTypeNone does not automatically provision any service. + ImpersonationProxyServiceTypeNone = ImpersonationProxyServiceType("None") +) + +// ImpersonationProxySpec describes the intended configuration of the Concierge impersonation proxy. +type ImpersonationProxySpec struct { + // Mode configures whether the impersonation proxy should be started: + // - "disabled" explicitly disables the impersonation proxy. This is the default. + // - "enabled" explicitly enables the impersonation proxy. + // - "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. + Mode ImpersonationProxyMode `json:"mode"` + + // Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. + // + // +kubebuilder:default:={"type": "LoadBalancer"} + Service ImpersonationProxyServiceSpec `json:"service"` + + // ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will + // be served using the external name of the LoadBalancer service or the cluster service DNS name. + // + // This field must be non-empty when spec.impersonationProxy.service.type is "None". + // + // +optional + ExternalEndpoint string `json:"externalEndpoint,omitempty"` +} + +// ImpersonationProxyServiceSpec describes how the Concierge should provision a Service to expose the impersonation proxy. +type ImpersonationProxyServiceSpec struct { + // Type specifies the type of Service to provision for the impersonation proxy. + // + // If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty + // value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. + // + // +kubebuilder:default:="LoadBalancer" + Type ImpersonationProxyServiceType `json:"type,omitempty"` + + // LoadBalancerIP specifies the IP address to set in the spec.loadBalancerIP field of the provisioned Service. + // This is not supported on all cloud providers. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=255 + // +optional + LoadBalancerIP string `json:"loadBalancerIP,omitempty"` + + // Annotations specifies zero or more key/value pairs to set as annotations on the provisioned Service. + // + // +optional + Annotations map[string]string `json:"annotations,omitempty"` +} + +// CredentialIssuerStatus describes the status of the Concierge. +type CredentialIssuerStatus struct { + // List of integration strategies that were attempted by Pinniped. + Strategies []CredentialIssuerStrategy `json:"strategies"` + + // Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. + // This field is deprecated and will be removed in a future version. + // +optional + KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"` +} + +// CredentialIssuerKubeConfigInfo provides the information needed to form a valid Pinniped-based kubeconfig using this credential issuer. +// This type is deprecated and will be removed in a future version. +type CredentialIssuerKubeConfigInfo struct { + // The K8s API server URL. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://|^http://` + Server string `json:"server"` + + // The K8s API server CA bundle. + // +kubebuilder:validation:MinLength=1 + CertificateAuthorityData string `json:"certificateAuthorityData"` +} + +// CredentialIssuerStrategy describes the status of an integration strategy that was attempted by Pinniped. +type CredentialIssuerStrategy struct { + // Type of integration attempted. + Type StrategyType `json:"type"` + + // Status of the attempted integration strategy. + Status StrategyStatus `json:"status"` + + // Reason for the current status. + Reason StrategyReason `json:"reason"` + + // Human-readable description of the current status. + // +kubebuilder:validation:MinLength=1 + Message string `json:"message"` + + // When the status was last checked. + LastUpdateTime metav1.Time `json:"lastUpdateTime"` + + // Frontend describes how clients can connect using this strategy. + Frontend *CredentialIssuerFrontend `json:"frontend,omitempty"` +} + +// CredentialIssuerFrontend describes how to connect using a particular integration strategy. +type CredentialIssuerFrontend struct { + // Type describes which frontend mechanism clients can use with a strategy. + Type FrontendType `json:"type"` + + // TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. + // This field is only set when Type is "TokenCredentialRequestAPI". + TokenCredentialRequestAPIInfo *TokenCredentialRequestAPIInfo `json:"tokenCredentialRequestInfo,omitempty"` + + // ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. + // This field is only set when Type is "ImpersonationProxy". + ImpersonationProxyInfo *ImpersonationProxyInfo `json:"impersonationProxyInfo,omitempty"` +} + +// TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. +type TokenCredentialRequestAPIInfo struct { + // Server is the Kubernetes API server URL. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://|^http://` + Server string `json:"server"` + + // CertificateAuthorityData is the base64-encoded Kubernetes API server CA bundle. + // +kubebuilder:validation:MinLength=1 + CertificateAuthorityData string `json:"certificateAuthorityData"` +} + +// ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. +type ImpersonationProxyInfo struct { + // Endpoint is the HTTPS endpoint of the impersonation proxy. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://` + Endpoint string `json:"endpoint"` + + // CertificateAuthorityData is the base64-encoded PEM CA bundle of the impersonation proxy. + // +kubebuilder:validation:MinLength=1 + CertificateAuthorityData string `json:"certificateAuthorityData"` +} + +// CredentialIssuer describes the configuration and status of the Pinniped Concierge credential issuer. +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped,scope=Cluster +// +kubebuilder:printcolumn:name="ProxyMode",type=string,JSONPath=`.spec.impersonationProxy.mode` +// +kubebuilder:printcolumn:name="DefaultStrategy",type=string,JSONPath=`.status.strategies[?(@.status == "Success")].type` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type CredentialIssuer struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec describes the intended configuration of the Concierge. + // + // +optional + Spec CredentialIssuerSpec `json:"spec"` + + // CredentialIssuerStatus describes the status of the Concierge. + // + // +optional + Status CredentialIssuerStatus `json:"status"` +} + +// CredentialIssuerList is a list of CredentialIssuer objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type CredentialIssuerList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []CredentialIssuer `json:"items"` +} diff --git a/generated/1.21/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.21/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..a00b3fc8 --- /dev/null +++ b/generated/1.21/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,259 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuer) DeepCopyInto(out *CredentialIssuer) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuer. +func (in *CredentialIssuer) DeepCopy() *CredentialIssuer { + if in == nil { + return nil + } + out := new(CredentialIssuer) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *CredentialIssuer) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerFrontend) DeepCopyInto(out *CredentialIssuerFrontend) { + *out = *in + if in.TokenCredentialRequestAPIInfo != nil { + in, out := &in.TokenCredentialRequestAPIInfo, &out.TokenCredentialRequestAPIInfo + *out = new(TokenCredentialRequestAPIInfo) + **out = **in + } + if in.ImpersonationProxyInfo != nil { + in, out := &in.ImpersonationProxyInfo, &out.ImpersonationProxyInfo + *out = new(ImpersonationProxyInfo) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerFrontend. +func (in *CredentialIssuerFrontend) DeepCopy() *CredentialIssuerFrontend { + if in == nil { + return nil + } + out := new(CredentialIssuerFrontend) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerKubeConfigInfo. +func (in *CredentialIssuerKubeConfigInfo) DeepCopy() *CredentialIssuerKubeConfigInfo { + if in == nil { + return nil + } + out := new(CredentialIssuerKubeConfigInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerList) DeepCopyInto(out *CredentialIssuerList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]CredentialIssuer, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerList. +func (in *CredentialIssuerList) DeepCopy() *CredentialIssuerList { + if in == nil { + return nil + } + out := new(CredentialIssuerList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *CredentialIssuerList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerSpec) DeepCopyInto(out *CredentialIssuerSpec) { + *out = *in + if in.ImpersonationProxy != nil { + in, out := &in.ImpersonationProxy, &out.ImpersonationProxy + *out = new(ImpersonationProxySpec) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerSpec. +func (in *CredentialIssuerSpec) DeepCopy() *CredentialIssuerSpec { + if in == nil { + return nil + } + out := new(CredentialIssuerSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) { + *out = *in + if in.Strategies != nil { + in, out := &in.Strategies, &out.Strategies + *out = make([]CredentialIssuerStrategy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.KubeConfigInfo != nil { + in, out := &in.KubeConfigInfo, &out.KubeConfigInfo + *out = new(CredentialIssuerKubeConfigInfo) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStatus. +func (in *CredentialIssuerStatus) DeepCopy() *CredentialIssuerStatus { + if in == nil { + return nil + } + out := new(CredentialIssuerStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerStrategy) DeepCopyInto(out *CredentialIssuerStrategy) { + *out = *in + in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime) + if in.Frontend != nil { + in, out := &in.Frontend, &out.Frontend + *out = new(CredentialIssuerFrontend) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStrategy. +func (in *CredentialIssuerStrategy) DeepCopy() *CredentialIssuerStrategy { + if in == nil { + return nil + } + out := new(CredentialIssuerStrategy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ImpersonationProxyInfo) DeepCopyInto(out *ImpersonationProxyInfo) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxyInfo. +func (in *ImpersonationProxyInfo) DeepCopy() *ImpersonationProxyInfo { + if in == nil { + return nil + } + out := new(ImpersonationProxyInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ImpersonationProxyServiceSpec) DeepCopyInto(out *ImpersonationProxyServiceSpec) { + *out = *in + if in.Annotations != nil { + in, out := &in.Annotations, &out.Annotations + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxyServiceSpec. +func (in *ImpersonationProxyServiceSpec) DeepCopy() *ImpersonationProxyServiceSpec { + if in == nil { + return nil + } + out := new(ImpersonationProxyServiceSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ImpersonationProxySpec) DeepCopyInto(out *ImpersonationProxySpec) { + *out = *in + in.Service.DeepCopyInto(&out.Service) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxySpec. +func (in *ImpersonationProxySpec) DeepCopy() *ImpersonationProxySpec { + if in == nil { + return nil + } + out := new(ImpersonationProxySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestAPIInfo) DeepCopyInto(out *TokenCredentialRequestAPIInfo) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestAPIInfo. +func (in *TokenCredentialRequestAPIInfo) DeepCopy() *TokenCredentialRequestAPIInfo { + if in == nil { + return nil + } + out := new(TokenCredentialRequestAPIInfo) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.21/apis/concierge/identity/doc.go b/generated/1.21/apis/concierge/identity/doc.go new file mode 100644 index 00000000..130e8942 --- /dev/null +++ b/generated/1.21/apis/concierge/identity/doc.go @@ -0,0 +1,8 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:deepcopy-gen=package +// +groupName=identity.concierge.pinniped.dev + +// Package identity is the internal version of the Pinniped identity API. +package identity diff --git a/generated/1.21/apis/concierge/identity/register.go b/generated/1.21/apis/concierge/identity/register.go new file mode 100644 index 00000000..0cefb834 --- /dev/null +++ b/generated/1.21/apis/concierge/identity/register.go @@ -0,0 +1,38 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package identity + +import ( + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "identity.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} + +// Kind takes an unqualified kind and returns back a Group qualified GroupKind. +func Kind(kind string) schema.GroupKind { + return SchemeGroupVersion.WithKind(kind).GroupKind() +} + +// Resource takes an unqualified resource and returns back a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + AddToScheme = SchemeBuilder.AddToScheme +) + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &WhoAmIRequest{}, + &WhoAmIRequestList{}, + ) + return nil +} diff --git a/generated/1.21/apis/concierge/identity/types_userinfo.go b/generated/1.21/apis/concierge/identity/types_userinfo.go new file mode 100644 index 00000000..65eb50cc --- /dev/null +++ b/generated/1.21/apis/concierge/identity/types_userinfo.go @@ -0,0 +1,37 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package identity + +import "fmt" + +// KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. +// Copied from the Kubernetes token review API. +type KubernetesUserInfo struct { + // User is the UserInfo associated with the current user. + User UserInfo + // Audiences are audience identifiers chosen by the authenticator. + Audiences []string +} + +// UserInfo holds the information about the user needed to implement the +// user.Info interface. +type UserInfo struct { + // The name that uniquely identifies this user among all active users. + Username string + // A unique value that identifies this user across time. If this user is + // deleted and another user by the same name is added, they will have + // different UIDs. + UID string + // The names of groups this user is a part of. + Groups []string + // Any additional information provided by the authenticator. + Extra map[string]ExtraValue +} + +// ExtraValue masks the value so protobuf can generate +type ExtraValue []string + +func (t ExtraValue) String() string { + return fmt.Sprintf("%v", []string(t)) +} diff --git a/generated/1.21/apis/concierge/identity/types_whoami.go b/generated/1.21/apis/concierge/identity/types_whoami.go new file mode 100644 index 00000000..4ba30607 --- /dev/null +++ b/generated/1.21/apis/concierge/identity/types_whoami.go @@ -0,0 +1,40 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package identity + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// WhoAmIRequest submits a request to echo back the current authenticated user. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type WhoAmIRequest struct { + metav1.TypeMeta + metav1.ObjectMeta + + Spec WhoAmIRequestSpec + Status WhoAmIRequestStatus +} + +type WhoAmIRequestSpec struct { + // empty for now but we may add some config here in the future + // any such config must be safe in the context of an unauthenticated user +} + +type WhoAmIRequestStatus struct { + // The current authenticated user, exactly as Kubernetes understands it. + KubernetesUserInfo KubernetesUserInfo + + // We may add concierge specific information here in the future. +} + +// WhoAmIRequestList is a list of WhoAmIRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type WhoAmIRequestList struct { + metav1.TypeMeta + metav1.ListMeta + + // Items is a list of WhoAmIRequest + Items []WhoAmIRequest +} diff --git a/generated/1.21/apis/concierge/identity/v1alpha1/conversion.go b/generated/1.21/apis/concierge/identity/v1alpha1/conversion.go new file mode 100644 index 00000000..63ae004e --- /dev/null +++ b/generated/1.21/apis/concierge/identity/v1alpha1/conversion.go @@ -0,0 +1,4 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 diff --git a/generated/1.21/apis/concierge/identity/v1alpha1/defaults.go b/generated/1.21/apis/concierge/identity/v1alpha1/defaults.go new file mode 100644 index 00000000..15c2bec9 --- /dev/null +++ b/generated/1.21/apis/concierge/identity/v1alpha1/defaults.go @@ -0,0 +1,12 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + "k8s.io/apimachinery/pkg/runtime" +) + +func addDefaultingFuncs(scheme *runtime.Scheme) error { + return RegisterDefaults(scheme) +} diff --git a/generated/1.21/apis/concierge/identity/v1alpha1/doc.go b/generated/1.21/apis/concierge/identity/v1alpha1/doc.go new file mode 100644 index 00000000..495ef997 --- /dev/null +++ b/generated/1.21/apis/concierge/identity/v1alpha1/doc.go @@ -0,0 +1,11 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:conversion-gen=go.pinniped.dev/generated/1.21/apis/concierge/identity +// +k8s:defaulter-gen=TypeMeta +// +groupName=identity.concierge.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. +package v1alpha1 diff --git a/generated/1.21/apis/concierge/identity/v1alpha1/register.go b/generated/1.21/apis/concierge/identity/v1alpha1/register.go new file mode 100644 index 00000000..0e17d584 --- /dev/null +++ b/generated/1.21/apis/concierge/identity/v1alpha1/register.go @@ -0,0 +1,43 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "identity.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes, addDefaultingFuncs) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &WhoAmIRequest{}, + &WhoAmIRequestList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.21/apis/concierge/identity/v1alpha1/types_userinfo.go b/generated/1.21/apis/concierge/identity/v1alpha1/types_userinfo.go new file mode 100644 index 00000000..4e509fc1 --- /dev/null +++ b/generated/1.21/apis/concierge/identity/v1alpha1/types_userinfo.go @@ -0,0 +1,41 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import "fmt" + +// KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. +// Copied from the Kubernetes token review API. +type KubernetesUserInfo struct { + // User is the UserInfo associated with the current user. + User UserInfo `json:"user"` + // Audiences are audience identifiers chosen by the authenticator. + // +optional + Audiences []string `json:"audiences,omitempty"` +} + +// UserInfo holds the information about the user needed to implement the +// user.Info interface. +type UserInfo struct { + // The name that uniquely identifies this user among all active users. + Username string `json:"username"` + // A unique value that identifies this user across time. If this user is + // deleted and another user by the same name is added, they will have + // different UIDs. + // +optional + UID string `json:"uid,omitempty"` + // The names of groups this user is a part of. + // +optional + Groups []string `json:"groups,omitempty"` + // Any additional information provided by the authenticator. + // +optional + Extra map[string]ExtraValue `json:"extra,omitempty"` +} + +// ExtraValue masks the value so protobuf can generate +type ExtraValue []string + +func (t ExtraValue) String() string { + return fmt.Sprintf("%v", []string(t)) +} diff --git a/generated/1.21/apis/concierge/identity/v1alpha1/types_whoami.go b/generated/1.21/apis/concierge/identity/v1alpha1/types_whoami.go new file mode 100644 index 00000000..3d884346 --- /dev/null +++ b/generated/1.21/apis/concierge/identity/v1alpha1/types_whoami.go @@ -0,0 +1,43 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// WhoAmIRequest submits a request to echo back the current authenticated user. +// +genclient +// +genclient:nonNamespaced +// +genclient:onlyVerbs=create +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type WhoAmIRequest struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec WhoAmIRequestSpec `json:"spec,omitempty"` + Status WhoAmIRequestStatus `json:"status,omitempty"` +} + +type WhoAmIRequestSpec struct { + // empty for now but we may add some config here in the future + // any such config must be safe in the context of an unauthenticated user +} + +type WhoAmIRequestStatus struct { + // The current authenticated user, exactly as Kubernetes understands it. + KubernetesUserInfo KubernetesUserInfo `json:"kubernetesUserInfo"` + + // We may add concierge specific information here in the future. +} + +// WhoAmIRequestList is a list of WhoAmIRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type WhoAmIRequestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + // Items is a list of WhoAmIRequest + Items []WhoAmIRequest `json:"items"` +} diff --git a/generated/1.21/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/1.21/apis/concierge/identity/v1alpha1/zz_generated.conversion.go new file mode 100644 index 00000000..bfe915aa --- /dev/null +++ b/generated/1.21/apis/concierge/identity/v1alpha1/zz_generated.conversion.go @@ -0,0 +1,235 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by conversion-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + unsafe "unsafe" + + identity "go.pinniped.dev/generated/1.21/apis/concierge/identity" + conversion "k8s.io/apimachinery/pkg/conversion" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +func init() { + localSchemeBuilder.Register(RegisterConversions) +} + +// RegisterConversions adds conversion functions to the given scheme. +// Public to allow building arbitrary schemes. +func RegisterConversions(s *runtime.Scheme) error { + if err := s.AddGeneratedConversionFunc((*KubernetesUserInfo)(nil), (*identity.KubernetesUserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(a.(*KubernetesUserInfo), b.(*identity.KubernetesUserInfo), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.KubernetesUserInfo)(nil), (*KubernetesUserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(a.(*identity.KubernetesUserInfo), b.(*KubernetesUserInfo), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*UserInfo)(nil), (*identity.UserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_UserInfo_To_identity_UserInfo(a.(*UserInfo), b.(*identity.UserInfo), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.UserInfo)(nil), (*UserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_UserInfo_To_v1alpha1_UserInfo(a.(*identity.UserInfo), b.(*UserInfo), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*WhoAmIRequest)(nil), (*identity.WhoAmIRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(a.(*WhoAmIRequest), b.(*identity.WhoAmIRequest), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequest)(nil), (*WhoAmIRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(a.(*identity.WhoAmIRequest), b.(*WhoAmIRequest), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*WhoAmIRequestList)(nil), (*identity.WhoAmIRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(a.(*WhoAmIRequestList), b.(*identity.WhoAmIRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestList)(nil), (*WhoAmIRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(a.(*identity.WhoAmIRequestList), b.(*WhoAmIRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*WhoAmIRequestSpec)(nil), (*identity.WhoAmIRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(a.(*WhoAmIRequestSpec), b.(*identity.WhoAmIRequestSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestSpec)(nil), (*WhoAmIRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(a.(*identity.WhoAmIRequestSpec), b.(*WhoAmIRequestSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*WhoAmIRequestStatus)(nil), (*identity.WhoAmIRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(a.(*WhoAmIRequestStatus), b.(*identity.WhoAmIRequestStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestStatus)(nil), (*WhoAmIRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(a.(*identity.WhoAmIRequestStatus), b.(*WhoAmIRequestStatus), scope) + }); err != nil { + return err + } + return nil +} + +func autoConvert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in *KubernetesUserInfo, out *identity.KubernetesUserInfo, s conversion.Scope) error { + if err := Convert_v1alpha1_UserInfo_To_identity_UserInfo(&in.User, &out.User, s); err != nil { + return err + } + out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences)) + return nil +} + +// Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo is an autogenerated conversion function. +func Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in *KubernetesUserInfo, out *identity.KubernetesUserInfo, s conversion.Scope) error { + return autoConvert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in, out, s) +} + +func autoConvert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in *identity.KubernetesUserInfo, out *KubernetesUserInfo, s conversion.Scope) error { + if err := Convert_identity_UserInfo_To_v1alpha1_UserInfo(&in.User, &out.User, s); err != nil { + return err + } + out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences)) + return nil +} + +// Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo is an autogenerated conversion function. +func Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in *identity.KubernetesUserInfo, out *KubernetesUserInfo, s conversion.Scope) error { + return autoConvert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in, out, s) +} + +func autoConvert_v1alpha1_UserInfo_To_identity_UserInfo(in *UserInfo, out *identity.UserInfo, s conversion.Scope) error { + out.Username = in.Username + out.UID = in.UID + out.Groups = *(*[]string)(unsafe.Pointer(&in.Groups)) + out.Extra = *(*map[string]identity.ExtraValue)(unsafe.Pointer(&in.Extra)) + return nil +} + +// Convert_v1alpha1_UserInfo_To_identity_UserInfo is an autogenerated conversion function. +func Convert_v1alpha1_UserInfo_To_identity_UserInfo(in *UserInfo, out *identity.UserInfo, s conversion.Scope) error { + return autoConvert_v1alpha1_UserInfo_To_identity_UserInfo(in, out, s) +} + +func autoConvert_identity_UserInfo_To_v1alpha1_UserInfo(in *identity.UserInfo, out *UserInfo, s conversion.Scope) error { + out.Username = in.Username + out.UID = in.UID + out.Groups = *(*[]string)(unsafe.Pointer(&in.Groups)) + out.Extra = *(*map[string]ExtraValue)(unsafe.Pointer(&in.Extra)) + return nil +} + +// Convert_identity_UserInfo_To_v1alpha1_UserInfo is an autogenerated conversion function. +func Convert_identity_UserInfo_To_v1alpha1_UserInfo(in *identity.UserInfo, out *UserInfo, s conversion.Scope) error { + return autoConvert_identity_UserInfo_To_v1alpha1_UserInfo(in, out, s) +} + +func autoConvert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in *WhoAmIRequest, out *identity.WhoAmIRequest, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest is an autogenerated conversion function. +func Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in *WhoAmIRequest, out *identity.WhoAmIRequest, s conversion.Scope) error { + return autoConvert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in, out, s) +} + +func autoConvert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in *identity.WhoAmIRequest, out *WhoAmIRequest, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest is an autogenerated conversion function. +func Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in *identity.WhoAmIRequest, out *WhoAmIRequest, s conversion.Scope) error { + return autoConvert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in, out, s) +} + +func autoConvert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in *WhoAmIRequestList, out *identity.WhoAmIRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]identity.WhoAmIRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList is an autogenerated conversion function. +func Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in *WhoAmIRequestList, out *identity.WhoAmIRequestList, s conversion.Scope) error { + return autoConvert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in, out, s) +} + +func autoConvert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in *identity.WhoAmIRequestList, out *WhoAmIRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]WhoAmIRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList is an autogenerated conversion function. +func Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in *identity.WhoAmIRequestList, out *WhoAmIRequestList, s conversion.Scope) error { + return autoConvert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in, out, s) +} + +func autoConvert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in *WhoAmIRequestSpec, out *identity.WhoAmIRequestSpec, s conversion.Scope) error { + return nil +} + +// Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec is an autogenerated conversion function. +func Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in *WhoAmIRequestSpec, out *identity.WhoAmIRequestSpec, s conversion.Scope) error { + return autoConvert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in, out, s) +} + +func autoConvert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in *identity.WhoAmIRequestSpec, out *WhoAmIRequestSpec, s conversion.Scope) error { + return nil +} + +// Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec is an autogenerated conversion function. +func Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in *identity.WhoAmIRequestSpec, out *WhoAmIRequestSpec, s conversion.Scope) error { + return autoConvert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in, out, s) +} + +func autoConvert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in *WhoAmIRequestStatus, out *identity.WhoAmIRequestStatus, s conversion.Scope) error { + if err := Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(&in.KubernetesUserInfo, &out.KubernetesUserInfo, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus is an autogenerated conversion function. +func Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in *WhoAmIRequestStatus, out *identity.WhoAmIRequestStatus, s conversion.Scope) error { + return autoConvert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in, out, s) +} + +func autoConvert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in *identity.WhoAmIRequestStatus, out *WhoAmIRequestStatus, s conversion.Scope) error { + if err := Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(&in.KubernetesUserInfo, &out.KubernetesUserInfo, s); err != nil { + return err + } + return nil +} + +// Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus is an autogenerated conversion function. +func Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in *identity.WhoAmIRequestStatus, out *WhoAmIRequestStatus, s conversion.Scope) error { + return autoConvert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in, out, s) +} diff --git a/generated/1.21/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/1.21/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..8206b6dd --- /dev/null +++ b/generated/1.21/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,185 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in ExtraValue) DeepCopyInto(out *ExtraValue) { + { + in := &in + *out = make(ExtraValue, len(*in)) + copy(*out, *in) + return + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue. +func (in ExtraValue) DeepCopy() ExtraValue { + if in == nil { + return nil + } + out := new(ExtraValue) + in.DeepCopyInto(out) + return *out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubernetesUserInfo) DeepCopyInto(out *KubernetesUserInfo) { + *out = *in + in.User.DeepCopyInto(&out.User) + if in.Audiences != nil { + in, out := &in.Audiences, &out.Audiences + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesUserInfo. +func (in *KubernetesUserInfo) DeepCopy() *KubernetesUserInfo { + if in == nil { + return nil + } + out := new(KubernetesUserInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserInfo) DeepCopyInto(out *UserInfo) { + *out = *in + if in.Groups != nil { + in, out := &in.Groups, &out.Groups + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Extra != nil { + in, out := &in.Extra, &out.Extra + *out = make(map[string]ExtraValue, len(*in)) + for key, val := range *in { + var outVal []string + if val == nil { + (*out)[key] = nil + } else { + in, out := &val, &outVal + *out = make(ExtraValue, len(*in)) + copy(*out, *in) + } + (*out)[key] = outVal + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInfo. +func (in *UserInfo) DeepCopy() *UserInfo { + if in == nil { + return nil + } + out := new(UserInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequest) DeepCopyInto(out *WhoAmIRequest) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequest. +func (in *WhoAmIRequest) DeepCopy() *WhoAmIRequest { + if in == nil { + return nil + } + out := new(WhoAmIRequest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WhoAmIRequest) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestList) DeepCopyInto(out *WhoAmIRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]WhoAmIRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestList. +func (in *WhoAmIRequestList) DeepCopy() *WhoAmIRequestList { + if in == nil { + return nil + } + out := new(WhoAmIRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WhoAmIRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestSpec) DeepCopyInto(out *WhoAmIRequestSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestSpec. +func (in *WhoAmIRequestSpec) DeepCopy() *WhoAmIRequestSpec { + if in == nil { + return nil + } + out := new(WhoAmIRequestSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestStatus) DeepCopyInto(out *WhoAmIRequestStatus) { + *out = *in + in.KubernetesUserInfo.DeepCopyInto(&out.KubernetesUserInfo) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestStatus. +func (in *WhoAmIRequestStatus) DeepCopy() *WhoAmIRequestStatus { + if in == nil { + return nil + } + out := new(WhoAmIRequestStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.21/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/1.21/apis/concierge/identity/v1alpha1/zz_generated.defaults.go new file mode 100644 index 00000000..9097a935 --- /dev/null +++ b/generated/1.21/apis/concierge/identity/v1alpha1/zz_generated.defaults.go @@ -0,0 +1,20 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by defaulter-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// RegisterDefaults adds defaulters functions to the given scheme. +// Public to allow building arbitrary schemes. +// All generated defaulters are covering - they call all nested defaulters. +func RegisterDefaults(scheme *runtime.Scheme) error { + return nil +} diff --git a/generated/1.21/apis/concierge/identity/validation/validation.go b/generated/1.21/apis/concierge/identity/validation/validation.go new file mode 100644 index 00000000..9e3d41e8 --- /dev/null +++ b/generated/1.21/apis/concierge/identity/validation/validation.go @@ -0,0 +1,14 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package validation + +import ( + "k8s.io/apimachinery/pkg/util/validation/field" + + identityapi "go.pinniped.dev/generated/1.21/apis/concierge/identity" +) + +func ValidateWhoAmIRequest(whoAmIRequest *identityapi.WhoAmIRequest) field.ErrorList { + return nil // add validation for spec here if we expand it +} diff --git a/generated/1.21/apis/concierge/identity/zz_generated.deepcopy.go b/generated/1.21/apis/concierge/identity/zz_generated.deepcopy.go new file mode 100644 index 00000000..4d844ffd --- /dev/null +++ b/generated/1.21/apis/concierge/identity/zz_generated.deepcopy.go @@ -0,0 +1,185 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package identity + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in ExtraValue) DeepCopyInto(out *ExtraValue) { + { + in := &in + *out = make(ExtraValue, len(*in)) + copy(*out, *in) + return + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue. +func (in ExtraValue) DeepCopy() ExtraValue { + if in == nil { + return nil + } + out := new(ExtraValue) + in.DeepCopyInto(out) + return *out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubernetesUserInfo) DeepCopyInto(out *KubernetesUserInfo) { + *out = *in + in.User.DeepCopyInto(&out.User) + if in.Audiences != nil { + in, out := &in.Audiences, &out.Audiences + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesUserInfo. +func (in *KubernetesUserInfo) DeepCopy() *KubernetesUserInfo { + if in == nil { + return nil + } + out := new(KubernetesUserInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserInfo) DeepCopyInto(out *UserInfo) { + *out = *in + if in.Groups != nil { + in, out := &in.Groups, &out.Groups + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Extra != nil { + in, out := &in.Extra, &out.Extra + *out = make(map[string]ExtraValue, len(*in)) + for key, val := range *in { + var outVal []string + if val == nil { + (*out)[key] = nil + } else { + in, out := &val, &outVal + *out = make(ExtraValue, len(*in)) + copy(*out, *in) + } + (*out)[key] = outVal + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInfo. +func (in *UserInfo) DeepCopy() *UserInfo { + if in == nil { + return nil + } + out := new(UserInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequest) DeepCopyInto(out *WhoAmIRequest) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequest. +func (in *WhoAmIRequest) DeepCopy() *WhoAmIRequest { + if in == nil { + return nil + } + out := new(WhoAmIRequest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WhoAmIRequest) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestList) DeepCopyInto(out *WhoAmIRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]WhoAmIRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestList. +func (in *WhoAmIRequestList) DeepCopy() *WhoAmIRequestList { + if in == nil { + return nil + } + out := new(WhoAmIRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WhoAmIRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestSpec) DeepCopyInto(out *WhoAmIRequestSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestSpec. +func (in *WhoAmIRequestSpec) DeepCopy() *WhoAmIRequestSpec { + if in == nil { + return nil + } + out := new(WhoAmIRequestSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestStatus) DeepCopyInto(out *WhoAmIRequestStatus) { + *out = *in + in.KubernetesUserInfo.DeepCopyInto(&out.KubernetesUserInfo) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestStatus. +func (in *WhoAmIRequestStatus) DeepCopy() *WhoAmIRequestStatus { + if in == nil { + return nil + } + out := new(WhoAmIRequestStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.21/apis/concierge/login/doc.go b/generated/1.21/apis/concierge/login/doc.go new file mode 100644 index 00000000..14af63a2 --- /dev/null +++ b/generated/1.21/apis/concierge/login/doc.go @@ -0,0 +1,8 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:deepcopy-gen=package +// +groupName=login.concierge.pinniped.dev + +// Package login is the internal version of the Pinniped login API. +package login diff --git a/generated/1.21/apis/concierge/login/register.go b/generated/1.21/apis/concierge/login/register.go new file mode 100644 index 00000000..1c3ba130 --- /dev/null +++ b/generated/1.21/apis/concierge/login/register.go @@ -0,0 +1,38 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package login + +import ( + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "login.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} + +// Kind takes an unqualified kind and returns back a Group qualified GroupKind. +func Kind(kind string) schema.GroupKind { + return SchemeGroupVersion.WithKind(kind).GroupKind() +} + +// Resource takes an unqualified resource and returns back a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + AddToScheme = SchemeBuilder.AddToScheme +) + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &TokenCredentialRequest{}, + &TokenCredentialRequestList{}, + ) + return nil +} diff --git a/generated/1.21/apis/concierge/login/types_clustercred.go b/generated/1.21/apis/concierge/login/types_clustercred.go new file mode 100644 index 00000000..dd683b81 --- /dev/null +++ b/generated/1.21/apis/concierge/login/types_clustercred.go @@ -0,0 +1,21 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package login + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// ClusterCredential is a credential (token or certificate) which is valid on the Kubernetes cluster. +type ClusterCredential struct { + // ExpirationTimestamp indicates a time when the provided credentials expire. + ExpirationTimestamp metav1.Time + + // Token is a bearer token used by the client for request authentication. + Token string + + // PEM-encoded client TLS certificates (including intermediates, if any). + ClientCertificateData string + + // PEM-encoded private key for the above certificate. + ClientKeyData string +} diff --git a/generated/1.21/apis/concierge/login/types_token.go b/generated/1.21/apis/concierge/login/types_token.go new file mode 100644 index 00000000..e3af529e --- /dev/null +++ b/generated/1.21/apis/concierge/login/types_token.go @@ -0,0 +1,47 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package login + +import ( + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type TokenCredentialRequestSpec struct { + // Bearer token supplied with the credential request. + Token string + + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference +} + +type TokenCredentialRequestStatus struct { + // A ClusterCredential will be returned for a successful credential request. + // +optional + Credential *ClusterCredential + + // An error message will be returned for an unsuccessful credential request. + // +optional + Message *string +} + +// TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type TokenCredentialRequest struct { + metav1.TypeMeta + metav1.ObjectMeta + + Spec TokenCredentialRequestSpec + Status TokenCredentialRequestStatus +} + +// TokenCredentialRequestList is a list of TokenCredentialRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type TokenCredentialRequestList struct { + metav1.TypeMeta + metav1.ListMeta + + // Items is a list of TokenCredentialRequest + Items []TokenCredentialRequest +} diff --git a/generated/1.21/apis/concierge/login/v1alpha1/conversion.go b/generated/1.21/apis/concierge/login/v1alpha1/conversion.go new file mode 100644 index 00000000..dca8bca2 --- /dev/null +++ b/generated/1.21/apis/concierge/login/v1alpha1/conversion.go @@ -0,0 +1,4 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 diff --git a/generated/1.21/apis/concierge/login/v1alpha1/defaults.go b/generated/1.21/apis/concierge/login/v1alpha1/defaults.go new file mode 100644 index 00000000..12f0acd2 --- /dev/null +++ b/generated/1.21/apis/concierge/login/v1alpha1/defaults.go @@ -0,0 +1,12 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + "k8s.io/apimachinery/pkg/runtime" +) + +func addDefaultingFuncs(scheme *runtime.Scheme) error { + return RegisterDefaults(scheme) +} diff --git a/generated/1.21/apis/concierge/login/v1alpha1/doc.go b/generated/1.21/apis/concierge/login/v1alpha1/doc.go new file mode 100644 index 00000000..1d608601 --- /dev/null +++ b/generated/1.21/apis/concierge/login/v1alpha1/doc.go @@ -0,0 +1,11 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:conversion-gen=go.pinniped.dev/generated/1.21/apis/concierge/login +// +k8s:defaulter-gen=TypeMeta +// +groupName=login.concierge.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped login API. +package v1alpha1 diff --git a/generated/1.21/apis/concierge/login/v1alpha1/register.go b/generated/1.21/apis/concierge/login/v1alpha1/register.go new file mode 100644 index 00000000..60efec82 --- /dev/null +++ b/generated/1.21/apis/concierge/login/v1alpha1/register.go @@ -0,0 +1,43 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "login.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes, addDefaultingFuncs) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &TokenCredentialRequest{}, + &TokenCredentialRequestList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.21/apis/concierge/login/v1alpha1/types_clustercred.go b/generated/1.21/apis/concierge/login/v1alpha1/types_clustercred.go new file mode 100644 index 00000000..eb50c7fe --- /dev/null +++ b/generated/1.21/apis/concierge/login/v1alpha1/types_clustercred.go @@ -0,0 +1,22 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// ClusterCredential is the cluster-specific credential returned on a successful credential request. It +// contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster. +type ClusterCredential struct { + // ExpirationTimestamp indicates a time when the provided credentials expire. + ExpirationTimestamp metav1.Time `json:"expirationTimestamp,omitempty"` + + // Token is a bearer token used by the client for request authentication. + Token string `json:"token,omitempty"` + + // PEM-encoded client TLS certificates (including intermediates, if any). + ClientCertificateData string `json:"clientCertificateData,omitempty"` + + // PEM-encoded private key for the above certificate. + ClientKeyData string `json:"clientKeyData,omitempty"` +} diff --git a/generated/1.21/apis/concierge/login/v1alpha1/types_token.go b/generated/1.21/apis/concierge/login/v1alpha1/types_token.go new file mode 100644 index 00000000..c8f3b66e --- /dev/null +++ b/generated/1.21/apis/concierge/login/v1alpha1/types_token.go @@ -0,0 +1,51 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// TokenCredentialRequestSpec is the specification of a TokenCredentialRequest, expected on requests to the Pinniped API. +type TokenCredentialRequestSpec struct { + // Bearer token supplied with the credential request. + Token string `json:"token,omitempty"` + + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference `json:"authenticator"` +} + +// TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API. +type TokenCredentialRequestStatus struct { + // A Credential will be returned for a successful credential request. + // +optional + Credential *ClusterCredential `json:"credential,omitempty"` + + // An error message will be returned for an unsuccessful credential request. + // +optional + Message *string `json:"message,omitempty"` +} + +// TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. +// +genclient +// +genclient:nonNamespaced +// +genclient:onlyVerbs=create +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type TokenCredentialRequest struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec TokenCredentialRequestSpec `json:"spec,omitempty"` + Status TokenCredentialRequestStatus `json:"status,omitempty"` +} + +// TokenCredentialRequestList is a list of TokenCredentialRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type TokenCredentialRequestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []TokenCredentialRequest `json:"items"` +} diff --git a/generated/1.21/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.21/apis/concierge/login/v1alpha1/zz_generated.conversion.go new file mode 100644 index 00000000..5f96b810 --- /dev/null +++ b/generated/1.21/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -0,0 +1,201 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by conversion-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + unsafe "unsafe" + + login "go.pinniped.dev/generated/1.21/apis/concierge/login" + conversion "k8s.io/apimachinery/pkg/conversion" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +func init() { + localSchemeBuilder.Register(RegisterConversions) +} + +// RegisterConversions adds conversion functions to the given scheme. +// Public to allow building arbitrary schemes. +func RegisterConversions(s *runtime.Scheme) error { + if err := s.AddGeneratedConversionFunc((*ClusterCredential)(nil), (*login.ClusterCredential)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential(a.(*ClusterCredential), b.(*login.ClusterCredential), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*login.ClusterCredential)(nil), (*ClusterCredential)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential(a.(*login.ClusterCredential), b.(*ClusterCredential), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*TokenCredentialRequest)(nil), (*login.TokenCredentialRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(a.(*TokenCredentialRequest), b.(*login.TokenCredentialRequest), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequest)(nil), (*TokenCredentialRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(a.(*login.TokenCredentialRequest), b.(*TokenCredentialRequest), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestList)(nil), (*login.TokenCredentialRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(a.(*TokenCredentialRequestList), b.(*login.TokenCredentialRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestList)(nil), (*TokenCredentialRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(a.(*login.TokenCredentialRequestList), b.(*TokenCredentialRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestSpec)(nil), (*login.TokenCredentialRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(a.(*TokenCredentialRequestSpec), b.(*login.TokenCredentialRequestSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestSpec)(nil), (*TokenCredentialRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(a.(*login.TokenCredentialRequestSpec), b.(*TokenCredentialRequestSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestStatus)(nil), (*login.TokenCredentialRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(a.(*TokenCredentialRequestStatus), b.(*login.TokenCredentialRequestStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestStatus)(nil), (*TokenCredentialRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(a.(*login.TokenCredentialRequestStatus), b.(*TokenCredentialRequestStatus), scope) + }); err != nil { + return err + } + return nil +} + +func autoConvert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in *ClusterCredential, out *login.ClusterCredential, s conversion.Scope) error { + out.ExpirationTimestamp = in.ExpirationTimestamp + out.Token = in.Token + out.ClientCertificateData = in.ClientCertificateData + out.ClientKeyData = in.ClientKeyData + return nil +} + +// Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential is an autogenerated conversion function. +func Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in *ClusterCredential, out *login.ClusterCredential, s conversion.Scope) error { + return autoConvert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in, out, s) +} + +func autoConvert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in *login.ClusterCredential, out *ClusterCredential, s conversion.Scope) error { + out.ExpirationTimestamp = in.ExpirationTimestamp + out.Token = in.Token + out.ClientCertificateData = in.ClientCertificateData + out.ClientKeyData = in.ClientKeyData + return nil +} + +// Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential is an autogenerated conversion function. +func Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in *login.ClusterCredential, out *ClusterCredential, s conversion.Scope) error { + return autoConvert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in, out, s) +} + +func autoConvert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in *TokenCredentialRequest, out *login.TokenCredentialRequest, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest is an autogenerated conversion function. +func Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in *TokenCredentialRequest, out *login.TokenCredentialRequest, s conversion.Scope) error { + return autoConvert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in, out, s) +} + +func autoConvert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in *login.TokenCredentialRequest, out *TokenCredentialRequest, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest is an autogenerated conversion function. +func Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in *login.TokenCredentialRequest, out *TokenCredentialRequest, s conversion.Scope) error { + return autoConvert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in, out, s) +} + +func autoConvert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in *TokenCredentialRequestList, out *login.TokenCredentialRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]login.TokenCredentialRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList is an autogenerated conversion function. +func Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in *TokenCredentialRequestList, out *login.TokenCredentialRequestList, s conversion.Scope) error { + return autoConvert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in, out, s) +} + +func autoConvert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in *login.TokenCredentialRequestList, out *TokenCredentialRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]TokenCredentialRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList is an autogenerated conversion function. +func Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in *login.TokenCredentialRequestList, out *TokenCredentialRequestList, s conversion.Scope) error { + return autoConvert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in, out, s) +} + +func autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error { + out.Token = in.Token + out.Authenticator = in.Authenticator + return nil +} + +// Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec is an autogenerated conversion function. +func Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error { + return autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in, out, s) +} + +func autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error { + out.Token = in.Token + out.Authenticator = in.Authenticator + return nil +} + +// Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec is an autogenerated conversion function. +func Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error { + return autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in, out, s) +} + +func autoConvert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in *TokenCredentialRequestStatus, out *login.TokenCredentialRequestStatus, s conversion.Scope) error { + out.Credential = (*login.ClusterCredential)(unsafe.Pointer(in.Credential)) + out.Message = (*string)(unsafe.Pointer(in.Message)) + return nil +} + +// Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus is an autogenerated conversion function. +func Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in *TokenCredentialRequestStatus, out *login.TokenCredentialRequestStatus, s conversion.Scope) error { + return autoConvert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in, out, s) +} + +func autoConvert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in *login.TokenCredentialRequestStatus, out *TokenCredentialRequestStatus, s conversion.Scope) error { + out.Credential = (*ClusterCredential)(unsafe.Pointer(in.Credential)) + out.Message = (*string)(unsafe.Pointer(in.Message)) + return nil +} + +// Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus is an autogenerated conversion function. +func Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in *login.TokenCredentialRequestStatus, out *TokenCredentialRequestStatus, s conversion.Scope) error { + return autoConvert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in, out, s) +} diff --git a/generated/1.21/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.21/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..6f39cfec --- /dev/null +++ b/generated/1.21/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,134 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterCredential) DeepCopyInto(out *ClusterCredential) { + *out = *in + in.ExpirationTimestamp.DeepCopyInto(&out.ExpirationTimestamp) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCredential. +func (in *ClusterCredential) DeepCopy() *ClusterCredential { + if in == nil { + return nil + } + out := new(ClusterCredential) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequest) DeepCopyInto(out *TokenCredentialRequest) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequest. +func (in *TokenCredentialRequest) DeepCopy() *TokenCredentialRequest { + if in == nil { + return nil + } + out := new(TokenCredentialRequest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TokenCredentialRequest) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestList) DeepCopyInto(out *TokenCredentialRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]TokenCredentialRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestList. +func (in *TokenCredentialRequestList) DeepCopy() *TokenCredentialRequestList { + if in == nil { + return nil + } + out := new(TokenCredentialRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { + *out = *in + in.Authenticator.DeepCopyInto(&out.Authenticator) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestSpec. +func (in *TokenCredentialRequestSpec) DeepCopy() *TokenCredentialRequestSpec { + if in == nil { + return nil + } + out := new(TokenCredentialRequestSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestStatus) DeepCopyInto(out *TokenCredentialRequestStatus) { + *out = *in + if in.Credential != nil { + in, out := &in.Credential, &out.Credential + *out = new(ClusterCredential) + (*in).DeepCopyInto(*out) + } + if in.Message != nil { + in, out := &in.Message, &out.Message + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestStatus. +func (in *TokenCredentialRequestStatus) DeepCopy() *TokenCredentialRequestStatus { + if in == nil { + return nil + } + out := new(TokenCredentialRequestStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.21/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/1.21/apis/concierge/login/v1alpha1/zz_generated.defaults.go new file mode 100644 index 00000000..9097a935 --- /dev/null +++ b/generated/1.21/apis/concierge/login/v1alpha1/zz_generated.defaults.go @@ -0,0 +1,20 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by defaulter-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// RegisterDefaults adds defaulters functions to the given scheme. +// Public to allow building arbitrary schemes. +// All generated defaulters are covering - they call all nested defaulters. +func RegisterDefaults(scheme *runtime.Scheme) error { + return nil +} diff --git a/generated/1.21/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.21/apis/concierge/login/zz_generated.deepcopy.go new file mode 100644 index 00000000..07f4f074 --- /dev/null +++ b/generated/1.21/apis/concierge/login/zz_generated.deepcopy.go @@ -0,0 +1,134 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package login + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterCredential) DeepCopyInto(out *ClusterCredential) { + *out = *in + in.ExpirationTimestamp.DeepCopyInto(&out.ExpirationTimestamp) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCredential. +func (in *ClusterCredential) DeepCopy() *ClusterCredential { + if in == nil { + return nil + } + out := new(ClusterCredential) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequest) DeepCopyInto(out *TokenCredentialRequest) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequest. +func (in *TokenCredentialRequest) DeepCopy() *TokenCredentialRequest { + if in == nil { + return nil + } + out := new(TokenCredentialRequest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TokenCredentialRequest) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestList) DeepCopyInto(out *TokenCredentialRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]TokenCredentialRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestList. +func (in *TokenCredentialRequestList) DeepCopy() *TokenCredentialRequestList { + if in == nil { + return nil + } + out := new(TokenCredentialRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { + *out = *in + in.Authenticator.DeepCopyInto(&out.Authenticator) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestSpec. +func (in *TokenCredentialRequestSpec) DeepCopy() *TokenCredentialRequestSpec { + if in == nil { + return nil + } + out := new(TokenCredentialRequestSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestStatus) DeepCopyInto(out *TokenCredentialRequestStatus) { + *out = *in + if in.Credential != nil { + in, out := &in.Credential, &out.Credential + *out = new(ClusterCredential) + (*in).DeepCopyInto(*out) + } + if in.Message != nil { + in, out := &in.Message, &out.Message + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestStatus. +func (in *TokenCredentialRequestStatus) DeepCopy() *TokenCredentialRequestStatus { + if in == nil { + return nil + } + out := new(TokenCredentialRequestStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.21/apis/go.mod b/generated/1.21/apis/go.mod new file mode 100644 index 00000000..fc37ecb6 --- /dev/null +++ b/generated/1.21/apis/go.mod @@ -0,0 +1,9 @@ +// This go.mod file is generated by ./hack/codegen.sh. +module go.pinniped.dev/generated/1.21/apis + +go 1.13 + +require ( + k8s.io/api v0.21.9 + k8s.io/apimachinery v0.21.9 +) diff --git a/generated/1.21/apis/go.sum b/generated/1.21/apis/go.sum new file mode 100644 index 00000000..d766e253 --- /dev/null +++ b/generated/1.21/apis/go.sum @@ -0,0 +1,163 @@ +github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= +github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= +github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= +github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= +github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= +github.com/go-logr/logr v0.4.0 h1:K7/B1jt6fIBQVd4Owv2MqGQClcgf0R266+7C/QjRcLc= +github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= +github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= +github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= +github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= +github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= +github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= +github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= +github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= +github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68= +github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI= +github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= +github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= +github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0= +github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20211209124913-491a49abca63 h1:iocB37TsdFuN6IBRZ+ry36wrkoV51/tl5vOWqkcPGvY= +golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +k8s.io/api v0.21.9 h1:dgxM5d8/kLw0mz7JmyixJk3I84JT2B52Yz8p0lTMFes= +k8s.io/api v0.21.9/go.mod h1:jyTBdRcQnzZodHyJdeDEqVcxkaqJAgjrRx30EysE1Ik= +k8s.io/apimachinery v0.21.9 h1:8WffZaaNB2ft5wOiFPktkZRZQxMoTxwVrITC73SJ1V8= +k8s.io/apimachinery v0.21.9/go.mod h1:USs+ifLG6ZUgHGA/9lGxjdHzCB3hUO3fG1VBOwi0IHo= +k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= +k8s.io/klog/v2 v2.9.0 h1:D7HV+n1V57XeZ0m6tdRkfknthUaM06VFbWldOFh8kzM= +k8s.io/klog/v2 v2.9.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= +k8s.io/kube-openapi v0.0.0-20211110012726-3cc51fd1e909/go.mod h1:wXW5VT87nVfh/iLV8FpR2uDvrFyomxbtb1KivDbvPTE= +sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= +sigs.k8s.io/structured-merge-diff/v4 v4.2.1 h1:bKCqE9GvQ5tiVHn5rfn1r+yao3aLQEaLzkkmAkf+A6Y= +sigs.k8s.io/structured-merge-diff/v4 v4.2.1/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= +sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= +sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/generated/1.21/apis/supervisor/config/v1alpha1/doc.go b/generated/1.21/apis/supervisor/config/v1alpha1/doc.go new file mode 100644 index 00000000..7f255eea --- /dev/null +++ b/generated/1.21/apis/supervisor/config/v1alpha1/doc.go @@ -0,0 +1,11 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:conversion-gen=go.pinniped.dev/generated/1.21/apis/supervisor/config +// +k8s:defaulter-gen=TypeMeta +// +groupName=config.supervisor.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuration API. +package v1alpha1 diff --git a/generated/1.21/apis/supervisor/config/v1alpha1/register.go b/generated/1.21/apis/supervisor/config/v1alpha1/register.go new file mode 100644 index 00000000..69045298 --- /dev/null +++ b/generated/1.21/apis/supervisor/config/v1alpha1/register.go @@ -0,0 +1,43 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "config.supervisor.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &FederationDomain{}, + &FederationDomainList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.21/apis/supervisor/config/v1alpha1/types_federationdomain.go b/generated/1.21/apis/supervisor/config/v1alpha1/types_federationdomain.go new file mode 100644 index 00000000..e92303a9 --- /dev/null +++ b/generated/1.21/apis/supervisor/config/v1alpha1/types_federationdomain.go @@ -0,0 +1,134 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +kubebuilder:validation:Enum=Success;Duplicate;Invalid;SameIssuerHostMustUseSameSecret +type FederationDomainStatusCondition string + +const ( + SuccessFederationDomainStatusCondition = FederationDomainStatusCondition("Success") + DuplicateFederationDomainStatusCondition = FederationDomainStatusCondition("Duplicate") + SameIssuerHostMustUseSameSecretFederationDomainStatusCondition = FederationDomainStatusCondition("SameIssuerHostMustUseSameSecret") + InvalidFederationDomainStatusCondition = FederationDomainStatusCondition("Invalid") +) + +// FederationDomainTLSSpec is a struct that describes the TLS configuration for an OIDC Provider. +type FederationDomainTLSSpec struct { + // SecretName is an optional name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains + // the TLS serving certificate for the HTTPS endpoints served by this FederationDomain. When provided, the TLS Secret + // named here must contain keys named `tls.crt` and `tls.key` that contain the certificate and private key to use + // for TLS. + // + // Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) supported by all major browsers. + // + // SecretName is required if you would like to use different TLS certificates for issuers of different hostnames. + // SNI requests do not include port numbers, so all issuers with the same DNS hostname must use the same + // SecretName value even if they have different port numbers. + // + // SecretName is not required when you would like to use only the HTTP endpoints (e.g. when terminating TLS at an + // Ingress). It is also not required when you would like all requests to this OIDC Provider's HTTPS endpoints to + // use the default TLS certificate, which is configured elsewhere. + // + // When your Issuer URL's host is an IP address, then this field is ignored. SNI does not work for IP addresses. + // + // +optional + SecretName string `json:"secretName,omitempty"` +} + +// FederationDomainSpec is a struct that describes an OIDC Provider. +type FederationDomainSpec struct { + // Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the + // identifier that it will use for the iss claim in issued JWTs. This field will also be used as + // the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is + // https://example.com/foo, then your authorization endpoint will look like + // https://example.com/foo/some/path/to/auth/endpoint). + // + // See + // https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. + // +kubebuilder:validation:MinLength=1 + Issuer string `json:"issuer"` + + // TLS configures how this FederationDomain is served over Transport Layer Security (TLS). + // +optional + TLS *FederationDomainTLSSpec `json:"tls,omitempty"` +} + +// FederationDomainSecrets holds information about this OIDC Provider's secrets. +type FederationDomainSecrets struct { + // JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are + // stored. If it is empty, then the signing/verification keys are either unknown or they don't + // exist. + // +optional + JWKS corev1.LocalObjectReference `json:"jwks,omitempty"` + + // TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + // signing tokens is stored. + // +optional + TokenSigningKey corev1.LocalObjectReference `json:"tokenSigningKey,omitempty"` + + // StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + // signing state parameters is stored. + // +optional + StateSigningKey corev1.LocalObjectReference `json:"stateSigningKey,omitempty"` + + // StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + // encrypting state parameters is stored. + // +optional + StateEncryptionKey corev1.LocalObjectReference `json:"stateEncryptionKey,omitempty"` +} + +// FederationDomainStatus is a struct that describes the actual state of an OIDC Provider. +type FederationDomainStatus struct { + // Status holds an enum that describes the state of this OIDC Provider. Note that this Status can + // represent success or failure. + // +optional + Status FederationDomainStatusCondition `json:"status,omitempty"` + + // Message provides human-readable details about the Status. + // +optional + Message string `json:"message,omitempty"` + + // LastUpdateTime holds the time at which the Status was last updated. It is a pointer to get + // around some undesirable behavior with respect to the empty metav1.Time value (see + // https://github.com/kubernetes/kubernetes/issues/86811). + // +optional + LastUpdateTime *metav1.Time `json:"lastUpdateTime,omitempty"` + + // Secrets contains information about this OIDC Provider's secrets. + // +optional + Secrets FederationDomainSecrets `json:"secrets,omitempty"` +} + +// FederationDomain describes the configuration of an OIDC provider. +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped +// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer` +// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.status` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type FederationDomain struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec of the OIDC provider. + Spec FederationDomainSpec `json:"spec"` + + // Status of the OIDC provider. + Status FederationDomainStatus `json:"status,omitempty"` +} + +// List of FederationDomain objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type FederationDomainList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []FederationDomain `json:"items"` +} diff --git a/generated/1.21/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.21/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..856b8988 --- /dev/null +++ b/generated/1.21/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,152 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomain) DeepCopyInto(out *FederationDomain) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomain. +func (in *FederationDomain) DeepCopy() *FederationDomain { + if in == nil { + return nil + } + out := new(FederationDomain) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *FederationDomain) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomainList) DeepCopyInto(out *FederationDomainList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]FederationDomain, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainList. +func (in *FederationDomainList) DeepCopy() *FederationDomainList { + if in == nil { + return nil + } + out := new(FederationDomainList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *FederationDomainList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomainSecrets) DeepCopyInto(out *FederationDomainSecrets) { + *out = *in + out.JWKS = in.JWKS + out.TokenSigningKey = in.TokenSigningKey + out.StateSigningKey = in.StateSigningKey + out.StateEncryptionKey = in.StateEncryptionKey + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainSecrets. +func (in *FederationDomainSecrets) DeepCopy() *FederationDomainSecrets { + if in == nil { + return nil + } + out := new(FederationDomainSecrets) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomainSpec) DeepCopyInto(out *FederationDomainSpec) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(FederationDomainTLSSpec) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainSpec. +func (in *FederationDomainSpec) DeepCopy() *FederationDomainSpec { + if in == nil { + return nil + } + out := new(FederationDomainSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomainStatus) DeepCopyInto(out *FederationDomainStatus) { + *out = *in + if in.LastUpdateTime != nil { + in, out := &in.LastUpdateTime, &out.LastUpdateTime + *out = (*in).DeepCopy() + } + out.Secrets = in.Secrets + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainStatus. +func (in *FederationDomainStatus) DeepCopy() *FederationDomainStatus { + if in == nil { + return nil + } + out := new(FederationDomainStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomainTLSSpec) DeepCopyInto(out *FederationDomainTLSSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainTLSSpec. +func (in *FederationDomainTLSSpec) DeepCopy() *FederationDomainTLSSpec { + if in == nil { + return nil + } + out := new(FederationDomainTLSSpec) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.21/apis/supervisor/idp/v1alpha1/doc.go b/generated/1.21/apis/supervisor/idp/v1alpha1/doc.go new file mode 100644 index 00000000..a9e91c47 --- /dev/null +++ b/generated/1.21/apis/supervisor/idp/v1alpha1/doc.go @@ -0,0 +1,11 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:defaulter-gen=TypeMeta +// +groupName=idp.supervisor.pinniped.dev +// +groupGoName=IDP + +// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor identity provider (IDP) API. +package v1alpha1 diff --git a/generated/1.21/apis/supervisor/idp/v1alpha1/register.go b/generated/1.21/apis/supervisor/idp/v1alpha1/register.go new file mode 100644 index 00000000..8829a863 --- /dev/null +++ b/generated/1.21/apis/supervisor/idp/v1alpha1/register.go @@ -0,0 +1,47 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "idp.supervisor.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &OIDCIdentityProvider{}, + &OIDCIdentityProviderList{}, + &LDAPIdentityProvider{}, + &LDAPIdentityProviderList{}, + &ActiveDirectoryIdentityProvider{}, + &ActiveDirectoryIdentityProviderList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.21/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/1.21/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go new file mode 100644 index 00000000..18626629 --- /dev/null +++ b/generated/1.21/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go @@ -0,0 +1,207 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type ActiveDirectoryIdentityProviderPhase string + +const ( + // ActiveDirectoryPhasePending is the default phase for newly-created ActiveDirectoryIdentityProvider resources. + ActiveDirectoryPhasePending ActiveDirectoryIdentityProviderPhase = "Pending" + + // ActiveDirectoryPhaseReady is the phase for an ActiveDirectoryIdentityProvider resource in a healthy state. + ActiveDirectoryPhaseReady ActiveDirectoryIdentityProviderPhase = "Ready" + + // ActiveDirectoryPhaseError is the phase for an ActiveDirectoryIdentityProvider in an unhealthy state. + ActiveDirectoryPhaseError ActiveDirectoryIdentityProviderPhase = "Error" +) + +// Status of an Active Directory identity provider. +type ActiveDirectoryIdentityProviderStatus struct { + // Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + // +kubebuilder:default=Pending + // +kubebuilder:validation:Enum=Pending;Ready;Error + Phase ActiveDirectoryIdentityProviderPhase `json:"phase,omitempty"` + + // Represents the observations of an identity provider's current state. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} + +type ActiveDirectoryIdentityProviderBind struct { + // SecretName contains the name of a namespace-local Secret object that provides the username and + // password for an Active Directory bind user. This account will be used to perform LDAP searches. The Secret should be + // of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value + // should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". + // The password must be non-empty. + // +kubebuilder:validation:MinLength=1 + SecretName string `json:"secretName"` +} + +type ActiveDirectoryIdentityProviderUserSearchAttributes struct { + // Username specifies the name of the attribute in Active Directory entry whose value shall become the username + // of the user after a successful authentication. + // Optional, when empty this defaults to "userPrincipalName". + // +optional + Username string `json:"username,omitempty"` + + // UID specifies the name of the attribute in the ActiveDirectory entry which whose value shall be used to uniquely + // identify the user within this ActiveDirectory provider after a successful authentication. + // Optional, when empty this defaults to "objectGUID". + // +optional + UID string `json:"uid,omitempty"` +} + +type ActiveDirectoryIdentityProviderGroupSearchAttributes struct { + // GroupName specifies the name of the attribute in the Active Directory entries whose value shall become a group name + // in the user's list of groups after a successful authentication. + // The value of this field is case-sensitive and must match the case of the attribute name returned by the ActiveDirectory + // server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". + // Optional. When not specified, this defaults to a custom field that looks like "sAMAccountName@domain", + // where domain is constructed from the domain components of the group DN. + // +optional + GroupName string `json:"groupName,omitempty"` +} + +type ActiveDirectoryIdentityProviderUserSearch struct { + // Base is the dn (distinguished name) that should be used as the search base when searching for users. + // E.g. "ou=users,dc=example,dc=com". + // Optional, when not specified it will be based on the result of a query for the defaultNamingContext + // (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). + // The default behavior searches your entire domain for users. + // It may make sense to specify a subtree as a search base if you wish to exclude some users + // or to make searches faster. + // +optional + Base string `json:"base,omitempty"` + + // Filter is the search filter which should be applied when searching for users. The pattern "{}" must occur + // in the filter at least once and will be dynamically replaced by the username for which the search is being run. + // E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see + // https://ldap.com/ldap-filters. + // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + // Optional. When not specified, the default will be + // '(&(objectClass=person)(!(objectClass=computer))(!(showInAdvancedViewOnly=TRUE))(|(sAMAccountName={}")(mail={})(userPrincipalName={})(sAMAccountType=805306368))' + // This means that the user is a person, is not a computer, the sAMAccountType is for a normal user account, + // and is not shown in advanced view only + // (which would likely mean its a system created service account with advanced permissions). + // Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. + // +optional + Filter string `json:"filter,omitempty"` + + // Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as + // the result of the user search. + // +optional + Attributes ActiveDirectoryIdentityProviderUserSearchAttributes `json:"attributes,omitempty"` +} + +type ActiveDirectoryIdentityProviderGroupSearch struct { + // Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. + // "ou=groups,dc=example,dc=com". + // Optional, when not specified it will be based on the result of a query for the defaultNamingContext + // (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). + // The default behavior searches your entire domain for groups. + // It may make sense to specify a subtree as a search base if you wish to exclude some groups + // for security reasons or to make searches faster. + // +optional + Base string `json:"base,omitempty"` + + // Filter is the ActiveDirectory search filter which should be applied when searching for groups for a user. + // The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the + // dn (distinguished name) of the user entry found as a result of the user search. E.g. "member={}" or + // "&(objectClass=groupOfNames)(member={})". For more information about ActiveDirectory filters, see + // https://ldap.com/ldap-filters. + // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + // Optional. When not specified, the default will act as if the filter were specified as + // "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={})". + // This searches nested groups by default. + // Note that nested group search can be slow for some Active Directory servers. To disable it, + // you can set the filter to + // "(&(objectClass=group)(member={})" + // +optional + Filter string `json:"filter,omitempty"` + + // Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as + // the result of the group search. + // +optional + Attributes ActiveDirectoryIdentityProviderGroupSearchAttributes `json:"attributes,omitempty"` + + // The user's group membership is refreshed as they interact with the supervisor + // to obtain new credentials (as their old credentials expire). This allows group + // membership changes to be quickly reflected into Kubernetes clusters. Since + // group membership is often used to bind authorization policies, it is important + // to keep the groups observed in Kubernetes clusters in-sync with the identity + // provider. + // + // In some environments, frequent group membership queries may result in a + // significant performance impact on the identity provider and/or the supervisor. + // The best approach to handle performance impacts is to tweak the group query + // to be more performant, for example by disabling nested group search or by + // using a more targeted group search base. + // + // If the group search query cannot be made performant and you are willing to + // have group memberships remain static for approximately a day, then set + // skipGroupRefresh to true. This is an insecure configuration as authorization + // policies that are bound to group membership will not notice if a user has + // been removed from a particular group until their next login. + // + // This is an experimental feature that may be removed or significantly altered + // in the future. Consumers of this configuration should carefully read all + // release notes before upgrading to ensure that the meaning of this field has + // not changed. + SkipGroupRefresh bool `json:"skipGroupRefresh,omitempty"` +} + +// Spec for configuring an ActiveDirectory identity provider. +type ActiveDirectoryIdentityProviderSpec struct { + // Host is the hostname of this Active Directory identity provider, i.e., where to connect. For example: ldap.example.com:636. + // +kubebuilder:validation:MinLength=1 + Host string `json:"host"` + + // TLS contains the connection settings for how to establish the connection to the Host. + TLS *TLSSpec `json:"tls,omitempty"` + + // Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server + // to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + Bind ActiveDirectoryIdentityProviderBind `json:"bind,omitempty"` + + // UserSearch contains the configuration for searching for a user by name in Active Directory. + UserSearch ActiveDirectoryIdentityProviderUserSearch `json:"userSearch,omitempty"` + + // GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. + GroupSearch ActiveDirectoryIdentityProviderGroupSearch `json:"groupSearch,omitempty"` +} + +// ActiveDirectoryIdentityProvider describes the configuration of an upstream Microsoft Active Directory identity provider. +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps +// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=`.spec.host` +// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type ActiveDirectoryIdentityProvider struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec for configuring the identity provider. + Spec ActiveDirectoryIdentityProviderSpec `json:"spec"` + + // Status of the identity provider. + Status ActiveDirectoryIdentityProviderStatus `json:"status,omitempty"` +} + +// List of ActiveDirectoryIdentityProvider objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type ActiveDirectoryIdentityProviderList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []ActiveDirectoryIdentityProvider `json:"items"` +} diff --git a/generated/1.21/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/1.21/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go new file mode 100644 index 00000000..09cb843d --- /dev/null +++ b/generated/1.21/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go @@ -0,0 +1,196 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type LDAPIdentityProviderPhase string + +const ( + // LDAPPhasePending is the default phase for newly-created LDAPIdentityProvider resources. + LDAPPhasePending LDAPIdentityProviderPhase = "Pending" + + // LDAPPhaseReady is the phase for an LDAPIdentityProvider resource in a healthy state. + LDAPPhaseReady LDAPIdentityProviderPhase = "Ready" + + // LDAPPhaseError is the phase for an LDAPIdentityProvider in an unhealthy state. + LDAPPhaseError LDAPIdentityProviderPhase = "Error" +) + +// Status of an LDAP identity provider. +type LDAPIdentityProviderStatus struct { + // Phase summarizes the overall status of the LDAPIdentityProvider. + // +kubebuilder:default=Pending + // +kubebuilder:validation:Enum=Pending;Ready;Error + Phase LDAPIdentityProviderPhase `json:"phase,omitempty"` + + // Represents the observations of an identity provider's current state. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} + +type LDAPIdentityProviderBind struct { + // SecretName contains the name of a namespace-local Secret object that provides the username and + // password for an LDAP bind user. This account will be used to perform LDAP searches. The Secret should be + // of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value + // should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". + // The password must be non-empty. + // +kubebuilder:validation:MinLength=1 + SecretName string `json:"secretName"` +} + +type LDAPIdentityProviderUserSearchAttributes struct { + // Username specifies the name of the attribute in the LDAP entry whose value shall become the username + // of the user after a successful authentication. This would typically be the same attribute name used in + // the user search filter, although it can be different. E.g. "mail" or "uid" or "userPrincipalName". + // The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP + // server in the user's entry. Distinguished names can be used by specifying lower-case "dn". When this field + // is set to "dn" then the LDAPIdentityProviderUserSearch's Filter field cannot be blank, since the default + // value of "dn={}" would not work. + // +kubebuilder:validation:MinLength=1 + Username string `json:"username,omitempty"` + + // UID specifies the name of the attribute in the LDAP entry which whose value shall be used to uniquely + // identify the user within this LDAP provider after a successful authentication. E.g. "uidNumber" or "objectGUID". + // The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP + // server in the user's entry. Distinguished names can be used by specifying lower-case "dn". + // +kubebuilder:validation:MinLength=1 + UID string `json:"uid,omitempty"` +} + +type LDAPIdentityProviderGroupSearchAttributes struct { + // GroupName specifies the name of the attribute in the LDAP entries whose value shall become a group name + // in the user's list of groups after a successful authentication. + // The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP + // server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". + // Optional. When not specified, the default will act as if the GroupName were specified as "dn" (distinguished name). + // +optional + GroupName string `json:"groupName,omitempty"` +} + +type LDAPIdentityProviderUserSearch struct { + // Base is the dn (distinguished name) that should be used as the search base when searching for users. + // E.g. "ou=users,dc=example,dc=com". + // +kubebuilder:validation:MinLength=1 + Base string `json:"base,omitempty"` + + // Filter is the LDAP search filter which should be applied when searching for users. The pattern "{}" must occur + // in the filter at least once and will be dynamically replaced by the username for which the search is being run. + // E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see + // https://ldap.com/ldap-filters. + // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + // Optional. When not specified, the default will act as if the Filter were specified as the value from + // Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be + // explicitly specified, since the default value of "dn={}" would not work. + // +optional + Filter string `json:"filter,omitempty"` + + // Attributes specifies how the user's information should be read from the LDAP entry which was found as + // the result of the user search. + // +optional + Attributes LDAPIdentityProviderUserSearchAttributes `json:"attributes,omitempty"` +} + +type LDAPIdentityProviderGroupSearch struct { + // Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. + // "ou=groups,dc=example,dc=com". When not specified, no group search will be performed and + // authenticated users will not belong to any groups from the LDAP provider. Also, when not specified, + // the values of Filter and Attributes are ignored. + // +optional + Base string `json:"base,omitempty"` + + // Filter is the LDAP search filter which should be applied when searching for groups for a user. + // The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the + // dn (distinguished name) of the user entry found as a result of the user search. E.g. "member={}" or + // "&(objectClass=groupOfNames)(member={})". For more information about LDAP filters, see + // https://ldap.com/ldap-filters. + // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + // Optional. When not specified, the default will act as if the Filter were specified as "member={}". + // +optional + Filter string `json:"filter,omitempty"` + + // Attributes specifies how the group's information should be read from each LDAP entry which was found as + // the result of the group search. + // +optional + Attributes LDAPIdentityProviderGroupSearchAttributes `json:"attributes,omitempty"` + + // The user's group membership is refreshed as they interact with the supervisor + // to obtain new credentials (as their old credentials expire). This allows group + // membership changes to be quickly reflected into Kubernetes clusters. Since + // group membership is often used to bind authorization policies, it is important + // to keep the groups observed in Kubernetes clusters in-sync with the identity + // provider. + // + // In some environments, frequent group membership queries may result in a + // significant performance impact on the identity provider and/or the supervisor. + // The best approach to handle performance impacts is to tweak the group query + // to be more performant, for example by disabling nested group search or by + // using a more targeted group search base. + // + // If the group search query cannot be made performant and you are willing to + // have group memberships remain static for approximately a day, then set + // skipGroupRefresh to true. This is an insecure configuration as authorization + // policies that are bound to group membership will not notice if a user has + // been removed from a particular group until their next login. + // + // This is an experimental feature that may be removed or significantly altered + // in the future. Consumers of this configuration should carefully read all + // release notes before upgrading to ensure that the meaning of this field has + // not changed. + SkipGroupRefresh bool `json:"skipGroupRefresh,omitempty"` +} + +// Spec for configuring an LDAP identity provider. +type LDAPIdentityProviderSpec struct { + // Host is the hostname of this LDAP identity provider, i.e., where to connect. For example: ldap.example.com:636. + // +kubebuilder:validation:MinLength=1 + Host string `json:"host"` + + // TLS contains the connection settings for how to establish the connection to the Host. + TLS *TLSSpec `json:"tls,omitempty"` + + // Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server + // to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + Bind LDAPIdentityProviderBind `json:"bind,omitempty"` + + // UserSearch contains the configuration for searching for a user by name in the LDAP provider. + UserSearch LDAPIdentityProviderUserSearch `json:"userSearch,omitempty"` + + // GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. + GroupSearch LDAPIdentityProviderGroupSearch `json:"groupSearch,omitempty"` +} + +// LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access +// Protocol (LDAP) identity provider. +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps +// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=`.spec.host` +// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type LDAPIdentityProvider struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec for configuring the identity provider. + Spec LDAPIdentityProviderSpec `json:"spec"` + + // Status of the identity provider. + Status LDAPIdentityProviderStatus `json:"status,omitempty"` +} + +// List of LDAPIdentityProvider objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type LDAPIdentityProviderList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []LDAPIdentityProvider `json:"items"` +} diff --git a/generated/1.21/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/1.21/apis/supervisor/idp/v1alpha1/types_meta.go new file mode 100644 index 00000000..76a7d547 --- /dev/null +++ b/generated/1.21/apis/supervisor/idp/v1alpha1/types_meta.go @@ -0,0 +1,75 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// ConditionStatus is effectively an enum type for Condition.Status. +type ConditionStatus string + +// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. +// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes +// can't decide if a resource is in the condition or not. In the future, we could add other +// intermediate conditions, e.g. ConditionDegraded. +const ( + ConditionTrue ConditionStatus = "True" + ConditionFalse ConditionStatus = "False" + ConditionUnknown ConditionStatus = "Unknown" +) + +// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API +// version we can switch to using the upstream type. +// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. +type Condition struct { + // type of condition in CamelCase or in foo.example.com/CamelCase. + // --- + // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + // useful (see .node.status.conditions), the ability to deconflict is important. + // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` + // +kubebuilder:validation:MaxLength=316 + Type string `json:"type"` + + // status of the condition, one of True, False, Unknown. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Enum=True;False;Unknown + Status ConditionStatus `json:"status"` + + // observedGeneration represents the .metadata.generation that the condition was set based upon. + // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + // with respect to the current state of the instance. + // +optional + // +kubebuilder:validation:Minimum=0 + ObservedGeneration int64 `json:"observedGeneration,omitempty"` + + // lastTransitionTime is the last time the condition transitioned from one status to another. + // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Type=string + // +kubebuilder:validation:Format=date-time + LastTransitionTime metav1.Time `json:"lastTransitionTime"` + + // reason contains a programmatic identifier indicating the reason for the condition's last transition. + // Producers of specific condition types may define expected values and meanings for this field, + // and whether the values are considered a guaranteed API. + // The value should be a CamelCase string. + // This field may not be empty. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:MaxLength=1024 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` + Reason string `json:"reason"` + + // message is a human readable message indicating details about the transition. + // This may be an empty string. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:MaxLength=32768 + Message string `json:"message"` +} diff --git a/generated/1.21/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/1.21/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go new file mode 100644 index 00000000..798275a9 --- /dev/null +++ b/generated/1.21/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go @@ -0,0 +1,206 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type OIDCIdentityProviderPhase string + +const ( + // PhasePending is the default phase for newly-created OIDCIdentityProvider resources. + PhasePending OIDCIdentityProviderPhase = "Pending" + + // PhaseReady is the phase for an OIDCIdentityProvider resource in a healthy state. + PhaseReady OIDCIdentityProviderPhase = "Ready" + + // PhaseError is the phase for an OIDCIdentityProvider in an unhealthy state. + PhaseError OIDCIdentityProviderPhase = "Error" +) + +// OIDCIdentityProviderStatus is the status of an OIDC identity provider. +type OIDCIdentityProviderStatus struct { + // Phase summarizes the overall status of the OIDCIdentityProvider. + // +kubebuilder:default=Pending + // +kubebuilder:validation:Enum=Pending;Ready;Error + Phase OIDCIdentityProviderPhase `json:"phase,omitempty"` + + // Represents the observations of an identity provider's current state. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} + +// OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization +// request parameters. +type OIDCAuthorizationConfig struct { + // additionalScopes are the additional scopes that will be requested from your OIDC provider in the authorization + // request during an OIDC Authorization Code Flow and in the token request during a Resource Owner Password Credentials + // Grant. Note that the "openid" scope will always be requested regardless of the value in this setting, since it is + // always required according to the OIDC spec. By default, when this field is not set, the Supervisor will request + // the following scopes: "openid", "offline_access", "email", and "profile". See + // https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims for a description of the "profile" and "email" + // scopes. See https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess for a description of the + // "offline_access" scope. This default value may change in future versions of Pinniped as the standard evolves, + // or as common patterns used by providers who implement the standard in the ecosystem evolve. + // By setting this list to anything other than an empty list, you are overriding the + // default value, so you may wish to include some of "offline_access", "email", and "profile" in your override list. + // If you do not want any of these scopes to be requested, you may set this list to contain only "openid". + // Some OIDC providers may also require a scope to get access to the user's group membership, in which case you + // may wish to include it in this list. Sometimes the scope to request the user's group membership is called + // "groups", but unfortunately this is not specified in the OIDC standard. + // Generally speaking, you should include any scopes required to cause the appropriate claims to be the returned by + // your OIDC provider in the ID token or userinfo endpoint results for those claims which you would like to use in + // the oidcClaims settings to determine the usernames and group memberships of your Kubernetes users. See + // your OIDC provider's documentation for more information about what scopes are available to request claims. + // Additionally, the Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the Supervisor + // from these authorization flows. For most OIDC providers, the scope required to receive refresh tokens will be + // "offline_access". See the documentation of your OIDC provider's authorization and token endpoints for its + // requirements for what to include in the request in order to receive a refresh token in the response, if anything. + // Note that it may be safe to send "offline_access" even to providers which do not require it, since the provider + // may ignore scopes that it does not understand or require (see + // https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the + // "offline_access" scope, then you must override the default value of this setting. This is required if your OIDC + // provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). + // +optional + AdditionalScopes []string `json:"additionalScopes,omitempty"` + + // additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your + // OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra + // parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", + // "state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be + // included in this setting. Additionally, the "hd" parameter cannot be included in this setting at this time. + // The "hd" parameter is used by Google's OIDC provider to provide a hint as to which "hosted domain" the user + // should use during login. However, Pinniped does not yet support validating the hosted domain in the resulting + // ID token, so it is not yet safe to use this feature of Google's OIDC provider with Pinniped. + // This setting does not influence the parameters sent to the token endpoint in the Resource Owner Password + // Credentials Grant. The Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the + // Supervisor from the authorization flows. Some OIDC providers may require a certain value for the "prompt" + // parameter in order to properly request refresh tokens. See the documentation of your OIDC provider's + // authorization endpoint for its requirements for what to include in the request in order to receive a refresh + // token in the response, if anything. If your provider requires the prompt parameter to request a refresh token, + // then include it here. Also note that most providers also require a certain scope to be requested in order to + // receive refresh tokens. See the additionalScopes setting for more information about using scopes to request + // refresh tokens. + // +optional + // +patchMergeKey=name + // +patchStrategy=merge + // +listType=map + // +listMapKey=name + AdditionalAuthorizeParameters []Parameter `json:"additionalAuthorizeParameters,omitempty"` + + // allowPasswordGrant, when true, will allow the use of OAuth 2.0's Resource Owner Password Credentials Grant + // (see https://datatracker.ietf.org/doc/html/rfc6749#section-4.3) to authenticate to the OIDC provider using a + // username and password without a web browser, in addition to the usual browser-based OIDC Authorization Code Flow. + // The Resource Owner Password Credentials Grant is not officially part of the OIDC specification, so it may not be + // supported by your OIDC provider. If your OIDC provider supports returning ID tokens from a Resource Owner Password + // Credentials Grant token request, then you can choose to set this field to true. This will allow end users to choose + // to present their username and password to the kubectl CLI (using the Pinniped plugin) to authenticate to the + // cluster, without using a web browser to log in as is customary in OIDC Authorization Code Flow. This may be + // convenient for users, especially for identities from your OIDC provider which are not intended to represent a human + // actor, such as service accounts performing actions in a CI/CD environment. Even if your OIDC provider supports it, + // you may wish to disable this behavior by setting this field to false when you prefer to only allow users of this + // OIDCIdentityProvider to log in via the browser-based OIDC Authorization Code Flow. Using the Resource Owner Password + // Credentials Grant means that the Pinniped CLI and Pinniped Supervisor will directly handle your end users' passwords + // (similar to LDAPIdentityProvider), and you will not be able to require multi-factor authentication or use the other + // web-based login features of your OIDC provider during Resource Owner Password Credentials Grant logins. + // allowPasswordGrant defaults to false. + // +optional + AllowPasswordGrant bool `json:"allowPasswordGrant,omitempty"` +} + +// Parameter is a key/value pair which represents a parameter in an HTTP request. +type Parameter struct { + // The name of the parameter. Required. + // +kubebuilder:validation:MinLength=1 + Name string `json:"name"` + + // The value of the parameter. + // +optional + Value string `json:"value,omitempty"` +} + +// OIDCClaims provides a mapping from upstream claims into identities. +type OIDCClaims struct { + // Groups provides the name of the ID token claim or userinfo endpoint response claim that will be used to ascertain + // the groups to which an identity belongs. By default, the identities will not include any group memberships when + // this setting is not configured. + // +optional + Groups string `json:"groups"` + + // Username provides the name of the ID token claim or userinfo endpoint response claim that will be used to + // ascertain an identity's username. When not set, the username will be an automatically constructed unique string + // which will include the issuer URL of your OIDC provider along with the value of the "sub" (subject) claim from + // the ID token. + // +optional + Username string `json:"username"` +} + +// OIDCClient contains information about an OIDC client (e.g., client ID and client +// secret). +type OIDCClient struct { + // SecretName contains the name of a namespace-local Secret object that provides the clientID and + // clientSecret for an OIDC client. If only the SecretName is specified in an OIDCClient + // struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oidc-client" with keys + // "clientID" and "clientSecret". + SecretName string `json:"secretName"` +} + +// OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. +type OIDCIdentityProviderSpec struct { + // Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch + // /.well-known/openid-configuration. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://` + Issuer string `json:"issuer"` + + // TLS configuration for discovery/JWKS requests to the issuer. + // +optional + TLS *TLSSpec `json:"tls,omitempty"` + + // AuthorizationConfig holds information about how to form the OAuth2 authorization request + // parameters to be used with this OIDC identity provider. + // +optional + AuthorizationConfig OIDCAuthorizationConfig `json:"authorizationConfig,omitempty"` + + // Claims provides the names of token claims that will be used when inspecting an identity from + // this OIDC identity provider. + // +optional + Claims OIDCClaims `json:"claims"` + + // OIDCClient contains OIDC client information to be used used with this OIDC identity + // provider. + Client OIDCClient `json:"client"` +} + +// OIDCIdentityProvider describes the configuration of an upstream OpenID Connect identity provider. +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps +// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer` +// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type OIDCIdentityProvider struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec for configuring the identity provider. + Spec OIDCIdentityProviderSpec `json:"spec"` + + // Status of the identity provider. + Status OIDCIdentityProviderStatus `json:"status,omitempty"` +} + +// OIDCIdentityProviderList lists OIDCIdentityProvider objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCIdentityProviderList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []OIDCIdentityProvider `json:"items"` +} diff --git a/generated/1.21/apis/supervisor/idp/v1alpha1/types_tls.go b/generated/1.21/apis/supervisor/idp/v1alpha1/types_tls.go new file mode 100644 index 00000000..1413a262 --- /dev/null +++ b/generated/1.21/apis/supervisor/idp/v1alpha1/types_tls.go @@ -0,0 +1,11 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +// Configuration for TLS parameters related to identity provider integration. +type TLSSpec struct { + // X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + // +optional + CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` +} diff --git a/generated/1.21/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.21/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..5f5be6f3 --- /dev/null +++ b/generated/1.21/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,608 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProvider) DeepCopyInto(out *ActiveDirectoryIdentityProvider) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProvider. +func (in *ActiveDirectoryIdentityProvider) DeepCopy() *ActiveDirectoryIdentityProvider { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProvider) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ActiveDirectoryIdentityProvider) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderBind) DeepCopyInto(out *ActiveDirectoryIdentityProviderBind) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderBind. +func (in *ActiveDirectoryIdentityProviderBind) DeepCopy() *ActiveDirectoryIdentityProviderBind { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderBind) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderGroupSearch) DeepCopyInto(out *ActiveDirectoryIdentityProviderGroupSearch) { + *out = *in + out.Attributes = in.Attributes + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderGroupSearch. +func (in *ActiveDirectoryIdentityProviderGroupSearch) DeepCopy() *ActiveDirectoryIdentityProviderGroupSearch { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderGroupSearch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderGroupSearchAttributes) DeepCopyInto(out *ActiveDirectoryIdentityProviderGroupSearchAttributes) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderGroupSearchAttributes. +func (in *ActiveDirectoryIdentityProviderGroupSearchAttributes) DeepCopy() *ActiveDirectoryIdentityProviderGroupSearchAttributes { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderGroupSearchAttributes) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderList) DeepCopyInto(out *ActiveDirectoryIdentityProviderList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ActiveDirectoryIdentityProvider, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderList. +func (in *ActiveDirectoryIdentityProviderList) DeepCopy() *ActiveDirectoryIdentityProviderList { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ActiveDirectoryIdentityProviderList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderSpec) DeepCopyInto(out *ActiveDirectoryIdentityProviderSpec) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(TLSSpec) + **out = **in + } + out.Bind = in.Bind + out.UserSearch = in.UserSearch + out.GroupSearch = in.GroupSearch + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderSpec. +func (in *ActiveDirectoryIdentityProviderSpec) DeepCopy() *ActiveDirectoryIdentityProviderSpec { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderStatus) DeepCopyInto(out *ActiveDirectoryIdentityProviderStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderStatus. +func (in *ActiveDirectoryIdentityProviderStatus) DeepCopy() *ActiveDirectoryIdentityProviderStatus { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderUserSearch) DeepCopyInto(out *ActiveDirectoryIdentityProviderUserSearch) { + *out = *in + out.Attributes = in.Attributes + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderUserSearch. +func (in *ActiveDirectoryIdentityProviderUserSearch) DeepCopy() *ActiveDirectoryIdentityProviderUserSearch { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderUserSearch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopyInto(out *ActiveDirectoryIdentityProviderUserSearchAttributes) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderUserSearchAttributes. +func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopy() *ActiveDirectoryIdentityProviderUserSearchAttributes { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderUserSearchAttributes) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Condition) DeepCopyInto(out *Condition) { + *out = *in + in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. +func (in *Condition) DeepCopy() *Condition { + if in == nil { + return nil + } + out := new(Condition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProvider) DeepCopyInto(out *LDAPIdentityProvider) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProvider. +func (in *LDAPIdentityProvider) DeepCopy() *LDAPIdentityProvider { + if in == nil { + return nil + } + out := new(LDAPIdentityProvider) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *LDAPIdentityProvider) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderBind) DeepCopyInto(out *LDAPIdentityProviderBind) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderBind. +func (in *LDAPIdentityProviderBind) DeepCopy() *LDAPIdentityProviderBind { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderBind) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderGroupSearch) DeepCopyInto(out *LDAPIdentityProviderGroupSearch) { + *out = *in + out.Attributes = in.Attributes + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderGroupSearch. +func (in *LDAPIdentityProviderGroupSearch) DeepCopy() *LDAPIdentityProviderGroupSearch { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderGroupSearch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderGroupSearchAttributes) DeepCopyInto(out *LDAPIdentityProviderGroupSearchAttributes) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderGroupSearchAttributes. +func (in *LDAPIdentityProviderGroupSearchAttributes) DeepCopy() *LDAPIdentityProviderGroupSearchAttributes { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderGroupSearchAttributes) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderList) DeepCopyInto(out *LDAPIdentityProviderList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]LDAPIdentityProvider, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderList. +func (in *LDAPIdentityProviderList) DeepCopy() *LDAPIdentityProviderList { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *LDAPIdentityProviderList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderSpec) DeepCopyInto(out *LDAPIdentityProviderSpec) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(TLSSpec) + **out = **in + } + out.Bind = in.Bind + out.UserSearch = in.UserSearch + out.GroupSearch = in.GroupSearch + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderSpec. +func (in *LDAPIdentityProviderSpec) DeepCopy() *LDAPIdentityProviderSpec { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderStatus) DeepCopyInto(out *LDAPIdentityProviderStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderStatus. +func (in *LDAPIdentityProviderStatus) DeepCopy() *LDAPIdentityProviderStatus { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderUserSearch) DeepCopyInto(out *LDAPIdentityProviderUserSearch) { + *out = *in + out.Attributes = in.Attributes + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderUserSearch. +func (in *LDAPIdentityProviderUserSearch) DeepCopy() *LDAPIdentityProviderUserSearch { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderUserSearch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderUserSearchAttributes) DeepCopyInto(out *LDAPIdentityProviderUserSearchAttributes) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderUserSearchAttributes. +func (in *LDAPIdentityProviderUserSearchAttributes) DeepCopy() *LDAPIdentityProviderUserSearchAttributes { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderUserSearchAttributes) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCAuthorizationConfig) DeepCopyInto(out *OIDCAuthorizationConfig) { + *out = *in + if in.AdditionalScopes != nil { + in, out := &in.AdditionalScopes, &out.AdditionalScopes + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AdditionalAuthorizeParameters != nil { + in, out := &in.AdditionalAuthorizeParameters, &out.AdditionalAuthorizeParameters + *out = make([]Parameter, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCAuthorizationConfig. +func (in *OIDCAuthorizationConfig) DeepCopy() *OIDCAuthorizationConfig { + if in == nil { + return nil + } + out := new(OIDCAuthorizationConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClaims) DeepCopyInto(out *OIDCClaims) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClaims. +func (in *OIDCClaims) DeepCopy() *OIDCClaims { + if in == nil { + return nil + } + out := new(OIDCClaims) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. +func (in *OIDCClient) DeepCopy() *OIDCClient { + if in == nil { + return nil + } + out := new(OIDCClient) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCIdentityProvider) DeepCopyInto(out *OIDCIdentityProvider) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProvider. +func (in *OIDCIdentityProvider) DeepCopy() *OIDCIdentityProvider { + if in == nil { + return nil + } + out := new(OIDCIdentityProvider) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCIdentityProvider) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCIdentityProviderList) DeepCopyInto(out *OIDCIdentityProviderList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCIdentityProvider, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderList. +func (in *OIDCIdentityProviderList) DeepCopy() *OIDCIdentityProviderList { + if in == nil { + return nil + } + out := new(OIDCIdentityProviderList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCIdentityProviderList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCIdentityProviderSpec) DeepCopyInto(out *OIDCIdentityProviderSpec) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(TLSSpec) + **out = **in + } + in.AuthorizationConfig.DeepCopyInto(&out.AuthorizationConfig) + out.Claims = in.Claims + out.Client = in.Client + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderSpec. +func (in *OIDCIdentityProviderSpec) DeepCopy() *OIDCIdentityProviderSpec { + if in == nil { + return nil + } + out := new(OIDCIdentityProviderSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCIdentityProviderStatus) DeepCopyInto(out *OIDCIdentityProviderStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderStatus. +func (in *OIDCIdentityProviderStatus) DeepCopy() *OIDCIdentityProviderStatus { + if in == nil { + return nil + } + out := new(OIDCIdentityProviderStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Parameter) DeepCopyInto(out *Parameter) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Parameter. +func (in *Parameter) DeepCopy() *Parameter { + if in == nil { + return nil + } + out := new(Parameter) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSSpec) DeepCopyInto(out *TLSSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSSpec. +func (in *TLSSpec) DeepCopy() *TLSSpec { + if in == nil { + return nil + } + out := new(TLSSpec) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.21/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go b/generated/1.21/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go new file mode 100644 index 00000000..ea055090 --- /dev/null +++ b/generated/1.21/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go @@ -0,0 +1,66 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +// IDPType are the strings that can be returned by the Supervisor identity provider discovery endpoint +// as the "type" of each returned identity provider. +type IDPType string + +// IDPFlow are the strings that can be returned by the Supervisor identity provider discovery endpoint +// in the array of allowed client "flows" for each returned identity provider. +type IDPFlow string + +const ( + IDPTypeOIDC IDPType = "oidc" + IDPTypeLDAP IDPType = "ldap" + IDPTypeActiveDirectory IDPType = "activedirectory" + + IDPFlowCLIPassword IDPFlow = "cli_password" + IDPFlowBrowserAuthcode IDPFlow = "browser_authcode" +) + +// Equals is a convenience function for comparing an IDPType to a string. +func (r IDPType) Equals(s string) bool { + return string(r) == s +} + +// String is a convenience function to convert an IDPType to a string. +func (r IDPType) String() string { + return string(r) +} + +// Equals is a convenience function for comparing an IDPFlow to a string. +func (r IDPFlow) Equals(s string) bool { + return string(r) == s +} + +// String is a convenience function to convert an IDPFlow to a string. +func (r IDPFlow) String() string { + return string(r) +} + +// OIDCDiscoveryResponse is part of the response from a FederationDomain's OpenID Provider Configuration +// Document returned by the .well-known/openid-configuration endpoint. It ignores all the standard OpenID Provider +// configuration metadata and only picks out the portion related to Supervisor identity provider discovery. +type OIDCDiscoveryResponse struct { + SupervisorDiscovery OIDCDiscoveryResponseIDPEndpoint `json:"discovery.supervisor.pinniped.dev/v1alpha1"` +} + +// OIDCDiscoveryResponseIDPEndpoint contains the URL for the identity provider discovery endpoint. +type OIDCDiscoveryResponseIDPEndpoint struct { + PinnipedIDPsEndpoint string `json:"pinniped_identity_providers_endpoint"` +} + +// IDPDiscoveryResponse is the response of a FederationDomain's identity provider discovery endpoint. +type IDPDiscoveryResponse struct { + PinnipedIDPs []PinnipedIDP `json:"pinniped_identity_providers"` +} + +// PinnipedIDP describes a single identity provider as included in the response of a FederationDomain's +// identity provider discovery endpoint. +type PinnipedIDP struct { + Name string `json:"name"` + Type IDPType `json:"type"` + Flows []IDPFlow `json:"flows,omitempty"` +} diff --git a/generated/1.21/apis/supervisor/oidc/types_supervisor_oidc.go b/generated/1.21/apis/supervisor/oidc/types_supervisor_oidc.go new file mode 100644 index 00000000..b35aafcb --- /dev/null +++ b/generated/1.21/apis/supervisor/oidc/types_supervisor_oidc.go @@ -0,0 +1,25 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package oidc + +// Constants related to the Supervisor FederationDomain's authorization and token endpoints. +const ( + // AuthorizeUsernameHeaderName is the name of the HTTP header which can be used to transmit a username + // to the authorize endpoint when using a password flow, for example an OIDCIdentityProvider with a password grant + // or an LDAPIdentityProvider. + AuthorizeUsernameHeaderName = "Pinniped-Username" + + // AuthorizePasswordHeaderName is the name of the HTTP header which can be used to transmit a password + // to the authorize endpoint when using a password flow, for example an OIDCIdentityProvider with a password grant + // or an LDAPIdentityProvider. + AuthorizePasswordHeaderName = "Pinniped-Password" //nolint:gosec // this is not a credential + + // AuthorizeUpstreamIDPNameParamName is the name of the HTTP request parameter which can be used to help select which + // identity provider should be used for authentication by sending the name of the desired identity provider. + AuthorizeUpstreamIDPNameParamName = "pinniped_idp_name" + + // AuthorizeUpstreamIDPTypeParamName is the name of the HTTP request parameter which can be used to help select which + // identity provider should be used for authentication by sending the type of the desired identity provider. + AuthorizeUpstreamIDPTypeParamName = "pinniped_idp_type" +) diff --git a/generated/1.21/client/concierge/clientset/versioned/clientset.go b/generated/1.21/client/concierge/clientset/versioned/clientset.go new file mode 100644 index 00000000..56ac3155 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/clientset.go @@ -0,0 +1,126 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package versioned + +import ( + "fmt" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" +) + +type Interface interface { + Discovery() discovery.DiscoveryInterface + AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface + ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface + IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface + LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface +} + +// Clientset contains the clients for groups. Each group has exactly one +// version included in a Clientset. +type Clientset struct { + *discovery.DiscoveryClient + authenticationV1alpha1 *authenticationv1alpha1.AuthenticationV1alpha1Client + configV1alpha1 *configv1alpha1.ConfigV1alpha1Client + identityV1alpha1 *identityv1alpha1.IdentityV1alpha1Client + loginV1alpha1 *loginv1alpha1.LoginV1alpha1Client +} + +// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client +func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { + return c.authenticationV1alpha1 +} + +// ConfigV1alpha1 retrieves the ConfigV1alpha1Client +func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { + return c.configV1alpha1 +} + +// IdentityV1alpha1 retrieves the IdentityV1alpha1Client +func (c *Clientset) IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface { + return c.identityV1alpha1 +} + +// LoginV1alpha1 retrieves the LoginV1alpha1Client +func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface { + return c.loginV1alpha1 +} + +// Discovery retrieves the DiscoveryClient +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + if c == nil { + return nil + } + return c.DiscoveryClient +} + +// NewForConfig creates a new Clientset for the given config. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfig will generate a rate-limiter in configShallowCopy. +func NewForConfig(c *rest.Config) (*Clientset, error) { + configShallowCopy := *c + if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { + if configShallowCopy.Burst <= 0 { + return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") + } + configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) + } + var cs Clientset + var err error + cs.authenticationV1alpha1, err = authenticationv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.configV1alpha1, err = configv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.identityV1alpha1, err = identityv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.loginV1alpha1, err = loginv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + return &cs, nil +} + +// NewForConfigOrDie creates a new Clientset for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *Clientset { + var cs Clientset + cs.authenticationV1alpha1 = authenticationv1alpha1.NewForConfigOrDie(c) + cs.configV1alpha1 = configv1alpha1.NewForConfigOrDie(c) + cs.identityV1alpha1 = identityv1alpha1.NewForConfigOrDie(c) + cs.loginV1alpha1 = loginv1alpha1.NewForConfigOrDie(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) + return &cs +} + +// New creates a new Clientset for the given RESTClient. +func New(c rest.Interface) *Clientset { + var cs Clientset + cs.authenticationV1alpha1 = authenticationv1alpha1.New(c) + cs.configV1alpha1 = configv1alpha1.New(c) + cs.identityV1alpha1 = identityv1alpha1.New(c) + cs.loginV1alpha1 = loginv1alpha1.New(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClient(c) + return &cs +} diff --git a/generated/1.21/client/concierge/clientset/versioned/doc.go b/generated/1.21/client/concierge/clientset/versioned/doc.go new file mode 100644 index 00000000..5dc02e6e --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated clientset. +package versioned diff --git a/generated/1.21/client/concierge/clientset/versioned/fake/clientset_generated.go b/generated/1.21/client/concierge/clientset/versioned/fake/clientset_generated.go new file mode 100644 index 00000000..0242aa6c --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/fake/clientset_generated.go @@ -0,0 +1,90 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + clientset "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned" + authenticationv1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + fakeauthenticationv1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake" + configv1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1" + fakeconfigv1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/fake" + identityv1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1" + fakeidentityv1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake" + loginv1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1" + fakeloginv1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/fake" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/discovery" + fakediscovery "k8s.io/client-go/discovery/fake" + "k8s.io/client-go/testing" +) + +// NewSimpleClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +func NewSimpleClientset(objects ...runtime.Object) *Clientset { + o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{tracker: o} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +// Clientset implements clientset.Interface. Meant to be embedded into a +// struct to get a default implementation. This makes faking out just the method +// you want to test easier. +type Clientset struct { + testing.Fake + discovery *fakediscovery.FakeDiscovery + tracker testing.ObjectTracker +} + +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + return c.discovery +} + +func (c *Clientset) Tracker() testing.ObjectTracker { + return c.tracker +} + +var _ clientset.Interface = &Clientset{} + +// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client +func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { + return &fakeauthenticationv1alpha1.FakeAuthenticationV1alpha1{Fake: &c.Fake} +} + +// ConfigV1alpha1 retrieves the ConfigV1alpha1Client +func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { + return &fakeconfigv1alpha1.FakeConfigV1alpha1{Fake: &c.Fake} +} + +// IdentityV1alpha1 retrieves the IdentityV1alpha1Client +func (c *Clientset) IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface { + return &fakeidentityv1alpha1.FakeIdentityV1alpha1{Fake: &c.Fake} +} + +// LoginV1alpha1 retrieves the LoginV1alpha1Client +func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface { + return &fakeloginv1alpha1.FakeLoginV1alpha1{Fake: &c.Fake} +} diff --git a/generated/1.21/client/concierge/clientset/versioned/fake/doc.go b/generated/1.21/client/concierge/clientset/versioned/fake/doc.go new file mode 100644 index 00000000..7c9538fd --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated fake clientset. +package fake diff --git a/generated/1.21/client/concierge/clientset/versioned/fake/register.go b/generated/1.21/client/concierge/clientset/versioned/fake/register.go new file mode 100644 index 00000000..a6cf1423 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/fake/register.go @@ -0,0 +1,49 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/login/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var scheme = runtime.NewScheme() +var codecs = serializer.NewCodecFactory(scheme) + +var localSchemeBuilder = runtime.SchemeBuilder{ + authenticationv1alpha1.AddToScheme, + configv1alpha1.AddToScheme, + identityv1alpha1.AddToScheme, + loginv1alpha1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(scheme)) +} diff --git a/generated/1.21/client/concierge/clientset/versioned/scheme/doc.go b/generated/1.21/client/concierge/clientset/versioned/scheme/doc.go new file mode 100644 index 00000000..cc02f1d3 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/scheme/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package contains the scheme of the automatically generated clientset. +package scheme diff --git a/generated/1.21/client/concierge/clientset/versioned/scheme/register.go b/generated/1.21/client/concierge/clientset/versioned/scheme/register.go new file mode 100644 index 00000000..a188e9a4 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/scheme/register.go @@ -0,0 +1,49 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package scheme + +import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/login/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var Scheme = runtime.NewScheme() +var Codecs = serializer.NewCodecFactory(Scheme) +var ParameterCodec = runtime.NewParameterCodec(Scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + authenticationv1alpha1.AddToScheme, + configv1alpha1.AddToScheme, + identityv1alpha1.AddToScheme, + loginv1alpha1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(Scheme)) +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go new file mode 100644 index 00000000..6a9f13ef --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go @@ -0,0 +1,81 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/authentication/v1alpha1" + "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type AuthenticationV1alpha1Interface interface { + RESTClient() rest.Interface + JWTAuthenticatorsGetter + WebhookAuthenticatorsGetter +} + +// AuthenticationV1alpha1Client is used to interact with features provided by the authentication.concierge.pinniped.dev group. +type AuthenticationV1alpha1Client struct { + restClient rest.Interface +} + +func (c *AuthenticationV1alpha1Client) JWTAuthenticators() JWTAuthenticatorInterface { + return newJWTAuthenticators(c) +} + +func (c *AuthenticationV1alpha1Client) WebhookAuthenticators() WebhookAuthenticatorInterface { + return newWebhookAuthenticators(c) +} + +// NewForConfig creates a new AuthenticationV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &AuthenticationV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new AuthenticationV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *AuthenticationV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new AuthenticationV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *AuthenticationV1alpha1Client { + return &AuthenticationV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *AuthenticationV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go new file mode 100644 index 00000000..8e777bd4 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go @@ -0,0 +1,31 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeAuthenticationV1alpha1 struct { + *testing.Fake +} + +func (c *FakeAuthenticationV1alpha1) JWTAuthenticators() v1alpha1.JWTAuthenticatorInterface { + return &FakeJWTAuthenticators{c} +} + +func (c *FakeAuthenticationV1alpha1) WebhookAuthenticators() v1alpha1.WebhookAuthenticatorInterface { + return &FakeWebhookAuthenticators{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeAuthenticationV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go new file mode 100644 index 00000000..0faf8131 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go @@ -0,0 +1,120 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeJWTAuthenticators implements JWTAuthenticatorInterface +type FakeJWTAuthenticators struct { + Fake *FakeAuthenticationV1alpha1 +} + +var jwtauthenticatorsResource = schema.GroupVersionResource{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Resource: "jwtauthenticators"} + +var jwtauthenticatorsKind = schema.GroupVersionKind{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Kind: "JWTAuthenticator"} + +// Get takes name of the jWTAuthenticator, and returns the corresponding jWTAuthenticator object, and an error if there is any. +func (c *FakeJWTAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.JWTAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(jwtauthenticatorsResource, name), &v1alpha1.JWTAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.JWTAuthenticator), err +} + +// List takes label and field selectors, and returns the list of JWTAuthenticators that match those selectors. +func (c *FakeJWTAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.JWTAuthenticatorList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(jwtauthenticatorsResource, jwtauthenticatorsKind, opts), &v1alpha1.JWTAuthenticatorList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.JWTAuthenticatorList{ListMeta: obj.(*v1alpha1.JWTAuthenticatorList).ListMeta} + for _, item := range obj.(*v1alpha1.JWTAuthenticatorList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested jWTAuthenticators. +func (c *FakeJWTAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(jwtauthenticatorsResource, opts)) +} + +// Create takes the representation of a jWTAuthenticator and creates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. +func (c *FakeJWTAuthenticators) Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (result *v1alpha1.JWTAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(jwtauthenticatorsResource, jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.JWTAuthenticator), err +} + +// Update takes the representation of a jWTAuthenticator and updates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. +func (c *FakeJWTAuthenticators) Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(jwtauthenticatorsResource, jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.JWTAuthenticator), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeJWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(jwtauthenticatorsResource, "status", jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.JWTAuthenticator), err +} + +// Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. +func (c *FakeJWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(jwtauthenticatorsResource, name), &v1alpha1.JWTAuthenticator{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeJWTAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(jwtauthenticatorsResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.JWTAuthenticatorList{}) + return err +} + +// Patch applies the patch and returns the patched jWTAuthenticator. +func (c *FakeJWTAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(jwtauthenticatorsResource, name, pt, data, subresources...), &v1alpha1.JWTAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.JWTAuthenticator), err +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go new file mode 100644 index 00000000..3465e9df --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go @@ -0,0 +1,120 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeWebhookAuthenticators implements WebhookAuthenticatorInterface +type FakeWebhookAuthenticators struct { + Fake *FakeAuthenticationV1alpha1 +} + +var webhookauthenticatorsResource = schema.GroupVersionResource{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Resource: "webhookauthenticators"} + +var webhookauthenticatorsKind = schema.GroupVersionKind{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Kind: "WebhookAuthenticator"} + +// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. +func (c *FakeWebhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(webhookauthenticatorsResource, name), &v1alpha1.WebhookAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. +func (c *FakeWebhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(webhookauthenticatorsResource, webhookauthenticatorsKind, opts), &v1alpha1.WebhookAuthenticatorList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.WebhookAuthenticatorList{ListMeta: obj.(*v1alpha1.WebhookAuthenticatorList).ListMeta} + for _, item := range obj.(*v1alpha1.WebhookAuthenticatorList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested webhookAuthenticators. +func (c *FakeWebhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(webhookauthenticatorsResource, opts)) +} + +// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *FakeWebhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(webhookauthenticatorsResource, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *FakeWebhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(webhookauthenticatorsResource, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeWebhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(webhookauthenticatorsResource, "status", webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. +func (c *FakeWebhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(webhookauthenticatorsResource, name), &v1alpha1.WebhookAuthenticator{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeWebhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(webhookauthenticatorsResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.WebhookAuthenticatorList{}) + return err +} + +// Patch applies the patch and returns the patched webhookAuthenticator. +func (c *FakeWebhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(webhookauthenticatorsResource, name, pt, data, subresources...), &v1alpha1.WebhookAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..03757746 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go @@ -0,0 +1,10 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type JWTAuthenticatorExpansion interface{} + +type WebhookAuthenticatorExpansion interface{} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go new file mode 100644 index 00000000..fb517d0c --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go @@ -0,0 +1,171 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// JWTAuthenticatorsGetter has a method to return a JWTAuthenticatorInterface. +// A group's client should implement this interface. +type JWTAuthenticatorsGetter interface { + JWTAuthenticators() JWTAuthenticatorInterface +} + +// JWTAuthenticatorInterface has methods to work with JWTAuthenticator resources. +type JWTAuthenticatorInterface interface { + Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (*v1alpha1.JWTAuthenticator, error) + Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) + UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.JWTAuthenticator, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.JWTAuthenticatorList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) + JWTAuthenticatorExpansion +} + +// jWTAuthenticators implements JWTAuthenticatorInterface +type jWTAuthenticators struct { + client rest.Interface +} + +// newJWTAuthenticators returns a JWTAuthenticators +func newJWTAuthenticators(c *AuthenticationV1alpha1Client) *jWTAuthenticators { + return &jWTAuthenticators{ + client: c.RESTClient(), + } +} + +// Get takes name of the jWTAuthenticator, and returns the corresponding jWTAuthenticator object, and an error if there is any. +func (c *jWTAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.JWTAuthenticator, err error) { + result = &v1alpha1.JWTAuthenticator{} + err = c.client.Get(). + Resource("jwtauthenticators"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of JWTAuthenticators that match those selectors. +func (c *jWTAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.JWTAuthenticatorList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.JWTAuthenticatorList{} + err = c.client.Get(). + Resource("jwtauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested jWTAuthenticators. +func (c *jWTAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("jwtauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a jWTAuthenticator and creates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. +func (c *jWTAuthenticators) Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (result *v1alpha1.JWTAuthenticator, err error) { + result = &v1alpha1.JWTAuthenticator{} + err = c.client.Post(). + Resource("jwtauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(jWTAuthenticator). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a jWTAuthenticator and updates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. +func (c *jWTAuthenticators) Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { + result = &v1alpha1.JWTAuthenticator{} + err = c.client.Put(). + Resource("jwtauthenticators"). + Name(jWTAuthenticator.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(jWTAuthenticator). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *jWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { + result = &v1alpha1.JWTAuthenticator{} + err = c.client.Put(). + Resource("jwtauthenticators"). + Name(jWTAuthenticator.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(jWTAuthenticator). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. +func (c *jWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("jwtauthenticators"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *jWTAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("jwtauthenticators"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched jWTAuthenticator. +func (c *jWTAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) { + result = &v1alpha1.JWTAuthenticator{} + err = c.client.Patch(pt). + Resource("jwtauthenticators"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 00000000..b8f85dec --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,171 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// WebhookAuthenticatorsGetter has a method to return a WebhookAuthenticatorInterface. +// A group's client should implement this interface. +type WebhookAuthenticatorsGetter interface { + WebhookAuthenticators() WebhookAuthenticatorInterface +} + +// WebhookAuthenticatorInterface has methods to work with WebhookAuthenticator resources. +type WebhookAuthenticatorInterface interface { + Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (*v1alpha1.WebhookAuthenticator, error) + Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) + UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.WebhookAuthenticator, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.WebhookAuthenticatorList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) + WebhookAuthenticatorExpansion +} + +// webhookAuthenticators implements WebhookAuthenticatorInterface +type webhookAuthenticators struct { + client rest.Interface +} + +// newWebhookAuthenticators returns a WebhookAuthenticators +func newWebhookAuthenticators(c *AuthenticationV1alpha1Client) *webhookAuthenticators { + return &webhookAuthenticators{ + client: c.RESTClient(), + } +} + +// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. +func (c *webhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Get(). + Resource("webhookauthenticators"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. +func (c *webhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.WebhookAuthenticatorList{} + err = c.client.Get(). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested webhookAuthenticators. +func (c *webhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *webhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Post(). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(webhookAuthenticator). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *webhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Put(). + Resource("webhookauthenticators"). + Name(webhookAuthenticator.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(webhookAuthenticator). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *webhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Put(). + Resource("webhookauthenticators"). + Name(webhookAuthenticator.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(webhookAuthenticator). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. +func (c *webhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("webhookauthenticators"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *webhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("webhookauthenticators"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched webhookAuthenticator. +func (c *webhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Patch(pt). + Resource("webhookauthenticators"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go new file mode 100644 index 00000000..71a77c20 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/config/v1alpha1" + "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type ConfigV1alpha1Interface interface { + RESTClient() rest.Interface + CredentialIssuersGetter +} + +// ConfigV1alpha1Client is used to interact with features provided by the config.concierge.pinniped.dev group. +type ConfigV1alpha1Client struct { + restClient rest.Interface +} + +func (c *ConfigV1alpha1Client) CredentialIssuers() CredentialIssuerInterface { + return newCredentialIssuers(c) +} + +// NewForConfig creates a new ConfigV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &ConfigV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new ConfigV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *ConfigV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new ConfigV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *ConfigV1alpha1Client { + return &ConfigV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *ConfigV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go b/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go new file mode 100644 index 00000000..e1212217 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go @@ -0,0 +1,171 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// CredentialIssuersGetter has a method to return a CredentialIssuerInterface. +// A group's client should implement this interface. +type CredentialIssuersGetter interface { + CredentialIssuers() CredentialIssuerInterface +} + +// CredentialIssuerInterface has methods to work with CredentialIssuer resources. +type CredentialIssuerInterface interface { + Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (*v1alpha1.CredentialIssuer, error) + Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) + UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuer, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) + CredentialIssuerExpansion +} + +// credentialIssuers implements CredentialIssuerInterface +type credentialIssuers struct { + client rest.Interface +} + +// newCredentialIssuers returns a CredentialIssuers +func newCredentialIssuers(c *ConfigV1alpha1Client) *credentialIssuers { + return &credentialIssuers{ + client: c.RESTClient(), + } +} + +// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any. +func (c *credentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) { + result = &v1alpha1.CredentialIssuer{} + err = c.client.Get(). + Resource("credentialissuers"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors. +func (c *credentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.CredentialIssuerList{} + err = c.client.Get(). + Resource("credentialissuers"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested credentialIssuers. +func (c *credentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("credentialissuers"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. +func (c *credentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) { + result = &v1alpha1.CredentialIssuer{} + err = c.client.Post(). + Resource("credentialissuers"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(credentialIssuer). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. +func (c *credentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { + result = &v1alpha1.CredentialIssuer{} + err = c.client.Put(). + Resource("credentialissuers"). + Name(credentialIssuer.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(credentialIssuer). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *credentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { + result = &v1alpha1.CredentialIssuer{} + err = c.client.Put(). + Resource("credentialissuers"). + Name(credentialIssuer.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(credentialIssuer). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. +func (c *credentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("credentialissuers"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *credentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("credentialissuers"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched credentialIssuer. +func (c *credentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) { + result = &v1alpha1.CredentialIssuer{} + err = c.client.Patch(pt). + Resource("credentialissuers"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go new file mode 100644 index 00000000..e6e27355 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeConfigV1alpha1 struct { + *testing.Fake +} + +func (c *FakeConfigV1alpha1) CredentialIssuers() v1alpha1.CredentialIssuerInterface { + return &FakeCredentialIssuers{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go b/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go new file mode 100644 index 00000000..7e4ad99f --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go @@ -0,0 +1,120 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/config/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeCredentialIssuers implements CredentialIssuerInterface +type FakeCredentialIssuers struct { + Fake *FakeConfigV1alpha1 +} + +var credentialissuersResource = schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuers"} + +var credentialissuersKind = schema.GroupVersionKind{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuer"} + +// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any. +func (c *FakeCredentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(credentialissuersResource, name), &v1alpha1.CredentialIssuer{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CredentialIssuer), err +} + +// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors. +func (c *FakeCredentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(credentialissuersResource, credentialissuersKind, opts), &v1alpha1.CredentialIssuerList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.CredentialIssuerList{ListMeta: obj.(*v1alpha1.CredentialIssuerList).ListMeta} + for _, item := range obj.(*v1alpha1.CredentialIssuerList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested credentialIssuers. +func (c *FakeCredentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(credentialissuersResource, opts)) +} + +// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. +func (c *FakeCredentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(credentialissuersResource, credentialIssuer), &v1alpha1.CredentialIssuer{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CredentialIssuer), err +} + +// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. +func (c *FakeCredentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(credentialissuersResource, credentialIssuer), &v1alpha1.CredentialIssuer{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CredentialIssuer), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeCredentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(credentialissuersResource, "status", credentialIssuer), &v1alpha1.CredentialIssuer{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CredentialIssuer), err +} + +// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. +func (c *FakeCredentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(credentialissuersResource, name), &v1alpha1.CredentialIssuer{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeCredentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(credentialissuersResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerList{}) + return err +} + +// Patch applies the patch and returns the patched credentialIssuer. +func (c *FakeCredentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(credentialissuersResource, name, pt, data, subresources...), &v1alpha1.CredentialIssuer{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CredentialIssuer), err +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..294cd402 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -0,0 +1,8 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type CredentialIssuerExpansion interface{} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go b/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go b/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go b/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go new file mode 100644 index 00000000..4ee78fa4 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeIdentityV1alpha1 struct { + *testing.Fake +} + +func (c *FakeIdentityV1alpha1) WhoAmIRequests() v1alpha1.WhoAmIRequestInterface { + return &FakeWhoAmIRequests{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeIdentityV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go b/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go new file mode 100644 index 00000000..85defe77 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go @@ -0,0 +1,34 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/identity/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + testing "k8s.io/client-go/testing" +) + +// FakeWhoAmIRequests implements WhoAmIRequestInterface +type FakeWhoAmIRequests struct { + Fake *FakeIdentityV1alpha1 +} + +var whoamirequestsResource = schema.GroupVersionResource{Group: "identity.concierge.pinniped.dev", Version: "v1alpha1", Resource: "whoamirequests"} + +var whoamirequestsKind = schema.GroupVersionKind{Group: "identity.concierge.pinniped.dev", Version: "v1alpha1", Kind: "WhoAmIRequest"} + +// Create takes the representation of a whoAmIRequest and creates it. Returns the server's representation of the whoAmIRequest, and an error, if there is any. +func (c *FakeWhoAmIRequests) Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (result *v1alpha1.WhoAmIRequest, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(whoamirequestsResource, whoAmIRequest), &v1alpha1.WhoAmIRequest{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WhoAmIRequest), err +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go b/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..925d9ca3 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go @@ -0,0 +1,8 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type WhoAmIRequestExpansion interface{} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go b/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go new file mode 100644 index 00000000..8a160eaa --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/identity/v1alpha1" + "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type IdentityV1alpha1Interface interface { + RESTClient() rest.Interface + WhoAmIRequestsGetter +} + +// IdentityV1alpha1Client is used to interact with features provided by the identity.concierge.pinniped.dev group. +type IdentityV1alpha1Client struct { + restClient rest.Interface +} + +func (c *IdentityV1alpha1Client) WhoAmIRequests() WhoAmIRequestInterface { + return newWhoAmIRequests(c) +} + +// NewForConfig creates a new IdentityV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*IdentityV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &IdentityV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new IdentityV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *IdentityV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new IdentityV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *IdentityV1alpha1Client { + return &IdentityV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *IdentityV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go b/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go new file mode 100644 index 00000000..67767b8b --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go @@ -0,0 +1,51 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/identity/v1alpha1" + scheme "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + rest "k8s.io/client-go/rest" +) + +// WhoAmIRequestsGetter has a method to return a WhoAmIRequestInterface. +// A group's client should implement this interface. +type WhoAmIRequestsGetter interface { + WhoAmIRequests() WhoAmIRequestInterface +} + +// WhoAmIRequestInterface has methods to work with WhoAmIRequest resources. +type WhoAmIRequestInterface interface { + Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (*v1alpha1.WhoAmIRequest, error) + WhoAmIRequestExpansion +} + +// whoAmIRequests implements WhoAmIRequestInterface +type whoAmIRequests struct { + client rest.Interface +} + +// newWhoAmIRequests returns a WhoAmIRequests +func newWhoAmIRequests(c *IdentityV1alpha1Client) *whoAmIRequests { + return &whoAmIRequests{ + client: c.RESTClient(), + } +} + +// Create takes the representation of a whoAmIRequest and creates it. Returns the server's representation of the whoAmIRequest, and an error, if there is any. +func (c *whoAmIRequests) Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (result *v1alpha1.WhoAmIRequest, err error) { + result = &v1alpha1.WhoAmIRequest{} + err = c.client.Post(). + Resource("whoamirequests"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(whoAmIRequest). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go b/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go b/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go b/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go new file mode 100644 index 00000000..86963160 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeLoginV1alpha1 struct { + *testing.Fake +} + +func (c *FakeLoginV1alpha1) TokenCredentialRequests() v1alpha1.TokenCredentialRequestInterface { + return &FakeTokenCredentialRequests{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeLoginV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go b/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go new file mode 100644 index 00000000..8b48058f --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go @@ -0,0 +1,34 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/login/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + testing "k8s.io/client-go/testing" +) + +// FakeTokenCredentialRequests implements TokenCredentialRequestInterface +type FakeTokenCredentialRequests struct { + Fake *FakeLoginV1alpha1 +} + +var tokencredentialrequestsResource = schema.GroupVersionResource{Group: "login.concierge.pinniped.dev", Version: "v1alpha1", Resource: "tokencredentialrequests"} + +var tokencredentialrequestsKind = schema.GroupVersionKind{Group: "login.concierge.pinniped.dev", Version: "v1alpha1", Kind: "TokenCredentialRequest"} + +// Create takes the representation of a tokenCredentialRequest and creates it. Returns the server's representation of the tokenCredentialRequest, and an error, if there is any. +func (c *FakeTokenCredentialRequests) Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (result *v1alpha1.TokenCredentialRequest, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(tokencredentialrequestsResource, tokenCredentialRequest), &v1alpha1.TokenCredentialRequest{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.TokenCredentialRequest), err +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go b/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..7ed35ca8 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go @@ -0,0 +1,8 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type TokenCredentialRequestExpansion interface{} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go b/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go new file mode 100644 index 00000000..8df7df98 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/login/v1alpha1" + "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type LoginV1alpha1Interface interface { + RESTClient() rest.Interface + TokenCredentialRequestsGetter +} + +// LoginV1alpha1Client is used to interact with features provided by the login.concierge.pinniped.dev group. +type LoginV1alpha1Client struct { + restClient rest.Interface +} + +func (c *LoginV1alpha1Client) TokenCredentialRequests() TokenCredentialRequestInterface { + return newTokenCredentialRequests(c) +} + +// NewForConfig creates a new LoginV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*LoginV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &LoginV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new LoginV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *LoginV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new LoginV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *LoginV1alpha1Client { + return &LoginV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *LoginV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go b/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go new file mode 100644 index 00000000..b6f35540 --- /dev/null +++ b/generated/1.21/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go @@ -0,0 +1,51 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/login/v1alpha1" + scheme "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + rest "k8s.io/client-go/rest" +) + +// TokenCredentialRequestsGetter has a method to return a TokenCredentialRequestInterface. +// A group's client should implement this interface. +type TokenCredentialRequestsGetter interface { + TokenCredentialRequests() TokenCredentialRequestInterface +} + +// TokenCredentialRequestInterface has methods to work with TokenCredentialRequest resources. +type TokenCredentialRequestInterface interface { + Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (*v1alpha1.TokenCredentialRequest, error) + TokenCredentialRequestExpansion +} + +// tokenCredentialRequests implements TokenCredentialRequestInterface +type tokenCredentialRequests struct { + client rest.Interface +} + +// newTokenCredentialRequests returns a TokenCredentialRequests +func newTokenCredentialRequests(c *LoginV1alpha1Client) *tokenCredentialRequests { + return &tokenCredentialRequests{ + client: c.RESTClient(), + } +} + +// Create takes the representation of a tokenCredentialRequest and creates it. Returns the server's representation of the tokenCredentialRequest, and an error, if there is any. +func (c *tokenCredentialRequests) Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (result *v1alpha1.TokenCredentialRequest, err error) { + result = &v1alpha1.TokenCredentialRequest{} + err = c.client.Post(). + Resource("tokencredentialrequests"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(tokenCredentialRequest). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.21/client/concierge/informers/externalversions/authentication/interface.go b/generated/1.21/client/concierge/informers/externalversions/authentication/interface.go new file mode 100644 index 00000000..ee0b677f --- /dev/null +++ b/generated/1.21/client/concierge/informers/externalversions/authentication/interface.go @@ -0,0 +1,33 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package authentication + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/informers/externalversions/authentication/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.21/client/concierge/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/generated/1.21/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go b/generated/1.21/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go new file mode 100644 index 00000000..f5c0b1f0 --- /dev/null +++ b/generated/1.21/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go @@ -0,0 +1,39 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "go.pinniped.dev/generated/1.21/client/concierge/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // JWTAuthenticators returns a JWTAuthenticatorInformer. + JWTAuthenticators() JWTAuthenticatorInformer + // WebhookAuthenticators returns a WebhookAuthenticatorInformer. + WebhookAuthenticators() WebhookAuthenticatorInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// JWTAuthenticators returns a JWTAuthenticatorInformer. +func (v *version) JWTAuthenticators() JWTAuthenticatorInformer { + return &jWTAuthenticatorInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} + +// WebhookAuthenticators returns a WebhookAuthenticatorInformer. +func (v *version) WebhookAuthenticators() WebhookAuthenticatorInformer { + return &webhookAuthenticatorInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.21/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go b/generated/1.21/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go new file mode 100644 index 00000000..eecafce1 --- /dev/null +++ b/generated/1.21/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/authentication/v1alpha1" + versioned "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.21/client/concierge/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/listers/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// JWTAuthenticatorInformer provides access to a shared informer and lister for +// JWTAuthenticators. +type JWTAuthenticatorInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.JWTAuthenticatorLister +} + +type jWTAuthenticatorInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewJWTAuthenticatorInformer constructs a new informer for JWTAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredJWTAuthenticatorInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredJWTAuthenticatorInformer constructs a new informer for JWTAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().JWTAuthenticators().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(context.TODO(), options) + }, + }, + &authenticationv1alpha1.JWTAuthenticator{}, + resyncPeriod, + indexers, + ) +} + +func (f *jWTAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredJWTAuthenticatorInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *jWTAuthenticatorInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&authenticationv1alpha1.JWTAuthenticator{}, f.defaultInformer) +} + +func (f *jWTAuthenticatorInformer) Lister() v1alpha1.JWTAuthenticatorLister { + return v1alpha1.NewJWTAuthenticatorLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.21/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/1.21/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 00000000..8bbe6c37 --- /dev/null +++ b/generated/1.21/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/authentication/v1alpha1" + versioned "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.21/client/concierge/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/listers/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// WebhookAuthenticatorInformer provides access to a shared informer and lister for +// WebhookAuthenticators. +type WebhookAuthenticatorInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.WebhookAuthenticatorLister +} + +type webhookAuthenticatorInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredWebhookAuthenticatorInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(context.TODO(), options) + }, + }, + &authenticationv1alpha1.WebhookAuthenticator{}, + resyncPeriod, + indexers, + ) +} + +func (f *webhookAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredWebhookAuthenticatorInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *webhookAuthenticatorInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&authenticationv1alpha1.WebhookAuthenticator{}, f.defaultInformer) +} + +func (f *webhookAuthenticatorInformer) Lister() v1alpha1.WebhookAuthenticatorLister { + return v1alpha1.NewWebhookAuthenticatorLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.21/client/concierge/informers/externalversions/config/interface.go b/generated/1.21/client/concierge/informers/externalversions/config/interface.go new file mode 100644 index 00000000..c305a593 --- /dev/null +++ b/generated/1.21/client/concierge/informers/externalversions/config/interface.go @@ -0,0 +1,33 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package config + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/informers/externalversions/config/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.21/client/concierge/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/generated/1.21/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go b/generated/1.21/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go new file mode 100644 index 00000000..ffe49dc6 --- /dev/null +++ b/generated/1.21/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + configv1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/config/v1alpha1" + versioned "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.21/client/concierge/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.21/client/concierge/listers/config/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// CredentialIssuerInformer provides access to a shared informer and lister for +// CredentialIssuers. +type CredentialIssuerInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.CredentialIssuerLister +} + +type credentialIssuerInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewCredentialIssuerInformer constructs a new informer for CredentialIssuer type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredCredentialIssuerInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredCredentialIssuerInformer constructs a new informer for CredentialIssuer type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().CredentialIssuers().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().CredentialIssuers().Watch(context.TODO(), options) + }, + }, + &configv1alpha1.CredentialIssuer{}, + resyncPeriod, + indexers, + ) +} + +func (f *credentialIssuerInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredCredentialIssuerInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *credentialIssuerInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&configv1alpha1.CredentialIssuer{}, f.defaultInformer) +} + +func (f *credentialIssuerInformer) Lister() v1alpha1.CredentialIssuerLister { + return v1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.21/client/concierge/informers/externalversions/config/v1alpha1/interface.go b/generated/1.21/client/concierge/informers/externalversions/config/v1alpha1/interface.go new file mode 100644 index 00000000..37e55b12 --- /dev/null +++ b/generated/1.21/client/concierge/informers/externalversions/config/v1alpha1/interface.go @@ -0,0 +1,32 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "go.pinniped.dev/generated/1.21/client/concierge/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // CredentialIssuers returns a CredentialIssuerInformer. + CredentialIssuers() CredentialIssuerInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// CredentialIssuers returns a CredentialIssuerInformer. +func (v *version) CredentialIssuers() CredentialIssuerInformer { + return &credentialIssuerInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.21/client/concierge/informers/externalversions/factory.go b/generated/1.21/client/concierge/informers/externalversions/factory.go new file mode 100644 index 00000000..e4a43b5f --- /dev/null +++ b/generated/1.21/client/concierge/informers/externalversions/factory.go @@ -0,0 +1,173 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + reflect "reflect" + sync "sync" + time "time" + + versioned "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned" + authentication "go.pinniped.dev/generated/1.21/client/concierge/informers/externalversions/authentication" + config "go.pinniped.dev/generated/1.21/client/concierge/informers/externalversions/config" + internalinterfaces "go.pinniped.dev/generated/1.21/client/concierge/informers/externalversions/internalinterfaces" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// SharedInformerOption defines the functional option type for SharedInformerFactory. +type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory + +type sharedInformerFactory struct { + client versioned.Interface + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc + lock sync.Mutex + defaultResync time.Duration + customResync map[reflect.Type]time.Duration + + informers map[reflect.Type]cache.SharedIndexInformer + // startedInformers is used for tracking which informers have been started. + // This allows Start() to be called multiple times safely. + startedInformers map[reflect.Type]bool +} + +// WithCustomResyncConfig sets a custom resync period for the specified informer types. +func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + for k, v := range resyncConfig { + factory.customResync[reflect.TypeOf(k)] = v + } + return factory + } +} + +// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. +func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.tweakListOptions = tweakListOptions + return factory + } +} + +// WithNamespace limits the SharedInformerFactory to the specified namespace. +func WithNamespace(namespace string) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.namespace = namespace + return factory + } +} + +// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. +func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync) +} + +// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. +// Listers obtained via this SharedInformerFactory will be subject to the same filters +// as specified here. +// Deprecated: Please use NewSharedInformerFactoryWithOptions instead +func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) +} + +// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. +func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { + factory := &sharedInformerFactory{ + client: client, + namespace: v1.NamespaceAll, + defaultResync: defaultResync, + informers: make(map[reflect.Type]cache.SharedIndexInformer), + startedInformers: make(map[reflect.Type]bool), + customResync: make(map[reflect.Type]time.Duration), + } + + // Apply all options + for _, opt := range options { + factory = opt(factory) + } + + return factory +} + +// Start initializes all requested informers. +func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.lock.Lock() + defer f.lock.Unlock() + + for informerType, informer := range f.informers { + if !f.startedInformers[informerType] { + go informer.Run(stopCh) + f.startedInformers[informerType] = true + } + } +} + +// WaitForCacheSync waits for all started informers' cache were synced. +func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + informers := func() map[reflect.Type]cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informers := map[reflect.Type]cache.SharedIndexInformer{} + for informerType, informer := range f.informers { + if f.startedInformers[informerType] { + informers[informerType] = informer + } + } + return informers + }() + + res := map[reflect.Type]bool{} + for informType, informer := range informers { + res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + } + return res +} + +// InternalInformerFor returns the SharedIndexInformer for obj using an internal +// client. +func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informerType := reflect.TypeOf(obj) + informer, exists := f.informers[informerType] + if exists { + return informer + } + + resyncPeriod, exists := f.customResync[informerType] + if !exists { + resyncPeriod = f.defaultResync + } + + informer = newFunc(f.client, resyncPeriod) + f.informers[informerType] = informer + + return informer +} + +// SharedInformerFactory provides shared informers for resources in all known +// API group versions. +type SharedInformerFactory interface { + internalinterfaces.SharedInformerFactory + ForResource(resource schema.GroupVersionResource) (GenericInformer, error) + WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + + Authentication() authentication.Interface + Config() config.Interface +} + +func (f *sharedInformerFactory) Authentication() authentication.Interface { + return authentication.New(f, f.namespace, f.tweakListOptions) +} + +func (f *sharedInformerFactory) Config() config.Interface { + return config.New(f, f.namespace, f.tweakListOptions) +} diff --git a/generated/1.21/client/concierge/informers/externalversions/generic.go b/generated/1.21/client/concierge/informers/externalversions/generic.go new file mode 100644 index 00000000..2b9d2515 --- /dev/null +++ b/generated/1.21/client/concierge/informers/externalversions/generic.go @@ -0,0 +1,56 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + "fmt" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/config/v1alpha1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// GenericInformer is type of SharedIndexInformer which will locate and delegate to other +// sharedInformers based on type +type GenericInformer interface { + Informer() cache.SharedIndexInformer + Lister() cache.GenericLister +} + +type genericInformer struct { + informer cache.SharedIndexInformer + resource schema.GroupResource +} + +// Informer returns the SharedIndexInformer. +func (f *genericInformer) Informer() cache.SharedIndexInformer { + return f.informer +} + +// Lister returns the GenericLister. +func (f *genericInformer) Lister() cache.GenericLister { + return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) +} + +// ForResource gives generic access to a shared informer of the matching type +// TODO extend this to unknown resources with a client pool +func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { + switch resource { + // Group=authentication.concierge.pinniped.dev, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithResource("jwtauthenticators"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().JWTAuthenticators().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("webhookauthenticators"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil + + // Group=config.concierge.pinniped.dev, Version=v1alpha1 + case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuers"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuers().Informer()}, nil + + } + + return nil, fmt.Errorf("no informer found for %v", resource) +} diff --git a/generated/1.21/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.21/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go new file mode 100644 index 00000000..af7fe0bc --- /dev/null +++ b/generated/1.21/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package internalinterfaces + +import ( + time "time" + + versioned "go.pinniped.dev/generated/1.21/client/concierge/clientset/versioned" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + cache "k8s.io/client-go/tools/cache" +) + +// NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer. +type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer + +// SharedInformerFactory a small interface to allow for adding an informer without an import cycle +type SharedInformerFactory interface { + Start(stopCh <-chan struct{}) + InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer +} + +// TweakListOptionsFunc is a function that transforms a v1.ListOptions. +type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/generated/1.21/client/concierge/listers/authentication/v1alpha1/expansion_generated.go b/generated/1.21/client/concierge/listers/authentication/v1alpha1/expansion_generated.go new file mode 100644 index 00000000..665b978e --- /dev/null +++ b/generated/1.21/client/concierge/listers/authentication/v1alpha1/expansion_generated.go @@ -0,0 +1,14 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// JWTAuthenticatorListerExpansion allows custom methods to be added to +// JWTAuthenticatorLister. +type JWTAuthenticatorListerExpansion interface{} + +// WebhookAuthenticatorListerExpansion allows custom methods to be added to +// WebhookAuthenticatorLister. +type WebhookAuthenticatorListerExpansion interface{} diff --git a/generated/1.21/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go b/generated/1.21/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go new file mode 100644 index 00000000..ffa90266 --- /dev/null +++ b/generated/1.21/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go @@ -0,0 +1,55 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/authentication/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// JWTAuthenticatorLister helps list JWTAuthenticators. +// All objects returned here must be treated as read-only. +type JWTAuthenticatorLister interface { + // List lists all JWTAuthenticators in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.JWTAuthenticator, err error) + // Get retrieves the JWTAuthenticator from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.JWTAuthenticator, error) + JWTAuthenticatorListerExpansion +} + +// jWTAuthenticatorLister implements the JWTAuthenticatorLister interface. +type jWTAuthenticatorLister struct { + indexer cache.Indexer +} + +// NewJWTAuthenticatorLister returns a new JWTAuthenticatorLister. +func NewJWTAuthenticatorLister(indexer cache.Indexer) JWTAuthenticatorLister { + return &jWTAuthenticatorLister{indexer: indexer} +} + +// List lists all JWTAuthenticators in the indexer. +func (s *jWTAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.JWTAuthenticator, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.JWTAuthenticator)) + }) + return ret, err +} + +// Get retrieves the JWTAuthenticator from the index for a given name. +func (s *jWTAuthenticatorLister) Get(name string) (*v1alpha1.JWTAuthenticator, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("jwtauthenticator"), name) + } + return obj.(*v1alpha1.JWTAuthenticator), nil +} diff --git a/generated/1.21/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.21/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 00000000..584d1afe --- /dev/null +++ b/generated/1.21/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,55 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/authentication/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// WebhookAuthenticatorLister helps list WebhookAuthenticators. +// All objects returned here must be treated as read-only. +type WebhookAuthenticatorLister interface { + // List lists all WebhookAuthenticators in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) + // Get retrieves the WebhookAuthenticator from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.WebhookAuthenticator, error) + WebhookAuthenticatorListerExpansion +} + +// webhookAuthenticatorLister implements the WebhookAuthenticatorLister interface. +type webhookAuthenticatorLister struct { + indexer cache.Indexer +} + +// NewWebhookAuthenticatorLister returns a new WebhookAuthenticatorLister. +func NewWebhookAuthenticatorLister(indexer cache.Indexer) WebhookAuthenticatorLister { + return &webhookAuthenticatorLister{indexer: indexer} +} + +// List lists all WebhookAuthenticators in the indexer. +func (s *webhookAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.WebhookAuthenticator)) + }) + return ret, err +} + +// Get retrieves the WebhookAuthenticator from the index for a given name. +func (s *webhookAuthenticatorLister) Get(name string) (*v1alpha1.WebhookAuthenticator, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("webhookauthenticator"), name) + } + return obj.(*v1alpha1.WebhookAuthenticator), nil +} diff --git a/generated/1.21/client/concierge/listers/config/v1alpha1/credentialissuer.go b/generated/1.21/client/concierge/listers/config/v1alpha1/credentialissuer.go new file mode 100644 index 00000000..ba5725ac --- /dev/null +++ b/generated/1.21/client/concierge/listers/config/v1alpha1/credentialissuer.go @@ -0,0 +1,55 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/apis/concierge/config/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// CredentialIssuerLister helps list CredentialIssuers. +// All objects returned here must be treated as read-only. +type CredentialIssuerLister interface { + // List lists all CredentialIssuers in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) + // Get retrieves the CredentialIssuer from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.CredentialIssuer, error) + CredentialIssuerListerExpansion +} + +// credentialIssuerLister implements the CredentialIssuerLister interface. +type credentialIssuerLister struct { + indexer cache.Indexer +} + +// NewCredentialIssuerLister returns a new CredentialIssuerLister. +func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister { + return &credentialIssuerLister{indexer: indexer} +} + +// List lists all CredentialIssuers in the indexer. +func (s *credentialIssuerLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.CredentialIssuer)) + }) + return ret, err +} + +// Get retrieves the CredentialIssuer from the index for a given name. +func (s *credentialIssuerLister) Get(name string) (*v1alpha1.CredentialIssuer, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuer"), name) + } + return obj.(*v1alpha1.CredentialIssuer), nil +} diff --git a/generated/1.21/client/concierge/listers/config/v1alpha1/expansion_generated.go b/generated/1.21/client/concierge/listers/config/v1alpha1/expansion_generated.go new file mode 100644 index 00000000..7212c891 --- /dev/null +++ b/generated/1.21/client/concierge/listers/config/v1alpha1/expansion_generated.go @@ -0,0 +1,10 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// CredentialIssuerListerExpansion allows custom methods to be added to +// CredentialIssuerLister. +type CredentialIssuerListerExpansion interface{} diff --git a/generated/1.21/client/go.mod b/generated/1.21/client/go.mod new file mode 100644 index 00000000..436407d4 --- /dev/null +++ b/generated/1.21/client/go.mod @@ -0,0 +1,12 @@ +// This go.mod file is generated by ./hack/codegen.sh. +module go.pinniped.dev/generated/1.21/client + +go 1.13 + +require ( + go.pinniped.dev/generated/1.21/apis v0.0.0 + k8s.io/apimachinery v0.21.9 + k8s.io/client-go v0.21.9 +) + +replace go.pinniped.dev/generated/1.21/apis => ../apis diff --git a/generated/1.21/client/go.sum b/generated/1.21/client/go.sum new file mode 100644 index 00000000..d747a3a3 --- /dev/null +++ b/generated/1.21/client/go.sum @@ -0,0 +1,426 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= +cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= +cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= +cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= +cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= +cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= +cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= +cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= +cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= +cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= +cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= +cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= +cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= +cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= +cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= +cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= +cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= +cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= +cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= +cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= +dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= +github.com/Azure/go-autorest/autorest v0.11.12/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw= +github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= +github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= +github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= +github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= +github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= +github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= +github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= +github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= +github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/evanphx/json-patch v4.9.0+incompatible h1:kLcOMZeuLAJvL2BPWLMIj5oaZQobrkAqrL+WFZwQses= +github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= +github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= +github.com/go-logr/logr v0.4.0 h1:K7/B1jt6fIBQVd4Owv2MqGQClcgf0R266+7C/QjRcLc= +github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= +github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= +github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= +github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= +github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= +github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e h1:1r7pUrabqp18hOBcwBwiTsbnFeTZHV9eER/QT5JVZxY= +github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= +github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.5.0 h1:LUVKkCeviFUMKqHa4tXIIij/lbhnMbP7Fn5wKdKkRh4= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= +github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= +github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= +github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= +github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= +github.com/googleapis/gnostic v0.4.1 h1:DLJCy1n/vrD4HPjOvYcT8aYQXpPIzoRZONaYwyycI+I= +github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= +github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= +github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/golang-lru v0.5.1 h1:0hERBMJE1eitiLkihrMvRVBYAkpHzc/J3QdDN+dAcgU= +github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI= +github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= +github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68= +github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= +github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI= +github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= +github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.11.0 h1:JAKSXpt1YjtLA7YpPiqO9ss6sNXEsPfSGdwN0UHqzrw= +github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= +github.com/onsi/gomega v1.7.0 h1:XPnZz8VVBHjVsy1vzJmRwIcSwiUO+JFfrv/xGiigmME= +github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= +github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= +github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0= +github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= +go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= +go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= +golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= +golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= +golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= +golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= +golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= +golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= +golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= +golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= +golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= +golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= +golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20211209124913-491a49abca63 h1:iocB37TsdFuN6IBRZ+ry36wrkoV51/tl5vOWqkcPGvY= +golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d h1:TzXSXBo42m9gQenoE3b9BGiEpg5IG2JkU5FkPIawgtw= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210426230700-d19ff857e887 h1:dXfMednGJh/SUUFjTLsWJz3P+TQt9qnR11GgeI3vWKs= +golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d h1:SZxvLBoTP5yHO3Frd4z4vrF+DBX9vMVanchswa69toE= +golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba h1:O8mE0/t419eoIwhTFpKVkHiTs/Igowgfkj25AcZrtiE= +golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= +google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= +google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= +google.golang.org/appengine v1.6.5 h1:tycE03LOZYQNhDpS27tcQdAzLCVMaj7QT2SXxebnpCM= +google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= +google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= +google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= +google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/lk= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4= +gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= +honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +k8s.io/api v0.21.9 h1:dgxM5d8/kLw0mz7JmyixJk3I84JT2B52Yz8p0lTMFes= +k8s.io/api v0.21.9/go.mod h1:jyTBdRcQnzZodHyJdeDEqVcxkaqJAgjrRx30EysE1Ik= +k8s.io/apimachinery v0.21.9 h1:8WffZaaNB2ft5wOiFPktkZRZQxMoTxwVrITC73SJ1V8= +k8s.io/apimachinery v0.21.9/go.mod h1:USs+ifLG6ZUgHGA/9lGxjdHzCB3hUO3fG1VBOwi0IHo= +k8s.io/client-go v0.21.9 h1:GexEazmr/ulHLNBKDE/pc2WTbZ0JLUJLv05Va9kE/B0= +k8s.io/client-go v0.21.9/go.mod h1:uMq9B14yobLb20bDZ1xVrXUpPbDCeWEjJfGeTt2n0/Q= +k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= +k8s.io/klog/v2 v2.9.0 h1:D7HV+n1V57XeZ0m6tdRkfknthUaM06VFbWldOFh8kzM= +k8s.io/klog/v2 v2.9.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= +k8s.io/kube-openapi v0.0.0-20211110012726-3cc51fd1e909 h1:s77MRc/+/eQjsF89MB12JssAlsoi9mnNoaacRqibeAU= +k8s.io/kube-openapi v0.0.0-20211110012726-3cc51fd1e909/go.mod h1:wXW5VT87nVfh/iLV8FpR2uDvrFyomxbtb1KivDbvPTE= +k8s.io/utils v0.0.0-20210521133846-da695404a2bc h1:dx6VGe+PnOW/kD/2UV4aUSsRfJGd7+lcqgJ6Xg0HwUs= +k8s.io/utils v0.0.0-20210521133846-da695404a2bc/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= +rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= +rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= +sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= +sigs.k8s.io/structured-merge-diff/v4 v4.2.1 h1:bKCqE9GvQ5tiVHn5rfn1r+yao3aLQEaLzkkmAkf+A6Y= +sigs.k8s.io/structured-merge-diff/v4 v4.2.1/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= +sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= +sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/generated/1.21/client/supervisor/clientset/versioned/clientset.go b/generated/1.21/client/supervisor/clientset/versioned/clientset.go new file mode 100644 index 00000000..aa52f6ae --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/clientset.go @@ -0,0 +1,98 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package versioned + +import ( + "fmt" + + configv1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" +) + +type Interface interface { + Discovery() discovery.DiscoveryInterface + ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface + IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface +} + +// Clientset contains the clients for groups. Each group has exactly one +// version included in a Clientset. +type Clientset struct { + *discovery.DiscoveryClient + configV1alpha1 *configv1alpha1.ConfigV1alpha1Client + iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client +} + +// ConfigV1alpha1 retrieves the ConfigV1alpha1Client +func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { + return c.configV1alpha1 +} + +// IDPV1alpha1 retrieves the IDPV1alpha1Client +func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { + return c.iDPV1alpha1 +} + +// Discovery retrieves the DiscoveryClient +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + if c == nil { + return nil + } + return c.DiscoveryClient +} + +// NewForConfig creates a new Clientset for the given config. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfig will generate a rate-limiter in configShallowCopy. +func NewForConfig(c *rest.Config) (*Clientset, error) { + configShallowCopy := *c + if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { + if configShallowCopy.Burst <= 0 { + return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") + } + configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) + } + var cs Clientset + var err error + cs.configV1alpha1, err = configv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.iDPV1alpha1, err = idpv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + return &cs, nil +} + +// NewForConfigOrDie creates a new Clientset for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *Clientset { + var cs Clientset + cs.configV1alpha1 = configv1alpha1.NewForConfigOrDie(c) + cs.iDPV1alpha1 = idpv1alpha1.NewForConfigOrDie(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) + return &cs +} + +// New creates a new Clientset for the given RESTClient. +func New(c rest.Interface) *Clientset { + var cs Clientset + cs.configV1alpha1 = configv1alpha1.New(c) + cs.iDPV1alpha1 = idpv1alpha1.New(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClient(c) + return &cs +} diff --git a/generated/1.21/client/supervisor/clientset/versioned/doc.go b/generated/1.21/client/supervisor/clientset/versioned/doc.go new file mode 100644 index 00000000..5dc02e6e --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated clientset. +package versioned diff --git a/generated/1.21/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.21/client/supervisor/clientset/versioned/fake/clientset_generated.go new file mode 100644 index 00000000..31bf30c1 --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + clientset "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned" + configv1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1" + fakeconfigv1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" + idpv1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + fakeidpv1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/discovery" + fakediscovery "k8s.io/client-go/discovery/fake" + "k8s.io/client-go/testing" +) + +// NewSimpleClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +func NewSimpleClientset(objects ...runtime.Object) *Clientset { + o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{tracker: o} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +// Clientset implements clientset.Interface. Meant to be embedded into a +// struct to get a default implementation. This makes faking out just the method +// you want to test easier. +type Clientset struct { + testing.Fake + discovery *fakediscovery.FakeDiscovery + tracker testing.ObjectTracker +} + +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + return c.discovery +} + +func (c *Clientset) Tracker() testing.ObjectTracker { + return c.tracker +} + +var _ clientset.Interface = &Clientset{} + +// ConfigV1alpha1 retrieves the ConfigV1alpha1Client +func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { + return &fakeconfigv1alpha1.FakeConfigV1alpha1{Fake: &c.Fake} +} + +// IDPV1alpha1 retrieves the IDPV1alpha1Client +func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { + return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} +} diff --git a/generated/1.21/client/supervisor/clientset/versioned/fake/doc.go b/generated/1.21/client/supervisor/clientset/versioned/fake/doc.go new file mode 100644 index 00000000..7c9538fd --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated fake clientset. +package fake diff --git a/generated/1.21/client/supervisor/clientset/versioned/fake/register.go b/generated/1.21/client/supervisor/clientset/versioned/fake/register.go new file mode 100644 index 00000000..3a9d6a18 --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/fake/register.go @@ -0,0 +1,45 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + configv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var scheme = runtime.NewScheme() +var codecs = serializer.NewCodecFactory(scheme) + +var localSchemeBuilder = runtime.SchemeBuilder{ + configv1alpha1.AddToScheme, + idpv1alpha1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(scheme)) +} diff --git a/generated/1.21/client/supervisor/clientset/versioned/scheme/doc.go b/generated/1.21/client/supervisor/clientset/versioned/scheme/doc.go new file mode 100644 index 00000000..cc02f1d3 --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/scheme/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package contains the scheme of the automatically generated clientset. +package scheme diff --git a/generated/1.21/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.21/client/supervisor/clientset/versioned/scheme/register.go new file mode 100644 index 00000000..0629cdd4 --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/scheme/register.go @@ -0,0 +1,45 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package scheme + +import ( + configv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var Scheme = runtime.NewScheme() +var Codecs = serializer.NewCodecFactory(Scheme) +var ParameterCodec = runtime.NewParameterCodec(Scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + configv1alpha1.AddToScheme, + idpv1alpha1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(Scheme)) +} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go new file mode 100644 index 00000000..cdfc9c9a --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/config/v1alpha1" + "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type ConfigV1alpha1Interface interface { + RESTClient() rest.Interface + FederationDomainsGetter +} + +// ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. +type ConfigV1alpha1Client struct { + restClient rest.Interface +} + +func (c *ConfigV1alpha1Client) FederationDomains(namespace string) FederationDomainInterface { + return newFederationDomains(c, namespace) +} + +// NewForConfig creates a new ConfigV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &ConfigV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new ConfigV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *ConfigV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new ConfigV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *ConfigV1alpha1Client { + return &ConfigV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *ConfigV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go new file mode 100644 index 00000000..8bf53fea --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeConfigV1alpha1 struct { + *testing.Fake +} + +func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.FederationDomainInterface { + return &FakeFederationDomains{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go new file mode 100644 index 00000000..b712d959 --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go @@ -0,0 +1,129 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/config/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeFederationDomains implements FederationDomainInterface +type FakeFederationDomains struct { + Fake *FakeConfigV1alpha1 + ns string +} + +var federationdomainsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "federationdomains"} + +var federationdomainsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "FederationDomain"} + +// Get takes name of the federationDomain, and returns the corresponding federationDomain object, and an error if there is any. +func (c *FakeFederationDomains) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.FederationDomain, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(federationdomainsResource, c.ns, name), &v1alpha1.FederationDomain{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.FederationDomain), err +} + +// List takes label and field selectors, and returns the list of FederationDomains that match those selectors. +func (c *FakeFederationDomains) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.FederationDomainList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(federationdomainsResource, federationdomainsKind, c.ns, opts), &v1alpha1.FederationDomainList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.FederationDomainList{ListMeta: obj.(*v1alpha1.FederationDomainList).ListMeta} + for _, item := range obj.(*v1alpha1.FederationDomainList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested federationDomains. +func (c *FakeFederationDomains) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(federationdomainsResource, c.ns, opts)) + +} + +// Create takes the representation of a federationDomain and creates it. Returns the server's representation of the federationDomain, and an error, if there is any. +func (c *FakeFederationDomains) Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (result *v1alpha1.FederationDomain, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(federationdomainsResource, c.ns, federationDomain), &v1alpha1.FederationDomain{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.FederationDomain), err +} + +// Update takes the representation of a federationDomain and updates it. Returns the server's representation of the federationDomain, and an error, if there is any. +func (c *FakeFederationDomains) Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(federationdomainsResource, c.ns, federationDomain), &v1alpha1.FederationDomain{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.FederationDomain), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeFederationDomains) UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(federationdomainsResource, "status", c.ns, federationDomain), &v1alpha1.FederationDomain{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.FederationDomain), err +} + +// Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. +func (c *FakeFederationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(federationdomainsResource, c.ns, name), &v1alpha1.FederationDomain{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeFederationDomains) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(federationdomainsResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.FederationDomainList{}) + return err +} + +// Patch applies the patch and returns the patched federationDomain. +func (c *FakeFederationDomains) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(federationdomainsResource, c.ns, name, pt, data, subresources...), &v1alpha1.FederationDomain{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.FederationDomain), err +} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go new file mode 100644 index 00000000..15234760 --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go @@ -0,0 +1,182 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// FederationDomainsGetter has a method to return a FederationDomainInterface. +// A group's client should implement this interface. +type FederationDomainsGetter interface { + FederationDomains(namespace string) FederationDomainInterface +} + +// FederationDomainInterface has methods to work with FederationDomain resources. +type FederationDomainInterface interface { + Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (*v1alpha1.FederationDomain, error) + Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) + UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.FederationDomain, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.FederationDomainList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) + FederationDomainExpansion +} + +// federationDomains implements FederationDomainInterface +type federationDomains struct { + client rest.Interface + ns string +} + +// newFederationDomains returns a FederationDomains +func newFederationDomains(c *ConfigV1alpha1Client, namespace string) *federationDomains { + return &federationDomains{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the federationDomain, and returns the corresponding federationDomain object, and an error if there is any. +func (c *federationDomains) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.FederationDomain, err error) { + result = &v1alpha1.FederationDomain{} + err = c.client.Get(). + Namespace(c.ns). + Resource("federationdomains"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of FederationDomains that match those selectors. +func (c *federationDomains) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.FederationDomainList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.FederationDomainList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("federationdomains"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested federationDomains. +func (c *federationDomains) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("federationdomains"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a federationDomain and creates it. Returns the server's representation of the federationDomain, and an error, if there is any. +func (c *federationDomains) Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (result *v1alpha1.FederationDomain, err error) { + result = &v1alpha1.FederationDomain{} + err = c.client.Post(). + Namespace(c.ns). + Resource("federationdomains"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(federationDomain). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a federationDomain and updates it. Returns the server's representation of the federationDomain, and an error, if there is any. +func (c *federationDomains) Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { + result = &v1alpha1.FederationDomain{} + err = c.client.Put(). + Namespace(c.ns). + Resource("federationdomains"). + Name(federationDomain.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(federationDomain). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *federationDomains) UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { + result = &v1alpha1.FederationDomain{} + err = c.client.Put(). + Namespace(c.ns). + Resource("federationdomains"). + Name(federationDomain.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(federationDomain). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. +func (c *federationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("federationdomains"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *federationDomains) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("federationdomains"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched federationDomain. +func (c *federationDomains) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) { + result = &v1alpha1.FederationDomain{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("federationdomains"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..ba9c9173 --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -0,0 +1,8 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type FederationDomainExpansion interface{} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go new file mode 100644 index 00000000..b58c848a --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go @@ -0,0 +1,182 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// ActiveDirectoryIdentityProvidersGetter has a method to return a ActiveDirectoryIdentityProviderInterface. +// A group's client should implement this interface. +type ActiveDirectoryIdentityProvidersGetter interface { + ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderInterface +} + +// ActiveDirectoryIdentityProviderInterface has methods to work with ActiveDirectoryIdentityProvider resources. +type ActiveDirectoryIdentityProviderInterface interface { + Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ActiveDirectoryIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) + ActiveDirectoryIdentityProviderExpansion +} + +// activeDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface +type activeDirectoryIdentityProviders struct { + client rest.Interface + ns string +} + +// newActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviders +func newActiveDirectoryIdentityProviders(c *IDPV1alpha1Client, namespace string) *activeDirectoryIdentityProviders { + return &activeDirectoryIdentityProviders{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the activeDirectoryIdentityProvider, and returns the corresponding activeDirectoryIdentityProvider object, and an error if there is any. +func (c *activeDirectoryIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + result = &v1alpha1.ActiveDirectoryIdentityProvider{} + err = c.client.Get(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of ActiveDirectoryIdentityProviders that match those selectors. +func (c *activeDirectoryIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ActiveDirectoryIdentityProviderList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.ActiveDirectoryIdentityProviderList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested activeDirectoryIdentityProviders. +func (c *activeDirectoryIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a activeDirectoryIdentityProvider and creates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. +func (c *activeDirectoryIdentityProviders) Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + result = &v1alpha1.ActiveDirectoryIdentityProvider{} + err = c.client.Post(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(activeDirectoryIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a activeDirectoryIdentityProvider and updates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. +func (c *activeDirectoryIdentityProviders) Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + result = &v1alpha1.ActiveDirectoryIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + Name(activeDirectoryIdentityProvider.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(activeDirectoryIdentityProvider). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *activeDirectoryIdentityProviders) UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + result = &v1alpha1.ActiveDirectoryIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + Name(activeDirectoryIdentityProvider.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(activeDirectoryIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. +func (c *activeDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *activeDirectoryIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched activeDirectoryIdentityProvider. +func (c *activeDirectoryIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + result = &v1alpha1.ActiveDirectoryIdentityProvider{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go new file mode 100644 index 00000000..fa20d354 --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go @@ -0,0 +1,129 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeActiveDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface +type FakeActiveDirectoryIdentityProviders struct { + Fake *FakeIDPV1alpha1 + ns string +} + +var activedirectoryidentityprovidersResource = schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "activedirectoryidentityproviders"} + +var activedirectoryidentityprovidersKind = schema.GroupVersionKind{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "ActiveDirectoryIdentityProvider"} + +// Get takes name of the activeDirectoryIdentityProvider, and returns the corresponding activeDirectoryIdentityProvider object, and an error if there is any. +func (c *FakeActiveDirectoryIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(activedirectoryidentityprovidersResource, c.ns, name), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err +} + +// List takes label and field selectors, and returns the list of ActiveDirectoryIdentityProviders that match those selectors. +func (c *FakeActiveDirectoryIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ActiveDirectoryIdentityProviderList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(activedirectoryidentityprovidersResource, activedirectoryidentityprovidersKind, c.ns, opts), &v1alpha1.ActiveDirectoryIdentityProviderList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.ActiveDirectoryIdentityProviderList{ListMeta: obj.(*v1alpha1.ActiveDirectoryIdentityProviderList).ListMeta} + for _, item := range obj.(*v1alpha1.ActiveDirectoryIdentityProviderList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested activeDirectoryIdentityProviders. +func (c *FakeActiveDirectoryIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(activedirectoryidentityprovidersResource, c.ns, opts)) + +} + +// Create takes the representation of a activeDirectoryIdentityProvider and creates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. +func (c *FakeActiveDirectoryIdentityProviders) Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(activedirectoryidentityprovidersResource, c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err +} + +// Update takes the representation of a activeDirectoryIdentityProvider and updates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. +func (c *FakeActiveDirectoryIdentityProviders) Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(activedirectoryidentityprovidersResource, c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeActiveDirectoryIdentityProviders) UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(activedirectoryidentityprovidersResource, "status", c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err +} + +// Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. +func (c *FakeActiveDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(activedirectoryidentityprovidersResource, c.ns, name), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeActiveDirectoryIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(activedirectoryidentityprovidersResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.ActiveDirectoryIdentityProviderList{}) + return err +} + +// Patch applies the patch and returns the patched activeDirectoryIdentityProvider. +func (c *FakeActiveDirectoryIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(activedirectoryidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err +} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go new file mode 100644 index 00000000..93e22fcb --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go @@ -0,0 +1,35 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeIDPV1alpha1 struct { + *testing.Fake +} + +func (c *FakeIDPV1alpha1) ActiveDirectoryIdentityProviders(namespace string) v1alpha1.ActiveDirectoryIdentityProviderInterface { + return &FakeActiveDirectoryIdentityProviders{c, namespace} +} + +func (c *FakeIDPV1alpha1) LDAPIdentityProviders(namespace string) v1alpha1.LDAPIdentityProviderInterface { + return &FakeLDAPIdentityProviders{c, namespace} +} + +func (c *FakeIDPV1alpha1) OIDCIdentityProviders(namespace string) v1alpha1.OIDCIdentityProviderInterface { + return &FakeOIDCIdentityProviders{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeIDPV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go new file mode 100644 index 00000000..5bbaf196 --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go @@ -0,0 +1,129 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeLDAPIdentityProviders implements LDAPIdentityProviderInterface +type FakeLDAPIdentityProviders struct { + Fake *FakeIDPV1alpha1 + ns string +} + +var ldapidentityprovidersResource = schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "ldapidentityproviders"} + +var ldapidentityprovidersKind = schema.GroupVersionKind{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "LDAPIdentityProvider"} + +// Get takes name of the lDAPIdentityProvider, and returns the corresponding lDAPIdentityProvider object, and an error if there is any. +func (c *FakeLDAPIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(ldapidentityprovidersResource, c.ns, name), &v1alpha1.LDAPIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.LDAPIdentityProvider), err +} + +// List takes label and field selectors, and returns the list of LDAPIdentityProviders that match those selectors. +func (c *FakeLDAPIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.LDAPIdentityProviderList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(ldapidentityprovidersResource, ldapidentityprovidersKind, c.ns, opts), &v1alpha1.LDAPIdentityProviderList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.LDAPIdentityProviderList{ListMeta: obj.(*v1alpha1.LDAPIdentityProviderList).ListMeta} + for _, item := range obj.(*v1alpha1.LDAPIdentityProviderList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested lDAPIdentityProviders. +func (c *FakeLDAPIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(ldapidentityprovidersResource, c.ns, opts)) + +} + +// Create takes the representation of a lDAPIdentityProvider and creates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. +func (c *FakeLDAPIdentityProviders) Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(ldapidentityprovidersResource, c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.LDAPIdentityProvider), err +} + +// Update takes the representation of a lDAPIdentityProvider and updates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. +func (c *FakeLDAPIdentityProviders) Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(ldapidentityprovidersResource, c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.LDAPIdentityProvider), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeLDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(ldapidentityprovidersResource, "status", c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.LDAPIdentityProvider), err +} + +// Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. +func (c *FakeLDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(ldapidentityprovidersResource, c.ns, name), &v1alpha1.LDAPIdentityProvider{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeLDAPIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(ldapidentityprovidersResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.LDAPIdentityProviderList{}) + return err +} + +// Patch applies the patch and returns the patched lDAPIdentityProvider. +func (c *FakeLDAPIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(ldapidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.LDAPIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.LDAPIdentityProvider), err +} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go new file mode 100644 index 00000000..055c669b --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go @@ -0,0 +1,129 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeOIDCIdentityProviders implements OIDCIdentityProviderInterface +type FakeOIDCIdentityProviders struct { + Fake *FakeIDPV1alpha1 + ns string +} + +var oidcidentityprovidersResource = schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcidentityproviders"} + +var oidcidentityprovidersKind = schema.GroupVersionKind{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCIdentityProvider"} + +// Get takes name of the oIDCIdentityProvider, and returns the corresponding oIDCIdentityProvider object, and an error if there is any. +func (c *FakeOIDCIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(oidcidentityprovidersResource, c.ns, name), &v1alpha1.OIDCIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCIdentityProvider), err +} + +// List takes label and field selectors, and returns the list of OIDCIdentityProviders that match those selectors. +func (c *FakeOIDCIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCIdentityProviderList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(oidcidentityprovidersResource, oidcidentityprovidersKind, c.ns, opts), &v1alpha1.OIDCIdentityProviderList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.OIDCIdentityProviderList{ListMeta: obj.(*v1alpha1.OIDCIdentityProviderList).ListMeta} + for _, item := range obj.(*v1alpha1.OIDCIdentityProviderList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested oIDCIdentityProviders. +func (c *FakeOIDCIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(oidcidentityprovidersResource, c.ns, opts)) + +} + +// Create takes the representation of a oIDCIdentityProvider and creates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. +func (c *FakeOIDCIdentityProviders) Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(oidcidentityprovidersResource, c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCIdentityProvider), err +} + +// Update takes the representation of a oIDCIdentityProvider and updates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. +func (c *FakeOIDCIdentityProviders) Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(oidcidentityprovidersResource, c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCIdentityProvider), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeOIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(oidcidentityprovidersResource, "status", c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCIdentityProvider), err +} + +// Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. +func (c *FakeOIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(oidcidentityprovidersResource, c.ns, name), &v1alpha1.OIDCIdentityProvider{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeOIDCIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(oidcidentityprovidersResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.OIDCIdentityProviderList{}) + return err +} + +// Patch applies the patch and returns the patched oIDCIdentityProvider. +func (c *FakeOIDCIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(oidcidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCIdentityProvider), err +} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..cbefaca4 --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go @@ -0,0 +1,12 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type ActiveDirectoryIdentityProviderExpansion interface{} + +type LDAPIdentityProviderExpansion interface{} + +type OIDCIdentityProviderExpansion interface{} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go new file mode 100644 index 00000000..4107c732 --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" + "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type IDPV1alpha1Interface interface { + RESTClient() rest.Interface + ActiveDirectoryIdentityProvidersGetter + LDAPIdentityProvidersGetter + OIDCIdentityProvidersGetter +} + +// IDPV1alpha1Client is used to interact with features provided by the idp.supervisor.pinniped.dev group. +type IDPV1alpha1Client struct { + restClient rest.Interface +} + +func (c *IDPV1alpha1Client) ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderInterface { + return newActiveDirectoryIdentityProviders(c, namespace) +} + +func (c *IDPV1alpha1Client) LDAPIdentityProviders(namespace string) LDAPIdentityProviderInterface { + return newLDAPIdentityProviders(c, namespace) +} + +func (c *IDPV1alpha1Client) OIDCIdentityProviders(namespace string) OIDCIdentityProviderInterface { + return newOIDCIdentityProviders(c, namespace) +} + +// NewForConfig creates a new IDPV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &IDPV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new IDPV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *IDPV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new IDPV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *IDPV1alpha1Client { + return &IDPV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *IDPV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go new file mode 100644 index 00000000..db6e4ed8 --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go @@ -0,0 +1,182 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// LDAPIdentityProvidersGetter has a method to return a LDAPIdentityProviderInterface. +// A group's client should implement this interface. +type LDAPIdentityProvidersGetter interface { + LDAPIdentityProviders(namespace string) LDAPIdentityProviderInterface +} + +// LDAPIdentityProviderInterface has methods to work with LDAPIdentityProvider resources. +type LDAPIdentityProviderInterface interface { + Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (*v1alpha1.LDAPIdentityProvider, error) + Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) + UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.LDAPIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.LDAPIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) + LDAPIdentityProviderExpansion +} + +// lDAPIdentityProviders implements LDAPIdentityProviderInterface +type lDAPIdentityProviders struct { + client rest.Interface + ns string +} + +// newLDAPIdentityProviders returns a LDAPIdentityProviders +func newLDAPIdentityProviders(c *IDPV1alpha1Client, namespace string) *lDAPIdentityProviders { + return &lDAPIdentityProviders{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the lDAPIdentityProvider, and returns the corresponding lDAPIdentityProvider object, and an error if there is any. +func (c *lDAPIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + result = &v1alpha1.LDAPIdentityProvider{} + err = c.client.Get(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of LDAPIdentityProviders that match those selectors. +func (c *lDAPIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.LDAPIdentityProviderList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.LDAPIdentityProviderList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested lDAPIdentityProviders. +func (c *lDAPIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a lDAPIdentityProvider and creates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. +func (c *lDAPIdentityProviders) Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + result = &v1alpha1.LDAPIdentityProvider{} + err = c.client.Post(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(lDAPIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a lDAPIdentityProvider and updates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. +func (c *lDAPIdentityProviders) Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + result = &v1alpha1.LDAPIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + Name(lDAPIdentityProvider.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(lDAPIdentityProvider). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *lDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + result = &v1alpha1.LDAPIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + Name(lDAPIdentityProvider.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(lDAPIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. +func (c *lDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *lDAPIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched lDAPIdentityProvider. +func (c *lDAPIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) { + result = &v1alpha1.LDAPIdentityProvider{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("ldapidentityproviders"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go new file mode 100644 index 00000000..c8def58b --- /dev/null +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go @@ -0,0 +1,182 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// OIDCIdentityProvidersGetter has a method to return a OIDCIdentityProviderInterface. +// A group's client should implement this interface. +type OIDCIdentityProvidersGetter interface { + OIDCIdentityProviders(namespace string) OIDCIdentityProviderInterface +} + +// OIDCIdentityProviderInterface has methods to work with OIDCIdentityProvider resources. +type OIDCIdentityProviderInterface interface { + Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (*v1alpha1.OIDCIdentityProvider, error) + Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) + UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) + OIDCIdentityProviderExpansion +} + +// oIDCIdentityProviders implements OIDCIdentityProviderInterface +type oIDCIdentityProviders struct { + client rest.Interface + ns string +} + +// newOIDCIdentityProviders returns a OIDCIdentityProviders +func newOIDCIdentityProviders(c *IDPV1alpha1Client, namespace string) *oIDCIdentityProviders { + return &oIDCIdentityProviders{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the oIDCIdentityProvider, and returns the corresponding oIDCIdentityProvider object, and an error if there is any. +func (c *oIDCIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + result = &v1alpha1.OIDCIdentityProvider{} + err = c.client.Get(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of OIDCIdentityProviders that match those selectors. +func (c *oIDCIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCIdentityProviderList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.OIDCIdentityProviderList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested oIDCIdentityProviders. +func (c *oIDCIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a oIDCIdentityProvider and creates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. +func (c *oIDCIdentityProviders) Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + result = &v1alpha1.OIDCIdentityProvider{} + err = c.client.Post(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(oIDCIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a oIDCIdentityProvider and updates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. +func (c *oIDCIdentityProviders) Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + result = &v1alpha1.OIDCIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + Name(oIDCIdentityProvider.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(oIDCIdentityProvider). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *oIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + result = &v1alpha1.OIDCIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + Name(oIDCIdentityProvider.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(oIDCIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. +func (c *oIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *oIDCIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched oIDCIdentityProvider. +func (c *oIDCIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) { + result = &v1alpha1.OIDCIdentityProvider{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("oidcidentityproviders"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.21/client/supervisor/informers/externalversions/config/interface.go b/generated/1.21/client/supervisor/informers/externalversions/config/interface.go new file mode 100644 index 00000000..93a844d8 --- /dev/null +++ b/generated/1.21/client/supervisor/informers/externalversions/config/interface.go @@ -0,0 +1,33 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package config + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/config/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/generated/1.21/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go b/generated/1.21/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go new file mode 100644 index 00000000..0571abb6 --- /dev/null +++ b/generated/1.21/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go @@ -0,0 +1,77 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + configv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/config/v1alpha1" + versioned "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/listers/config/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// FederationDomainInformer provides access to a shared informer and lister for +// FederationDomains. +type FederationDomainInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.FederationDomainLister +} + +type federationDomainInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewFederationDomainInformer constructs a new informer for FederationDomain type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredFederationDomainInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredFederationDomainInformer constructs a new informer for FederationDomain type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().FederationDomains(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().FederationDomains(namespace).Watch(context.TODO(), options) + }, + }, + &configv1alpha1.FederationDomain{}, + resyncPeriod, + indexers, + ) +} + +func (f *federationDomainInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredFederationDomainInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *federationDomainInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&configv1alpha1.FederationDomain{}, f.defaultInformer) +} + +func (f *federationDomainInformer) Lister() v1alpha1.FederationDomainLister { + return v1alpha1.NewFederationDomainLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.21/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.21/client/supervisor/informers/externalversions/config/v1alpha1/interface.go new file mode 100644 index 00000000..e678f3e3 --- /dev/null +++ b/generated/1.21/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -0,0 +1,32 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // FederationDomains returns a FederationDomainInformer. + FederationDomains() FederationDomainInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// FederationDomains returns a FederationDomainInformer. +func (v *version) FederationDomains() FederationDomainInformer { + return &federationDomainInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.21/client/supervisor/informers/externalversions/factory.go b/generated/1.21/client/supervisor/informers/externalversions/factory.go new file mode 100644 index 00000000..09200fa1 --- /dev/null +++ b/generated/1.21/client/supervisor/informers/externalversions/factory.go @@ -0,0 +1,173 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + reflect "reflect" + sync "sync" + time "time" + + versioned "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned" + config "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/config" + idp "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/idp" + internalinterfaces "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/internalinterfaces" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// SharedInformerOption defines the functional option type for SharedInformerFactory. +type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory + +type sharedInformerFactory struct { + client versioned.Interface + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc + lock sync.Mutex + defaultResync time.Duration + customResync map[reflect.Type]time.Duration + + informers map[reflect.Type]cache.SharedIndexInformer + // startedInformers is used for tracking which informers have been started. + // This allows Start() to be called multiple times safely. + startedInformers map[reflect.Type]bool +} + +// WithCustomResyncConfig sets a custom resync period for the specified informer types. +func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + for k, v := range resyncConfig { + factory.customResync[reflect.TypeOf(k)] = v + } + return factory + } +} + +// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. +func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.tweakListOptions = tweakListOptions + return factory + } +} + +// WithNamespace limits the SharedInformerFactory to the specified namespace. +func WithNamespace(namespace string) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.namespace = namespace + return factory + } +} + +// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. +func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync) +} + +// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. +// Listers obtained via this SharedInformerFactory will be subject to the same filters +// as specified here. +// Deprecated: Please use NewSharedInformerFactoryWithOptions instead +func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) +} + +// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. +func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { + factory := &sharedInformerFactory{ + client: client, + namespace: v1.NamespaceAll, + defaultResync: defaultResync, + informers: make(map[reflect.Type]cache.SharedIndexInformer), + startedInformers: make(map[reflect.Type]bool), + customResync: make(map[reflect.Type]time.Duration), + } + + // Apply all options + for _, opt := range options { + factory = opt(factory) + } + + return factory +} + +// Start initializes all requested informers. +func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.lock.Lock() + defer f.lock.Unlock() + + for informerType, informer := range f.informers { + if !f.startedInformers[informerType] { + go informer.Run(stopCh) + f.startedInformers[informerType] = true + } + } +} + +// WaitForCacheSync waits for all started informers' cache were synced. +func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + informers := func() map[reflect.Type]cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informers := map[reflect.Type]cache.SharedIndexInformer{} + for informerType, informer := range f.informers { + if f.startedInformers[informerType] { + informers[informerType] = informer + } + } + return informers + }() + + res := map[reflect.Type]bool{} + for informType, informer := range informers { + res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + } + return res +} + +// InternalInformerFor returns the SharedIndexInformer for obj using an internal +// client. +func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informerType := reflect.TypeOf(obj) + informer, exists := f.informers[informerType] + if exists { + return informer + } + + resyncPeriod, exists := f.customResync[informerType] + if !exists { + resyncPeriod = f.defaultResync + } + + informer = newFunc(f.client, resyncPeriod) + f.informers[informerType] = informer + + return informer +} + +// SharedInformerFactory provides shared informers for resources in all known +// API group versions. +type SharedInformerFactory interface { + internalinterfaces.SharedInformerFactory + ForResource(resource schema.GroupVersionResource) (GenericInformer, error) + WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + + Config() config.Interface + IDP() idp.Interface +} + +func (f *sharedInformerFactory) Config() config.Interface { + return config.New(f, f.namespace, f.tweakListOptions) +} + +func (f *sharedInformerFactory) IDP() idp.Interface { + return idp.New(f, f.namespace, f.tweakListOptions) +} diff --git a/generated/1.21/client/supervisor/informers/externalversions/generic.go b/generated/1.21/client/supervisor/informers/externalversions/generic.go new file mode 100644 index 00000000..1ccbd3e6 --- /dev/null +++ b/generated/1.21/client/supervisor/informers/externalversions/generic.go @@ -0,0 +1,58 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + "fmt" + + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// GenericInformer is type of SharedIndexInformer which will locate and delegate to other +// sharedInformers based on type +type GenericInformer interface { + Informer() cache.SharedIndexInformer + Lister() cache.GenericLister +} + +type genericInformer struct { + informer cache.SharedIndexInformer + resource schema.GroupResource +} + +// Informer returns the SharedIndexInformer. +func (f *genericInformer) Informer() cache.SharedIndexInformer { + return f.informer +} + +// Lister returns the GenericLister. +func (f *genericInformer) Lister() cache.GenericLister { + return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) +} + +// ForResource gives generic access to a shared informer of the matching type +// TODO extend this to unknown resources with a client pool +func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { + switch resource { + // Group=config.supervisor.pinniped.dev, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithResource("federationdomains"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().FederationDomains().Informer()}, nil + + // Group=idp.supervisor.pinniped.dev, Version=v1alpha1 + case idpv1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"): + return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().ActiveDirectoryIdentityProviders().Informer()}, nil + case idpv1alpha1.SchemeGroupVersion.WithResource("ldapidentityproviders"): + return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().LDAPIdentityProviders().Informer()}, nil + case idpv1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"): + return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().OIDCIdentityProviders().Informer()}, nil + + } + + return nil, fmt.Errorf("no informer found for %v", resource) +} diff --git a/generated/1.21/client/supervisor/informers/externalversions/idp/interface.go b/generated/1.21/client/supervisor/informers/externalversions/idp/interface.go new file mode 100644 index 00000000..8e8b05a0 --- /dev/null +++ b/generated/1.21/client/supervisor/informers/externalversions/idp/interface.go @@ -0,0 +1,33 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package idp + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go new file mode 100644 index 00000000..9d308e51 --- /dev/null +++ b/generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go @@ -0,0 +1,77 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + idpv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/listers/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// ActiveDirectoryIdentityProviderInformer provides access to a shared informer and lister for +// ActiveDirectoryIdentityProviders. +type ActiveDirectoryIdentityProviderInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.ActiveDirectoryIdentityProviderLister +} + +type activeDirectoryIdentityProviderInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewActiveDirectoryIdentityProviderInformer constructs a new informer for ActiveDirectoryIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredActiveDirectoryIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredActiveDirectoryIdentityProviderInformer constructs a new informer for ActiveDirectoryIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(context.TODO(), options) + }, + }, + &idpv1alpha1.ActiveDirectoryIdentityProvider{}, + resyncPeriod, + indexers, + ) +} + +func (f *activeDirectoryIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredActiveDirectoryIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *activeDirectoryIdentityProviderInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&idpv1alpha1.ActiveDirectoryIdentityProvider{}, f.defaultInformer) +} + +func (f *activeDirectoryIdentityProviderInformer) Lister() v1alpha1.ActiveDirectoryIdentityProviderLister { + return v1alpha1.NewActiveDirectoryIdentityProviderLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go b/generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go new file mode 100644 index 00000000..8ebee9f2 --- /dev/null +++ b/generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go @@ -0,0 +1,46 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // ActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviderInformer. + ActiveDirectoryIdentityProviders() ActiveDirectoryIdentityProviderInformer + // LDAPIdentityProviders returns a LDAPIdentityProviderInformer. + LDAPIdentityProviders() LDAPIdentityProviderInformer + // OIDCIdentityProviders returns a OIDCIdentityProviderInformer. + OIDCIdentityProviders() OIDCIdentityProviderInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// ActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviderInformer. +func (v *version) ActiveDirectoryIdentityProviders() ActiveDirectoryIdentityProviderInformer { + return &activeDirectoryIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + +// LDAPIdentityProviders returns a LDAPIdentityProviderInformer. +func (v *version) LDAPIdentityProviders() LDAPIdentityProviderInformer { + return &lDAPIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + +// OIDCIdentityProviders returns a OIDCIdentityProviderInformer. +func (v *version) OIDCIdentityProviders() OIDCIdentityProviderInformer { + return &oIDCIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go b/generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go new file mode 100644 index 00000000..9759690e --- /dev/null +++ b/generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go @@ -0,0 +1,77 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + idpv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/listers/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// LDAPIdentityProviderInformer provides access to a shared informer and lister for +// LDAPIdentityProviders. +type LDAPIdentityProviderInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.LDAPIdentityProviderLister +} + +type lDAPIdentityProviderInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewLDAPIdentityProviderInformer constructs a new informer for LDAPIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredLDAPIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredLDAPIdentityProviderInformer constructs a new informer for LDAPIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(context.TODO(), options) + }, + }, + &idpv1alpha1.LDAPIdentityProvider{}, + resyncPeriod, + indexers, + ) +} + +func (f *lDAPIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredLDAPIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *lDAPIdentityProviderInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&idpv1alpha1.LDAPIdentityProvider{}, f.defaultInformer) +} + +func (f *lDAPIdentityProviderInformer) Lister() v1alpha1.LDAPIdentityProviderLister { + return v1alpha1.NewLDAPIdentityProviderLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go b/generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go new file mode 100644 index 00000000..b69b948c --- /dev/null +++ b/generated/1.21/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go @@ -0,0 +1,77 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + idpv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/listers/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// OIDCIdentityProviderInformer provides access to a shared informer and lister for +// OIDCIdentityProviders. +type OIDCIdentityProviderInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.OIDCIdentityProviderLister +} + +type oIDCIdentityProviderInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewOIDCIdentityProviderInformer constructs a new informer for OIDCIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredOIDCIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredOIDCIdentityProviderInformer constructs a new informer for OIDCIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(context.TODO(), options) + }, + }, + &idpv1alpha1.OIDCIdentityProvider{}, + resyncPeriod, + indexers, + ) +} + +func (f *oIDCIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredOIDCIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *oIDCIdentityProviderInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&idpv1alpha1.OIDCIdentityProvider{}, f.defaultInformer) +} + +func (f *oIDCIdentityProviderInformer) Lister() v1alpha1.OIDCIdentityProviderLister { + return v1alpha1.NewOIDCIdentityProviderLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.21/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.21/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go new file mode 100644 index 00000000..fc469ce4 --- /dev/null +++ b/generated/1.21/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package internalinterfaces + +import ( + time "time" + + versioned "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + cache "k8s.io/client-go/tools/cache" +) + +// NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer. +type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer + +// SharedInformerFactory a small interface to allow for adding an informer without an import cycle +type SharedInformerFactory interface { + Start(stopCh <-chan struct{}) + InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer +} + +// TweakListOptionsFunc is a function that transforms a v1.ListOptions. +type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/generated/1.21/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.21/client/supervisor/listers/config/v1alpha1/expansion_generated.go new file mode 100644 index 00000000..d59892c4 --- /dev/null +++ b/generated/1.21/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -0,0 +1,14 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// FederationDomainListerExpansion allows custom methods to be added to +// FederationDomainLister. +type FederationDomainListerExpansion interface{} + +// FederationDomainNamespaceListerExpansion allows custom methods to be added to +// FederationDomainNamespaceLister. +type FederationDomainNamespaceListerExpansion interface{} diff --git a/generated/1.21/client/supervisor/listers/config/v1alpha1/federationdomain.go b/generated/1.21/client/supervisor/listers/config/v1alpha1/federationdomain.go new file mode 100644 index 00000000..7e1b7bbf --- /dev/null +++ b/generated/1.21/client/supervisor/listers/config/v1alpha1/federationdomain.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/config/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// FederationDomainLister helps list FederationDomains. +// All objects returned here must be treated as read-only. +type FederationDomainLister interface { + // List lists all FederationDomains in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) + // FederationDomains returns an object that can list and get FederationDomains. + FederationDomains(namespace string) FederationDomainNamespaceLister + FederationDomainListerExpansion +} + +// federationDomainLister implements the FederationDomainLister interface. +type federationDomainLister struct { + indexer cache.Indexer +} + +// NewFederationDomainLister returns a new FederationDomainLister. +func NewFederationDomainLister(indexer cache.Indexer) FederationDomainLister { + return &federationDomainLister{indexer: indexer} +} + +// List lists all FederationDomains in the indexer. +func (s *federationDomainLister) List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.FederationDomain)) + }) + return ret, err +} + +// FederationDomains returns an object that can list and get FederationDomains. +func (s *federationDomainLister) FederationDomains(namespace string) FederationDomainNamespaceLister { + return federationDomainNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// FederationDomainNamespaceLister helps list and get FederationDomains. +// All objects returned here must be treated as read-only. +type FederationDomainNamespaceLister interface { + // List lists all FederationDomains in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) + // Get retrieves the FederationDomain from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.FederationDomain, error) + FederationDomainNamespaceListerExpansion +} + +// federationDomainNamespaceLister implements the FederationDomainNamespaceLister +// interface. +type federationDomainNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all FederationDomains in the indexer for a given namespace. +func (s federationDomainNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.FederationDomain)) + }) + return ret, err +} + +// Get retrieves the FederationDomain from the indexer for a given namespace and name. +func (s federationDomainNamespaceLister) Get(name string) (*v1alpha1.FederationDomain, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("federationdomain"), name) + } + return obj.(*v1alpha1.FederationDomain), nil +} diff --git a/generated/1.21/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.21/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go new file mode 100644 index 00000000..1afe23e3 --- /dev/null +++ b/generated/1.21/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// ActiveDirectoryIdentityProviderLister helps list ActiveDirectoryIdentityProviders. +// All objects returned here must be treated as read-only. +type ActiveDirectoryIdentityProviderLister interface { + // List lists all ActiveDirectoryIdentityProviders in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) + // ActiveDirectoryIdentityProviders returns an object that can list and get ActiveDirectoryIdentityProviders. + ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderNamespaceLister + ActiveDirectoryIdentityProviderListerExpansion +} + +// activeDirectoryIdentityProviderLister implements the ActiveDirectoryIdentityProviderLister interface. +type activeDirectoryIdentityProviderLister struct { + indexer cache.Indexer +} + +// NewActiveDirectoryIdentityProviderLister returns a new ActiveDirectoryIdentityProviderLister. +func NewActiveDirectoryIdentityProviderLister(indexer cache.Indexer) ActiveDirectoryIdentityProviderLister { + return &activeDirectoryIdentityProviderLister{indexer: indexer} +} + +// List lists all ActiveDirectoryIdentityProviders in the indexer. +func (s *activeDirectoryIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.ActiveDirectoryIdentityProvider)) + }) + return ret, err +} + +// ActiveDirectoryIdentityProviders returns an object that can list and get ActiveDirectoryIdentityProviders. +func (s *activeDirectoryIdentityProviderLister) ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderNamespaceLister { + return activeDirectoryIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// ActiveDirectoryIdentityProviderNamespaceLister helps list and get ActiveDirectoryIdentityProviders. +// All objects returned here must be treated as read-only. +type ActiveDirectoryIdentityProviderNamespaceLister interface { + // List lists all ActiveDirectoryIdentityProviders in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) + // Get retrieves the ActiveDirectoryIdentityProvider from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + ActiveDirectoryIdentityProviderNamespaceListerExpansion +} + +// activeDirectoryIdentityProviderNamespaceLister implements the ActiveDirectoryIdentityProviderNamespaceLister +// interface. +type activeDirectoryIdentityProviderNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all ActiveDirectoryIdentityProviders in the indexer for a given namespace. +func (s activeDirectoryIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.ActiveDirectoryIdentityProvider)) + }) + return ret, err +} + +// Get retrieves the ActiveDirectoryIdentityProvider from the indexer for a given namespace and name. +func (s activeDirectoryIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.ActiveDirectoryIdentityProvider, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("activedirectoryidentityprovider"), name) + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), nil +} diff --git a/generated/1.21/client/supervisor/listers/idp/v1alpha1/expansion_generated.go b/generated/1.21/client/supervisor/listers/idp/v1alpha1/expansion_generated.go new file mode 100644 index 00000000..d79cd0fe --- /dev/null +++ b/generated/1.21/client/supervisor/listers/idp/v1alpha1/expansion_generated.go @@ -0,0 +1,30 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// ActiveDirectoryIdentityProviderListerExpansion allows custom methods to be added to +// ActiveDirectoryIdentityProviderLister. +type ActiveDirectoryIdentityProviderListerExpansion interface{} + +// ActiveDirectoryIdentityProviderNamespaceListerExpansion allows custom methods to be added to +// ActiveDirectoryIdentityProviderNamespaceLister. +type ActiveDirectoryIdentityProviderNamespaceListerExpansion interface{} + +// LDAPIdentityProviderListerExpansion allows custom methods to be added to +// LDAPIdentityProviderLister. +type LDAPIdentityProviderListerExpansion interface{} + +// LDAPIdentityProviderNamespaceListerExpansion allows custom methods to be added to +// LDAPIdentityProviderNamespaceLister. +type LDAPIdentityProviderNamespaceListerExpansion interface{} + +// OIDCIdentityProviderListerExpansion allows custom methods to be added to +// OIDCIdentityProviderLister. +type OIDCIdentityProviderListerExpansion interface{} + +// OIDCIdentityProviderNamespaceListerExpansion allows custom methods to be added to +// OIDCIdentityProviderNamespaceLister. +type OIDCIdentityProviderNamespaceListerExpansion interface{} diff --git a/generated/1.21/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go b/generated/1.21/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go new file mode 100644 index 00000000..6a3e8869 --- /dev/null +++ b/generated/1.21/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// LDAPIdentityProviderLister helps list LDAPIdentityProviders. +// All objects returned here must be treated as read-only. +type LDAPIdentityProviderLister interface { + // List lists all LDAPIdentityProviders in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) + // LDAPIdentityProviders returns an object that can list and get LDAPIdentityProviders. + LDAPIdentityProviders(namespace string) LDAPIdentityProviderNamespaceLister + LDAPIdentityProviderListerExpansion +} + +// lDAPIdentityProviderLister implements the LDAPIdentityProviderLister interface. +type lDAPIdentityProviderLister struct { + indexer cache.Indexer +} + +// NewLDAPIdentityProviderLister returns a new LDAPIdentityProviderLister. +func NewLDAPIdentityProviderLister(indexer cache.Indexer) LDAPIdentityProviderLister { + return &lDAPIdentityProviderLister{indexer: indexer} +} + +// List lists all LDAPIdentityProviders in the indexer. +func (s *lDAPIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.LDAPIdentityProvider)) + }) + return ret, err +} + +// LDAPIdentityProviders returns an object that can list and get LDAPIdentityProviders. +func (s *lDAPIdentityProviderLister) LDAPIdentityProviders(namespace string) LDAPIdentityProviderNamespaceLister { + return lDAPIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// LDAPIdentityProviderNamespaceLister helps list and get LDAPIdentityProviders. +// All objects returned here must be treated as read-only. +type LDAPIdentityProviderNamespaceLister interface { + // List lists all LDAPIdentityProviders in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) + // Get retrieves the LDAPIdentityProvider from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.LDAPIdentityProvider, error) + LDAPIdentityProviderNamespaceListerExpansion +} + +// lDAPIdentityProviderNamespaceLister implements the LDAPIdentityProviderNamespaceLister +// interface. +type lDAPIdentityProviderNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all LDAPIdentityProviders in the indexer for a given namespace. +func (s lDAPIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.LDAPIdentityProvider)) + }) + return ret, err +} + +// Get retrieves the LDAPIdentityProvider from the indexer for a given namespace and name. +func (s lDAPIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.LDAPIdentityProvider, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("ldapidentityprovider"), name) + } + return obj.(*v1alpha1.LDAPIdentityProvider), nil +} diff --git a/generated/1.21/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go b/generated/1.21/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go new file mode 100644 index 00000000..d9dfa485 --- /dev/null +++ b/generated/1.21/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// OIDCIdentityProviderLister helps list OIDCIdentityProviders. +// All objects returned here must be treated as read-only. +type OIDCIdentityProviderLister interface { + // List lists all OIDCIdentityProviders in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) + // OIDCIdentityProviders returns an object that can list and get OIDCIdentityProviders. + OIDCIdentityProviders(namespace string) OIDCIdentityProviderNamespaceLister + OIDCIdentityProviderListerExpansion +} + +// oIDCIdentityProviderLister implements the OIDCIdentityProviderLister interface. +type oIDCIdentityProviderLister struct { + indexer cache.Indexer +} + +// NewOIDCIdentityProviderLister returns a new OIDCIdentityProviderLister. +func NewOIDCIdentityProviderLister(indexer cache.Indexer) OIDCIdentityProviderLister { + return &oIDCIdentityProviderLister{indexer: indexer} +} + +// List lists all OIDCIdentityProviders in the indexer. +func (s *oIDCIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.OIDCIdentityProvider)) + }) + return ret, err +} + +// OIDCIdentityProviders returns an object that can list and get OIDCIdentityProviders. +func (s *oIDCIdentityProviderLister) OIDCIdentityProviders(namespace string) OIDCIdentityProviderNamespaceLister { + return oIDCIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// OIDCIdentityProviderNamespaceLister helps list and get OIDCIdentityProviders. +// All objects returned here must be treated as read-only. +type OIDCIdentityProviderNamespaceLister interface { + // List lists all OIDCIdentityProviders in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) + // Get retrieves the OIDCIdentityProvider from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.OIDCIdentityProvider, error) + OIDCIdentityProviderNamespaceListerExpansion +} + +// oIDCIdentityProviderNamespaceLister implements the OIDCIdentityProviderNamespaceLister +// interface. +type oIDCIdentityProviderNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all OIDCIdentityProviders in the indexer for a given namespace. +func (s oIDCIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.OIDCIdentityProvider)) + }) + return ret, err +} + +// Get retrieves the OIDCIdentityProvider from the indexer for a given namespace and name. +func (s oIDCIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.OIDCIdentityProvider, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("oidcidentityprovider"), name) + } + return obj.(*v1alpha1.OIDCIdentityProvider), nil +} diff --git a/generated/1.21/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.21/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml new file mode 100644 index 00000000..bf656d1f --- /dev/null +++ b/generated/1.21/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -0,0 +1,177 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: jwtauthenticators.authentication.concierge.pinniped.dev +spec: + group: authentication.concierge.pinniped.dev + names: + categories: + - pinniped + - pinniped-authenticator + - pinniped-authenticators + kind: JWTAuthenticator + listKind: JWTAuthenticatorList + plural: jwtauthenticators + singular: jwtauthenticator + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .spec.issuer + name: Issuer + type: string + - jsonPath: .spec.audience + name: Audience + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: "JWTAuthenticator describes the configuration of a JWT authenticator. + \n Upon receiving a signed JWT, a JWTAuthenticator will performs some validation + on it (e.g., valid signature, existence of claims, etc.) and extract the + username and groups from the token." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec for configuring the authenticator. + properties: + audience: + description: Audience is the required value of the "aud" JWT claim. + minLength: 1 + type: string + claims: + description: Claims allows customization of the claims that will be + mapped to user identity for Kubernetes access. + properties: + groups: + description: Groups is the name of the claim which should be read + to extract the user's group membership from the JWT token. When + not specified, it will default to "groups". + type: string + username: + description: Username is the name of the claim which should be + read to extract the username from the JWT token. When not specified, + it will default to "username". + type: string + type: object + issuer: + description: Issuer is the OIDC issuer URL that will be used to discover + public signing keys. Issuer is also used to validate the "iss" JWT + claim. + minLength: 1 + pattern: ^https:// + type: string + tls: + description: TLS configuration for communicating with the OIDC provider. + properties: + certificateAuthorityData: + description: X.509 Certificate Authority (base64-encoded PEM bundle). + If omitted, a default set of system roots will be trusted. + type: string + type: object + required: + - audience + - issuer + type: object + status: + description: Status of the authenticator. + properties: + conditions: + description: Represents the observations of the authenticator's current + state. + items: + description: Condition status of a resource (mirrored from the metav1.Condition + type added in Kubernetes 1.19). In a future API version we can + switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.21/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.21/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml new file mode 100644 index 00000000..10dcc7bd --- /dev/null +++ b/generated/1.21/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -0,0 +1,150 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: webhookauthenticators.authentication.concierge.pinniped.dev +spec: + group: authentication.concierge.pinniped.dev + names: + categories: + - pinniped + - pinniped-authenticator + - pinniped-authenticators + kind: WebhookAuthenticator + listKind: WebhookAuthenticatorList + plural: webhookauthenticators + singular: webhookauthenticator + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .spec.endpoint + name: Endpoint + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: WebhookAuthenticator describes the configuration of a webhook + authenticator. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec for configuring the authenticator. + properties: + endpoint: + description: Webhook server endpoint URL. + minLength: 1 + pattern: ^https:// + type: string + tls: + description: TLS configuration. + properties: + certificateAuthorityData: + description: X.509 Certificate Authority (base64-encoded PEM bundle). + If omitted, a default set of system roots will be trusted. + type: string + type: object + required: + - endpoint + type: object + status: + description: Status of the authenticator. + properties: + conditions: + description: Represents the observations of the authenticator's current + state. + items: + description: Condition status of a resource (mirrored from the metav1.Condition + type added in Kubernetes 1.19). In a future API version we can + switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.21/crds/config.concierge.pinniped.dev_credentialissuers.yaml b/generated/1.21/crds/config.concierge.pinniped.dev_credentialissuers.yaml new file mode 100644 index 00000000..e09709a5 --- /dev/null +++ b/generated/1.21/crds/config.concierge.pinniped.dev_credentialissuers.yaml @@ -0,0 +1,247 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: credentialissuers.config.concierge.pinniped.dev +spec: + group: config.concierge.pinniped.dev + names: + categories: + - pinniped + kind: CredentialIssuer + listKind: CredentialIssuerList + plural: credentialissuers + singular: credentialissuer + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .spec.impersonationProxy.mode + name: ProxyMode + type: string + - jsonPath: .status.strategies[?(@.status == "Success")].type + name: DefaultStrategy + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: CredentialIssuer describes the configuration and status of the + Pinniped Concierge credential issuer. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec describes the intended configuration of the Concierge. + properties: + impersonationProxy: + description: ImpersonationProxy describes the intended configuration + of the Concierge impersonation proxy. + properties: + externalEndpoint: + description: "ExternalEndpoint describes the HTTPS endpoint where + the proxy will be exposed. If not set, the proxy will be served + using the external name of the LoadBalancer service or the cluster + service DNS name. \n This field must be non-empty when spec.impersonationProxy.service.type + is \"None\"." + type: string + mode: + description: 'Mode configures whether the impersonation proxy + should be started: - "disabled" explicitly disables the impersonation + proxy. This is the default. - "enabled" explicitly enables the + impersonation proxy. - "auto" enables or disables the impersonation + proxy based upon the cluster in which it is running.' + enum: + - auto + - enabled + - disabled + type: string + service: + default: + type: LoadBalancer + description: Service describes the configuration of the Service + provisioned to expose the impersonation proxy to clients. + properties: + annotations: + additionalProperties: + type: string + description: Annotations specifies zero or more key/value + pairs to set as annotations on the provisioned Service. + type: object + loadBalancerIP: + description: LoadBalancerIP specifies the IP address to set + in the spec.loadBalancerIP field of the provisioned Service. + This is not supported on all cloud providers. + maxLength: 255 + minLength: 1 + type: string + type: + default: LoadBalancer + description: "Type specifies the type of Service to provision + for the impersonation proxy. \n If the type is \"None\", + then the \"spec.impersonationProxy.externalEndpoint\" field + must be set to a non-empty value so that the Concierge can + properly advertise the endpoint in the CredentialIssuer's + status." + enum: + - LoadBalancer + - ClusterIP + - None + type: string + type: object + required: + - mode + - service + type: object + required: + - impersonationProxy + type: object + status: + description: CredentialIssuerStatus describes the status of the Concierge. + properties: + kubeConfigInfo: + description: Information needed to form a valid Pinniped-based kubeconfig + using this credential issuer. This field is deprecated and will + be removed in a future version. + properties: + certificateAuthorityData: + description: The K8s API server CA bundle. + minLength: 1 + type: string + server: + description: The K8s API server URL. + minLength: 1 + pattern: ^https://|^http:// + type: string + required: + - certificateAuthorityData + - server + type: object + strategies: + description: List of integration strategies that were attempted by + Pinniped. + items: + description: CredentialIssuerStrategy describes the status of an + integration strategy that was attempted by Pinniped. + properties: + frontend: + description: Frontend describes how clients can connect using + this strategy. + properties: + impersonationProxyInfo: + description: ImpersonationProxyInfo describes the parameters + for the impersonation proxy on this Concierge. This field + is only set when Type is "ImpersonationProxy". + properties: + certificateAuthorityData: + description: CertificateAuthorityData is the base64-encoded + PEM CA bundle of the impersonation proxy. + minLength: 1 + type: string + endpoint: + description: Endpoint is the HTTPS endpoint of the impersonation + proxy. + minLength: 1 + pattern: ^https:// + type: string + required: + - certificateAuthorityData + - endpoint + type: object + tokenCredentialRequestInfo: + description: TokenCredentialRequestAPIInfo describes the + parameters for the TokenCredentialRequest API on this + Concierge. This field is only set when Type is "TokenCredentialRequestAPI". + properties: + certificateAuthorityData: + description: CertificateAuthorityData is the base64-encoded + Kubernetes API server CA bundle. + minLength: 1 + type: string + server: + description: Server is the Kubernetes API server URL. + minLength: 1 + pattern: ^https://|^http:// + type: string + required: + - certificateAuthorityData + - server + type: object + type: + description: Type describes which frontend mechanism clients + can use with a strategy. + enum: + - TokenCredentialRequestAPI + - ImpersonationProxy + type: string + required: + - type + type: object + lastUpdateTime: + description: When the status was last checked. + format: date-time + type: string + message: + description: Human-readable description of the current status. + minLength: 1 + type: string + reason: + description: Reason for the current status. + enum: + - Listening + - Pending + - Disabled + - ErrorDuringSetup + - CouldNotFetchKey + - CouldNotGetClusterInfo + - FetchedKey + type: string + status: + description: Status of the attempted integration strategy. + enum: + - Success + - Error + type: string + type: + description: Type of integration attempted. + enum: + - KubeClusterSigningCertificate + - ImpersonationProxy + type: string + required: + - lastUpdateTime + - message + - reason + - status + - type + type: object + type: array + required: + - strategies + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.21/crds/config.supervisor.pinniped.dev_federationdomains.yaml b/generated/1.21/crds/config.supervisor.pinniped.dev_federationdomains.yaml new file mode 100644 index 00000000..5fad1946 --- /dev/null +++ b/generated/1.21/crds/config.supervisor.pinniped.dev_federationdomains.yaml @@ -0,0 +1,170 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: federationdomains.config.supervisor.pinniped.dev +spec: + group: config.supervisor.pinniped.dev + names: + categories: + - pinniped + kind: FederationDomain + listKind: FederationDomainList + plural: federationdomains + singular: federationdomain + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.issuer + name: Issuer + type: string + - jsonPath: .status.status + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: FederationDomain describes the configuration of an OIDC provider. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec of the OIDC provider. + properties: + issuer: + description: "Issuer is the OIDC Provider's issuer, per the OIDC Discovery + Metadata document, as well as the identifier that it will use for + the iss claim in issued JWTs. This field will also be used as the + base URL for any endpoints used by the OIDC Provider (e.g., if your + issuer is https://example.com/foo, then your authorization endpoint + will look like https://example.com/foo/some/path/to/auth/endpoint). + \n See https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 + for more information." + minLength: 1 + type: string + tls: + description: TLS configures how this FederationDomain is served over + Transport Layer Security (TLS). + properties: + secretName: + description: "SecretName is an optional name of a Secret in the + same namespace, of type `kubernetes.io/tls`, which contains + the TLS serving certificate for the HTTPS endpoints served by + this FederationDomain. When provided, the TLS Secret named here + must contain keys named `tls.crt` and `tls.key` that contain + the certificate and private key to use for TLS. \n Server Name + Indication (SNI) is an extension to the Transport Layer Security + (TLS) supported by all major browsers. \n SecretName is required + if you would like to use different TLS certificates for issuers + of different hostnames. SNI requests do not include port numbers, + so all issuers with the same DNS hostname must use the same + SecretName value even if they have different port numbers. \n + SecretName is not required when you would like to use only the + HTTP endpoints (e.g. when terminating TLS at an Ingress). It + is also not required when you would like all requests to this + OIDC Provider's HTTPS endpoints to use the default TLS certificate, + which is configured elsewhere. \n When your Issuer URL's host + is an IP address, then this field is ignored. SNI does not work + for IP addresses." + type: string + type: object + required: + - issuer + type: object + status: + description: Status of the OIDC provider. + properties: + lastUpdateTime: + description: LastUpdateTime holds the time at which the Status was + last updated. It is a pointer to get around some undesirable behavior + with respect to the empty metav1.Time value (see https://github.com/kubernetes/kubernetes/issues/86811). + format: date-time + type: string + message: + description: Message provides human-readable details about the Status. + type: string + secrets: + description: Secrets contains information about this OIDC Provider's + secrets. + properties: + jwks: + description: JWKS holds the name of the corev1.Secret in which + this OIDC Provider's signing/verification keys are stored. If + it is empty, then the signing/verification keys are either unknown + or they don't exist. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + stateEncryptionKey: + description: StateSigningKey holds the name of the corev1.Secret + in which this OIDC Provider's key for encrypting state parameters + is stored. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + stateSigningKey: + description: StateSigningKey holds the name of the corev1.Secret + in which this OIDC Provider's key for signing state parameters + is stored. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + tokenSigningKey: + description: TokenSigningKey holds the name of the corev1.Secret + in which this OIDC Provider's key for signing tokens is stored. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + type: object + status: + description: Status holds an enum that describes the state of this + OIDC Provider. Note that this Status can represent success or failure. + enum: + - Success + - Duplicate + - Invalid + - SameIssuerHostMustUseSameSecret + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.21/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.21/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml new file mode 100644 index 00000000..0ac278fe --- /dev/null +++ b/generated/1.21/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -0,0 +1,305 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: activedirectoryidentityproviders.idp.supervisor.pinniped.dev +spec: + group: idp.supervisor.pinniped.dev + names: + categories: + - pinniped + - pinniped-idp + - pinniped-idps + kind: ActiveDirectoryIdentityProvider + listKind: ActiveDirectoryIdentityProviderList + plural: activedirectoryidentityproviders + singular: activedirectoryidentityprovider + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.host + name: Host + type: string + - jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: ActiveDirectoryIdentityProvider describes the configuration of + an upstream Microsoft Active Directory identity provider. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec for configuring the identity provider. + properties: + bind: + description: Bind contains the configuration for how to provide access + credentials during an initial bind to the ActiveDirectory server + to be allowed to perform searches and binds to validate a user's + credentials during a user's authentication attempt. + properties: + secretName: + description: SecretName contains the name of a namespace-local + Secret object that provides the username and password for an + Active Directory bind user. This account will be used to perform + LDAP searches. The Secret should be of type "kubernetes.io/basic-auth" + which includes "username" and "password" keys. The username + value should be the full dn (distinguished name) of your bind + account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". + The password must be non-empty. + minLength: 1 + type: string + required: + - secretName + type: object + groupSearch: + description: GroupSearch contains the configuration for searching + for a user's group membership in ActiveDirectory. + properties: + attributes: + description: Attributes specifies how the group's information + should be read from each ActiveDirectory entry which was found + as the result of the group search. + properties: + groupName: + description: GroupName specifies the name of the attribute + in the Active Directory entries whose value shall become + a group name in the user's list of groups after a successful + authentication. The value of this field is case-sensitive + and must match the case of the attribute name returned by + the ActiveDirectory server in the user's entry. E.g. "cn" + for common name. Distinguished names can be used by specifying + lower-case "dn". Optional. When not specified, this defaults + to a custom field that looks like "sAMAccountName@domain", + where domain is constructed from the domain components of + the group DN. + type: string + type: object + base: + description: Base is the dn (distinguished name) that should be + used as the search base when searching for groups. E.g. "ou=groups,dc=example,dc=com". + Optional, when not specified it will be based on the result + of a query for the defaultNamingContext (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). + The default behavior searches your entire domain for groups. + It may make sense to specify a subtree as a search base if you + wish to exclude some groups for security reasons or to make + searches faster. + type: string + filter: + description: Filter is the ActiveDirectory search filter which + should be applied when searching for groups for a user. The + pattern "{}" must occur in the filter at least once and will + be dynamically replaced by the dn (distinguished name) of the + user entry found as a result of the user search. E.g. "member={}" + or "&(objectClass=groupOfNames)(member={})". For more information + about ActiveDirectory filters, see https://ldap.com/ldap-filters. + Note that the dn (distinguished name) is not an attribute of + an entry, so "dn={}" cannot be used. Optional. When not specified, + the default will act as if the filter were specified as "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={})". + This searches nested groups by default. Note that nested group + search can be slow for some Active Directory servers. To disable + it, you can set the filter to "(&(objectClass=group)(member={})" + type: string + skipGroupRefresh: + description: "The user's group membership is refreshed as they + interact with the supervisor to obtain new credentials (as their + old credentials expire). This allows group membership changes + to be quickly reflected into Kubernetes clusters. Since group + membership is often used to bind authorization policies, it + is important to keep the groups observed in Kubernetes clusters + in-sync with the identity provider. \n In some environments, + frequent group membership queries may result in a significant + performance impact on the identity provider and/or the supervisor. + The best approach to handle performance impacts is to tweak + the group query to be more performant, for example by disabling + nested group search or by using a more targeted group search + base. \n If the group search query cannot be made performant + and you are willing to have group memberships remain static + for approximately a day, then set skipGroupRefresh to true. + \ This is an insecure configuration as authorization policies + that are bound to group membership will not notice if a user + has been removed from a particular group until their next login. + \n This is an experimental feature that may be removed or significantly + altered in the future. Consumers of this configuration should + carefully read all release notes before upgrading to ensure + that the meaning of this field has not changed." + type: boolean + type: object + host: + description: 'Host is the hostname of this Active Directory identity + provider, i.e., where to connect. For example: ldap.example.com:636.' + minLength: 1 + type: string + tls: + description: TLS contains the connection settings for how to establish + the connection to the Host. + properties: + certificateAuthorityData: + description: X.509 Certificate Authority (base64-encoded PEM bundle). + If omitted, a default set of system roots will be trusted. + type: string + type: object + userSearch: + description: UserSearch contains the configuration for searching for + a user by name in Active Directory. + properties: + attributes: + description: Attributes specifies how the user's information should + be read from the ActiveDirectory entry which was found as the + result of the user search. + properties: + uid: + description: UID specifies the name of the attribute in the + ActiveDirectory entry which whose value shall be used to + uniquely identify the user within this ActiveDirectory provider + after a successful authentication. Optional, when empty + this defaults to "objectGUID". + type: string + username: + description: Username specifies the name of the attribute + in Active Directory entry whose value shall become the username + of the user after a successful authentication. Optional, + when empty this defaults to "userPrincipalName". + type: string + type: object + base: + description: Base is the dn (distinguished name) that should be + used as the search base when searching for users. E.g. "ou=users,dc=example,dc=com". + Optional, when not specified it will be based on the result + of a query for the defaultNamingContext (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). + The default behavior searches your entire domain for users. + It may make sense to specify a subtree as a search base if you + wish to exclude some users or to make searches faster. + type: string + filter: + description: Filter is the search filter which should be applied + when searching for users. The pattern "{}" must occur in the + filter at least once and will be dynamically replaced by the + username for which the search is being run. E.g. "mail={}" or + "&(objectClass=person)(uid={})". For more information about + LDAP filters, see https://ldap.com/ldap-filters. Note that the + dn (distinguished name) is not an attribute of an entry, so + "dn={}" cannot be used. Optional. When not specified, the default + will be '(&(objectClass=person)(!(objectClass=computer))(!(showInAdvancedViewOnly=TRUE))(|(sAMAccountName={}")(mail={})(userPrincipalName={})(sAMAccountType=805306368))' + This means that the user is a person, is not a computer, the + sAMAccountType is for a normal user account, and is not shown + in advanced view only (which would likely mean its a system + created service account with advanced permissions). Also, either + the sAMAccountName, the userPrincipalName, or the mail attribute + matches the input username. + type: string + type: object + required: + - host + type: object + status: + description: Status of the identity provider. + properties: + conditions: + description: Represents the observations of an identity provider's + current state. + items: + description: Condition status of a resource (mirrored from the metav1.Condition + type added in Kubernetes 1.19). In a future API version we can + switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + phase: + default: Pending + description: Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + enum: + - Pending + - Ready + - Error + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.21/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.21/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml new file mode 100644 index 00000000..33f1c954 --- /dev/null +++ b/generated/1.21/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -0,0 +1,302 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: ldapidentityproviders.idp.supervisor.pinniped.dev +spec: + group: idp.supervisor.pinniped.dev + names: + categories: + - pinniped + - pinniped-idp + - pinniped-idps + kind: LDAPIdentityProvider + listKind: LDAPIdentityProviderList + plural: ldapidentityproviders + singular: ldapidentityprovider + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.host + name: Host + type: string + - jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: LDAPIdentityProvider describes the configuration of an upstream + Lightweight Directory Access Protocol (LDAP) identity provider. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec for configuring the identity provider. + properties: + bind: + description: Bind contains the configuration for how to provide access + credentials during an initial bind to the LDAP server to be allowed + to perform searches and binds to validate a user's credentials during + a user's authentication attempt. + properties: + secretName: + description: SecretName contains the name of a namespace-local + Secret object that provides the username and password for an + LDAP bind user. This account will be used to perform LDAP searches. + The Secret should be of type "kubernetes.io/basic-auth" which + includes "username" and "password" keys. The username value + should be the full dn (distinguished name) of your bind account, + e.g. "cn=bind-account,ou=users,dc=example,dc=com". The password + must be non-empty. + minLength: 1 + type: string + required: + - secretName + type: object + groupSearch: + description: GroupSearch contains the configuration for searching + for a user's group membership in the LDAP provider. + properties: + attributes: + description: Attributes specifies how the group's information + should be read from each LDAP entry which was found as the result + of the group search. + properties: + groupName: + description: GroupName specifies the name of the attribute + in the LDAP entries whose value shall become a group name + in the user's list of groups after a successful authentication. + The value of this field is case-sensitive and must match + the case of the attribute name returned by the LDAP server + in the user's entry. E.g. "cn" for common name. Distinguished + names can be used by specifying lower-case "dn". Optional. + When not specified, the default will act as if the GroupName + were specified as "dn" (distinguished name). + type: string + type: object + base: + description: Base is the dn (distinguished name) that should be + used as the search base when searching for groups. E.g. "ou=groups,dc=example,dc=com". + When not specified, no group search will be performed and authenticated + users will not belong to any groups from the LDAP provider. + Also, when not specified, the values of Filter and Attributes + are ignored. + type: string + filter: + description: Filter is the LDAP search filter which should be + applied when searching for groups for a user. The pattern "{}" + must occur in the filter at least once and will be dynamically + replaced by the dn (distinguished name) of the user entry found + as a result of the user search. E.g. "member={}" or "&(objectClass=groupOfNames)(member={})". + For more information about LDAP filters, see https://ldap.com/ldap-filters. + Note that the dn (distinguished name) is not an attribute of + an entry, so "dn={}" cannot be used. Optional. When not specified, + the default will act as if the Filter were specified as "member={}". + type: string + skipGroupRefresh: + description: "The user's group membership is refreshed as they + interact with the supervisor to obtain new credentials (as their + old credentials expire). This allows group membership changes + to be quickly reflected into Kubernetes clusters. Since group + membership is often used to bind authorization policies, it + is important to keep the groups observed in Kubernetes clusters + in-sync with the identity provider. \n In some environments, + frequent group membership queries may result in a significant + performance impact on the identity provider and/or the supervisor. + The best approach to handle performance impacts is to tweak + the group query to be more performant, for example by disabling + nested group search or by using a more targeted group search + base. \n If the group search query cannot be made performant + and you are willing to have group memberships remain static + for approximately a day, then set skipGroupRefresh to true. + \ This is an insecure configuration as authorization policies + that are bound to group membership will not notice if a user + has been removed from a particular group until their next login. + \n This is an experimental feature that may be removed or significantly + altered in the future. Consumers of this configuration should + carefully read all release notes before upgrading to ensure + that the meaning of this field has not changed." + type: boolean + type: object + host: + description: 'Host is the hostname of this LDAP identity provider, + i.e., where to connect. For example: ldap.example.com:636.' + minLength: 1 + type: string + tls: + description: TLS contains the connection settings for how to establish + the connection to the Host. + properties: + certificateAuthorityData: + description: X.509 Certificate Authority (base64-encoded PEM bundle). + If omitted, a default set of system roots will be trusted. + type: string + type: object + userSearch: + description: UserSearch contains the configuration for searching for + a user by name in the LDAP provider. + properties: + attributes: + description: Attributes specifies how the user's information should + be read from the LDAP entry which was found as the result of + the user search. + properties: + uid: + description: UID specifies the name of the attribute in the + LDAP entry which whose value shall be used to uniquely identify + the user within this LDAP provider after a successful authentication. + E.g. "uidNumber" or "objectGUID". The value of this field + is case-sensitive and must match the case of the attribute + name returned by the LDAP server in the user's entry. Distinguished + names can be used by specifying lower-case "dn". + minLength: 1 + type: string + username: + description: Username specifies the name of the attribute + in the LDAP entry whose value shall become the username + of the user after a successful authentication. This would + typically be the same attribute name used in the user search + filter, although it can be different. E.g. "mail" or "uid" + or "userPrincipalName". The value of this field is case-sensitive + and must match the case of the attribute name returned by + the LDAP server in the user's entry. Distinguished names + can be used by specifying lower-case "dn". When this field + is set to "dn" then the LDAPIdentityProviderUserSearch's + Filter field cannot be blank, since the default value of + "dn={}" would not work. + minLength: 1 + type: string + type: object + base: + description: Base is the dn (distinguished name) that should be + used as the search base when searching for users. E.g. "ou=users,dc=example,dc=com". + minLength: 1 + type: string + filter: + description: Filter is the LDAP search filter which should be + applied when searching for users. The pattern "{}" must occur + in the filter at least once and will be dynamically replaced + by the username for which the search is being run. E.g. "mail={}" + or "&(objectClass=person)(uid={})". For more information about + LDAP filters, see https://ldap.com/ldap-filters. Note that the + dn (distinguished name) is not an attribute of an entry, so + "dn={}" cannot be used. Optional. When not specified, the default + will act as if the Filter were specified as the value from Attributes.Username + appended by "={}". When the Attributes.Username is set to "dn" + then the Filter must be explicitly specified, since the default + value of "dn={}" would not work. + type: string + type: object + required: + - host + type: object + status: + description: Status of the identity provider. + properties: + conditions: + description: Represents the observations of an identity provider's + current state. + items: + description: Condition status of a resource (mirrored from the metav1.Condition + type added in Kubernetes 1.19). In a future API version we can + switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + phase: + default: Pending + description: Phase summarizes the overall status of the LDAPIdentityProvider. + enum: + - Pending + - Ready + - Error + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.21/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.21/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml new file mode 100644 index 00000000..8ebd5eb5 --- /dev/null +++ b/generated/1.21/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -0,0 +1,329 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: oidcidentityproviders.idp.supervisor.pinniped.dev +spec: + group: idp.supervisor.pinniped.dev + names: + categories: + - pinniped + - pinniped-idp + - pinniped-idps + kind: OIDCIdentityProvider + listKind: OIDCIdentityProviderList + plural: oidcidentityproviders + singular: oidcidentityprovider + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.issuer + name: Issuer + type: string + - jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: OIDCIdentityProvider describes the configuration of an upstream + OpenID Connect identity provider. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec for configuring the identity provider. + properties: + authorizationConfig: + description: AuthorizationConfig holds information about how to form + the OAuth2 authorization request parameters to be used with this + OIDC identity provider. + properties: + additionalAuthorizeParameters: + description: additionalAuthorizeParameters are extra query parameters + that should be included in the authorize request to your OIDC + provider in the authorization request during an OIDC Authorization + Code Flow. By default, no extra parameters are sent. The standard + parameters that will be sent are "response_type", "scope", "client_id", + "state", "nonce", "code_challenge", "code_challenge_method", + and "redirect_uri". These parameters cannot be included in this + setting. Additionally, the "hd" parameter cannot be included + in this setting at this time. The "hd" parameter is used by + Google's OIDC provider to provide a hint as to which "hosted + domain" the user should use during login. However, Pinniped + does not yet support validating the hosted domain in the resulting + ID token, so it is not yet safe to use this feature of Google's + OIDC provider with Pinniped. This setting does not influence + the parameters sent to the token endpoint in the Resource Owner + Password Credentials Grant. The Pinniped Supervisor requires + that your OIDC provider returns refresh tokens to the Supervisor + from the authorization flows. Some OIDC providers may require + a certain value for the "prompt" parameter in order to properly + request refresh tokens. See the documentation of your OIDC provider's + authorization endpoint for its requirements for what to include + in the request in order to receive a refresh token in the response, + if anything. If your provider requires the prompt parameter + to request a refresh token, then include it here. Also note + that most providers also require a certain scope to be requested + in order to receive refresh tokens. See the additionalScopes + setting for more information about using scopes to request refresh + tokens. + items: + description: Parameter is a key/value pair which represents + a parameter in an HTTP request. + properties: + name: + description: The name of the parameter. Required. + minLength: 1 + type: string + value: + description: The value of the parameter. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + additionalScopes: + description: 'additionalScopes are the additional scopes that + will be requested from your OIDC provider in the authorization + request during an OIDC Authorization Code Flow and in the token + request during a Resource Owner Password Credentials Grant. + Note that the "openid" scope will always be requested regardless + of the value in this setting, since it is always required according + to the OIDC spec. By default, when this field is not set, the + Supervisor will request the following scopes: "openid", "offline_access", + "email", and "profile". See https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims + for a description of the "profile" and "email" scopes. See https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess + for a description of the "offline_access" scope. This default + value may change in future versions of Pinniped as the standard + evolves, or as common patterns used by providers who implement + the standard in the ecosystem evolve. By setting this list to + anything other than an empty list, you are overriding the default + value, so you may wish to include some of "offline_access", + "email", and "profile" in your override list. If you do not + want any of these scopes to be requested, you may set this list + to contain only "openid". Some OIDC providers may also require + a scope to get access to the user''s group membership, in which + case you may wish to include it in this list. Sometimes the + scope to request the user''s group membership is called "groups", + but unfortunately this is not specified in the OIDC standard. + Generally speaking, you should include any scopes required to + cause the appropriate claims to be the returned by your OIDC + provider in the ID token or userinfo endpoint results for those + claims which you would like to use in the oidcClaims settings + to determine the usernames and group memberships of your Kubernetes + users. See your OIDC provider''s documentation for more information + about what scopes are available to request claims. Additionally, + the Pinniped Supervisor requires that your OIDC provider returns + refresh tokens to the Supervisor from these authorization flows. + For most OIDC providers, the scope required to receive refresh + tokens will be "offline_access". See the documentation of your + OIDC provider''s authorization and token endpoints for its requirements + for what to include in the request in order to receive a refresh + token in the response, if anything. Note that it may be safe + to send "offline_access" even to providers which do not require + it, since the provider may ignore scopes that it does not understand + or require (see https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). + In the unusual case that you must avoid sending the "offline_access" + scope, then you must override the default value of this setting. + This is required if your OIDC provider will reject the request + when it includes "offline_access" (e.g. GitLab''s OIDC provider).' + items: + type: string + type: array + allowPasswordGrant: + description: allowPasswordGrant, when true, will allow the use + of OAuth 2.0's Resource Owner Password Credentials Grant (see + https://datatracker.ietf.org/doc/html/rfc6749#section-4.3) to + authenticate to the OIDC provider using a username and password + without a web browser, in addition to the usual browser-based + OIDC Authorization Code Flow. The Resource Owner Password Credentials + Grant is not officially part of the OIDC specification, so it + may not be supported by your OIDC provider. If your OIDC provider + supports returning ID tokens from a Resource Owner Password + Credentials Grant token request, then you can choose to set + this field to true. This will allow end users to choose to present + their username and password to the kubectl CLI (using the Pinniped + plugin) to authenticate to the cluster, without using a web + browser to log in as is customary in OIDC Authorization Code + Flow. This may be convenient for users, especially for identities + from your OIDC provider which are not intended to represent + a human actor, such as service accounts performing actions in + a CI/CD environment. Even if your OIDC provider supports it, + you may wish to disable this behavior by setting this field + to false when you prefer to only allow users of this OIDCIdentityProvider + to log in via the browser-based OIDC Authorization Code Flow. + Using the Resource Owner Password Credentials Grant means that + the Pinniped CLI and Pinniped Supervisor will directly handle + your end users' passwords (similar to LDAPIdentityProvider), + and you will not be able to require multi-factor authentication + or use the other web-based login features of your OIDC provider + during Resource Owner Password Credentials Grant logins. allowPasswordGrant + defaults to false. + type: boolean + type: object + claims: + description: Claims provides the names of token claims that will be + used when inspecting an identity from this OIDC identity provider. + properties: + groups: + description: Groups provides the name of the ID token claim or + userinfo endpoint response claim that will be used to ascertain + the groups to which an identity belongs. By default, the identities + will not include any group memberships when this setting is + not configured. + type: string + username: + description: Username provides the name of the ID token claim + or userinfo endpoint response claim that will be used to ascertain + an identity's username. When not set, the username will be an + automatically constructed unique string which will include the + issuer URL of your OIDC provider along with the value of the + "sub" (subject) claim from the ID token. + type: string + type: object + client: + description: OIDCClient contains OIDC client information to be used + used with this OIDC identity provider. + properties: + secretName: + description: SecretName contains the name of a namespace-local + Secret object that provides the clientID and clientSecret for + an OIDC client. If only the SecretName is specified in an OIDCClient + struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oidc-client" + with keys "clientID" and "clientSecret". + type: string + required: + - secretName + type: object + issuer: + description: Issuer is the issuer URL of this OIDC identity provider, + i.e., where to fetch /.well-known/openid-configuration. + minLength: 1 + pattern: ^https:// + type: string + tls: + description: TLS configuration for discovery/JWKS requests to the + issuer. + properties: + certificateAuthorityData: + description: X.509 Certificate Authority (base64-encoded PEM bundle). + If omitted, a default set of system roots will be trusted. + type: string + type: object + required: + - client + - issuer + type: object + status: + description: Status of the identity provider. + properties: + conditions: + description: Represents the observations of an identity provider's + current state. + items: + description: Condition status of a resource (mirrored from the metav1.Condition + type added in Kubernetes 1.19). In a future API version we can + switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + phase: + default: Pending + description: Phase summarizes the overall status of the OIDCIdentityProvider. + enum: + - Pending + - Ready + - Error + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.22/README.adoc b/generated/1.22/README.adoc new file mode 100644 index 00000000..0e0ab4cb --- /dev/null +++ b/generated/1.22/README.adoc @@ -0,0 +1,1334 @@ +// Generated documentation. Please do not edit. +:anchor_prefix: k8s-api + +[id="{p}-api-reference"] +== API Reference + +.Packages +- xref:{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1[$$authentication.concierge.pinniped.dev/v1alpha1$$] +- xref:{anchor_prefix}-config-concierge-pinniped-dev-v1alpha1[$$config.concierge.pinniped.dev/v1alpha1$$] +- xref:{anchor_prefix}-config-supervisor-pinniped-dev-v1alpha1[$$config.supervisor.pinniped.dev/v1alpha1$$] +- xref:{anchor_prefix}-identity-concierge-pinniped-dev-identity[$$identity.concierge.pinniped.dev/identity$$] +- xref:{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1[$$identity.concierge.pinniped.dev/v1alpha1$$] +- xref:{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1[$$idp.supervisor.pinniped.dev/v1alpha1$$] +- xref:{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1[$$login.concierge.pinniped.dev/v1alpha1$$] + + +[id="{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1"] +=== authentication.concierge.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-condition"] +==== Condition + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) +| *`status`* __ConditionStatus__ | status of the condition, one of True, False, Unknown. +| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. +| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. +| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. +| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-conditionstatus"] +==== ConditionStatus (string) + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-jwtauthenticator"] +==== JWTAuthenticator + +JWTAuthenticator describes the configuration of a JWT authenticator. + Upon receiving a signed JWT, a JWTAuthenticator will performs some validation on it (e.g., valid signature, existence of claims, etc.) and extract the username and groups from the token. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-jwtauthenticatorlist[$$JWTAuthenticatorList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$]__ | Spec for configuring the authenticator. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$]__ | Status of the authenticator. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec"] +==== JWTAuthenticatorSpec + +Spec for configuring a JWT authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`issuer`* __string__ | Issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is also used to validate the "iss" JWT claim. +| *`audience`* __string__ | Audience is the required value of the "aud" JWT claim. +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$]__ | Claims allows customization of the claims that will be mapped to user identity for Kubernetes access. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for communicating with the OIDC provider. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus"] +==== JWTAuthenticatorStatus + +Status of a JWT authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-jwttokenclaims"] +==== JWTTokenClaims + +JWTTokenClaims allows customization of the claims that will be mapped to user identity for Kubernetes access. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`groups`* __string__ | Groups is the name of the claim which should be read to extract the user's group membership from the JWT token. When not specified, it will default to "groups". +| *`username`* __string__ | Username is the name of the claim which should be read to extract the username from the JWT token. When not specified, it will default to "username". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-tlsspec"] +==== TLSSpec + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-webhookauthenticator"] +==== WebhookAuthenticator + +WebhookAuthenticator describes the configuration of a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] +==== WebhookAuthenticatorSpec + +Spec for configuring a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`endpoint`* __string__ | Webhook server endpoint URL. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] +==== WebhookAuthenticatorStatus + +Status of a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +|=== + + + +[id="{anchor_prefix}-config-concierge-pinniped-dev-v1alpha1"] +=== config.concierge.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuer"] +==== CredentialIssuer + +CredentialIssuer describes the configuration and status of the Pinniped Concierge credential issuer. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$]__ | Spec describes the intended configuration of the Concierge. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | CredentialIssuerStatus describes the status of the Concierge. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerfrontend"] +==== CredentialIssuerFrontend + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __FrontendType__ | Type describes which frontend mechanism clients can use with a strategy. +| *`tokenCredentialRequestInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo[$$TokenCredentialRequestAPIInfo$$]__ | TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. This field is only set when Type is "TokenCredentialRequestAPI". +| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-impersonationproxyinfo[$$ImpersonationProxyInfo$$]__ | ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. This field is only set when Type is "ImpersonationProxy". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"] +==== CredentialIssuerKubeConfigInfo + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`server`* __string__ | The K8s API server URL. +| *`certificateAuthorityData`* __string__ | The K8s API server CA bundle. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerspec"] +==== CredentialIssuerSpec + +CredentialIssuerSpec describes the intended configuration of the Concierge. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`impersonationProxy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$]__ | ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerstatus"] +==== CredentialIssuerStatus + +CredentialIssuerStatus describes the status of the Concierge. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. +| *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. This field is deprecated and will be removed in a future version. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerstrategy"] +==== CredentialIssuerStrategy + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __StrategyType__ | Type of integration attempted. +| *`status`* __StrategyStatus__ | Status of the attempted integration strategy. +| *`reason`* __StrategyReason__ | Reason for the current status. +| *`message`* __string__ | Human-readable description of the current status. +| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#time-v1-meta[$$Time$$]__ | When the status was last checked. +| *`frontend`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$]__ | Frontend describes how clients can connect using this strategy. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-impersonationproxyinfo"] +==== ImpersonationProxyInfo + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`endpoint`* __string__ | Endpoint is the HTTPS endpoint of the impersonation proxy. +| *`certificateAuthorityData`* __string__ | CertificateAuthorityData is the base64-encoded PEM CA bundle of the impersonation proxy. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-impersonationproxymode"] +==== ImpersonationProxyMode (string) + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-impersonationproxyservicespec"] +==== ImpersonationProxyServiceSpec + +ImpersonationProxyServiceSpec describes how the Concierge should provision a Service to expose the impersonation proxy. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __ImpersonationProxyServiceType__ | Type specifies the type of Service to provision for the impersonation proxy. + If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. +| *`loadBalancerIP`* __string__ | LoadBalancerIP specifies the IP address to set in the spec.loadBalancerIP field of the provisioned Service. This is not supported on all cloud providers. +| *`annotations`* __object (keys:string, values:string)__ | Annotations specifies zero or more key/value pairs to set as annotations on the provisioned Service. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-impersonationproxyservicetype"] +==== ImpersonationProxyServiceType (string) + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-impersonationproxyspec"] +==== ImpersonationProxySpec + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`mode`* __ImpersonationProxyMode__ | Mode configures whether the impersonation proxy should be started: - "disabled" explicitly disables the impersonation proxy. This is the default. - "enabled" explicitly enables the impersonation proxy. - "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. +| *`service`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$]__ | Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. +| *`externalEndpoint`* __string__ | ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will be served using the external name of the LoadBalancer service or the cluster service DNS name. + This field must be non-empty when spec.impersonationProxy.service.type is "None". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo"] +==== TokenCredentialRequestAPIInfo + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`server`* __string__ | Server is the Kubernetes API server URL. +| *`certificateAuthorityData`* __string__ | CertificateAuthorityData is the base64-encoded Kubernetes API server CA bundle. +|=== + + + +[id="{anchor_prefix}-config-supervisor-pinniped-dev-v1alpha1"] +=== config.supervisor.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuration API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-federationdomain"] +==== FederationDomain + +FederationDomain describes the configuration of an OIDC provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-federationdomainlist[$$FederationDomainList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$]__ | Spec of the OIDC provider. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$]__ | Status of the OIDC provider. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-federationdomainsecrets"] +==== FederationDomainSecrets + +FederationDomainSecrets holds information about this OIDC Provider's secrets. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`jwks`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are stored. If it is empty, then the signing/verification keys are either unknown or they don't exist. +| *`tokenSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for signing tokens is stored. +| *`stateSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for signing state parameters is stored. +| *`stateEncryptionKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for encrypting state parameters is stored. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-federationdomainspec"] +==== FederationDomainSpec + +FederationDomainSpec is a struct that describes an OIDC Provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`issuer`* __string__ | Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the identifier that it will use for the iss claim in issued JWTs. This field will also be used as the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is https://example.com/foo, then your authorization endpoint will look like https://example.com/foo/some/path/to/auth/endpoint). + See https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-federationdomaintlsspec[$$FederationDomainTLSSpec$$]__ | TLS configures how this FederationDomain is served over Transport Layer Security (TLS). +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-federationdomainstatus"] +==== FederationDomainStatus + +FederationDomainStatus is a struct that describes the actual state of an OIDC Provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`status`* __FederationDomainStatusCondition__ | Status holds an enum that describes the state of this OIDC Provider. Note that this Status can represent success or failure. +| *`message`* __string__ | Message provides human-readable details about the Status. +| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#time-v1-meta[$$Time$$]__ | LastUpdateTime holds the time at which the Status was last updated. It is a pointer to get around some undesirable behavior with respect to the empty metav1.Time value (see https://github.com/kubernetes/kubernetes/issues/86811). +| *`secrets`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-federationdomainsecrets[$$FederationDomainSecrets$$]__ | Secrets contains information about this OIDC Provider's secrets. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-federationdomaintlsspec"] +==== FederationDomainTLSSpec + +FederationDomainTLSSpec is a struct that describes the TLS configuration for an OIDC Provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`secretName`* __string__ | SecretName is an optional name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains the TLS serving certificate for the HTTPS endpoints served by this FederationDomain. When provided, the TLS Secret named here must contain keys named `tls.crt` and `tls.key` that contain the certificate and private key to use for TLS. + Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) supported by all major browsers. + SecretName is required if you would like to use different TLS certificates for issuers of different hostnames. SNI requests do not include port numbers, so all issuers with the same DNS hostname must use the same SecretName value even if they have different port numbers. + SecretName is not required when you would like to use only the HTTP endpoints (e.g. when terminating TLS at an Ingress). It is also not required when you would like all requests to this OIDC Provider's HTTPS endpoints to use the default TLS certificate, which is configured elsewhere. + When your Issuer URL's host is an IP address, then this field is ignored. SNI does not work for IP addresses. +|=== + + + +[id="{anchor_prefix}-identity-concierge-pinniped-dev-identity"] +=== identity.concierge.pinniped.dev/identity + +Package identity is the internal version of the Pinniped identity API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-extravalue"] +==== ExtraValue + +ExtraValue masks the value so protobuf can generate + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-userinfo[$$UserInfo$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-kubernetesuserinfo"] +==== KubernetesUserInfo + +KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. Copied from the Kubernetes token review API. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`User`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. +| *`Audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-userinfo"] +==== UserInfo + +UserInfo holds the information about the user needed to implement the user.Info interface. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`Username`* __string__ | The name that uniquely identifies this user among all active users. +| *`UID`* __string__ | A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs. +| *`Groups`* __string array__ | The names of groups this user is a part of. +| *`Extra`* __object (keys:string, values:string array)__ | Any additional information provided by the authenticator. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-whoamirequest"] +==== WhoAmIRequest + +WhoAmIRequest submits a request to echo back the current authenticated user. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-whoamirequestlist[$$WhoAmIRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#objectmeta-v1-meta[$$ObjectMeta$$]__ | +| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | +| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | +|=== + + + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-whoamirequeststatus"] +==== WhoAmIRequestStatus + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`KubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. +|=== + + + +[id="{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1"] +=== identity.concierge.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-v1alpha1-extravalue"] +==== ExtraValue + +ExtraValue masks the value so protobuf can generate + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-v1alpha1-kubernetesuserinfo"] +==== KubernetesUserInfo + +KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. Copied from the Kubernetes token review API. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`user`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. +| *`audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-v1alpha1-userinfo"] +==== UserInfo + +UserInfo holds the information about the user needed to implement the user.Info interface. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`username`* __string__ | The name that uniquely identifies this user among all active users. +| *`uid`* __string__ | A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs. +| *`groups`* __string array__ | The names of groups this user is a part of. +| *`extra`* __object (keys:string, values:string array)__ | Any additional information provided by the authenticator. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-v1alpha1-whoamirequest"] +==== WhoAmIRequest + +WhoAmIRequest submits a request to echo back the current authenticated user. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-v1alpha1-whoamirequestlist[$$WhoAmIRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-v1alpha1-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | +|=== + + + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-v1alpha1-whoamirequeststatus"] +==== WhoAmIRequestStatus + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`kubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. +|=== + + + +[id="{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1"] +=== idp.supervisor.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor identity provider (IDP) API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider"] +==== ActiveDirectoryIdentityProvider + +ActiveDirectoryIdentityProvider describes the configuration of an upstream Microsoft Active Directory identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderlist[$$ActiveDirectoryIdentityProviderList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$]__ | Spec for configuring the identity provider. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$]__ | Status of the identity provider. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind"] +==== ActiveDirectoryIdentityProviderBind + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the username and password for an Active Directory bind user. This account will be used to perform LDAP searches. The Secret should be of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". The password must be non-empty. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch"] +==== ActiveDirectoryIdentityProviderGroupSearch + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. "ou=groups,dc=example,dc=com". Optional, when not specified it will be based on the result of a query for the defaultNamingContext (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). The default behavior searches your entire domain for groups. It may make sense to specify a subtree as a search base if you wish to exclude some groups for security reasons or to make searches faster. +| *`filter`* __string__ | Filter is the ActiveDirectory search filter which should be applied when searching for groups for a user. The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the dn (distinguished name) of the user entry found as a result of the user search. E.g. "member={}" or "&(objectClass=groupOfNames)(member={})". For more information about ActiveDirectory filters, see https://ldap.com/ldap-filters. Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. Optional. When not specified, the default will act as if the filter were specified as "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={})". This searches nested groups by default. Note that nested group search can be slow for some Active Directory servers. To disable it, you can set the filter to "(&(objectClass=group)(member={})" +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes[$$ActiveDirectoryIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as the result of the group search. +| *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor to obtain new credentials (as their old credentials expire). This allows group membership changes to be quickly reflected into Kubernetes clusters. Since group membership is often used to bind authorization policies, it is important to keep the groups observed in Kubernetes clusters in-sync with the identity provider. + In some environments, frequent group membership queries may result in a significant performance impact on the identity provider and/or the supervisor. The best approach to handle performance impacts is to tweak the group query to be more performant, for example by disabling nested group search or by using a more targeted group search base. + If the group search query cannot be made performant and you are willing to have group memberships remain static for approximately a day, then set skipGroupRefresh to true. This is an insecure configuration as authorization policies that are bound to group membership will not notice if a user has been removed from a particular group until their next login. + This is an experimental feature that may be removed or significantly altered in the future. Consumers of this configuration should carefully read all release notes before upgrading to ensure that the meaning of this field has not changed. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes"] +==== ActiveDirectoryIdentityProviderGroupSearchAttributes + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`groupName`* __string__ | GroupName specifies the name of the attribute in the Active Directory entries whose value shall become a group name in the user's list of groups after a successful authentication. The value of this field is case-sensitive and must match the case of the attribute name returned by the ActiveDirectory server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". Optional. When not specified, this defaults to a custom field that looks like "sAMAccountName@domain", where domain is constructed from the domain components of the group DN. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec"] +==== ActiveDirectoryIdentityProviderSpec + +Spec for configuring an ActiveDirectory identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`host`* __string__ | Host is the hostname of this Active Directory identity provider, i.e., where to connect. For example: ldap.example.com:636. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. +| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind[$$ActiveDirectoryIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. +| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in Active Directory. +| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus"] +==== ActiveDirectoryIdentityProviderStatus + +Status of an Active Directory identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`phase`* __ActiveDirectoryIdentityProviderPhase__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch"] +==== ActiveDirectoryIdentityProviderUserSearch + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for users. E.g. "ou=users,dc=example,dc=com". Optional, when not specified it will be based on the result of a query for the defaultNamingContext (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). The default behavior searches your entire domain for users. It may make sense to specify a subtree as a search base if you wish to exclude some users or to make searches faster. +| *`filter`* __string__ | Filter is the search filter which should be applied when searching for users. The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the username for which the search is being run. E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see https://ldap.com/ldap-filters. Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. Optional. When not specified, the default will be '(&(objectClass=person)(!(objectClass=computer))(!(showInAdvancedViewOnly=TRUE))(|(sAMAccountName={}")(mail={})(userPrincipalName={})(sAMAccountType=805306368))' This means that the user is a person, is not a computer, the sAMAccountType is for a normal user account, and is not shown in advanced view only (which would likely mean its a system created service account with advanced permissions). Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes[$$ActiveDirectoryIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as the result of the user search. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes"] +==== ActiveDirectoryIdentityProviderUserSearchAttributes + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`username`* __string__ | Username specifies the name of the attribute in Active Directory entry whose value shall become the username of the user after a successful authentication. Optional, when empty this defaults to "userPrincipalName". +| *`uid`* __string__ | UID specifies the name of the attribute in the ActiveDirectory entry which whose value shall be used to uniquely identify the user within this ActiveDirectory provider after a successful authentication. Optional, when empty this defaults to "objectGUID". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-condition"] +==== Condition + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) +| *`status`* __ConditionStatus__ | status of the condition, one of True, False, Unknown. +| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. +| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. +| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. +| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-conditionstatus"] +==== ConditionStatus (string) + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] +==== LDAPIdentityProvider + +LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access Protocol (LDAP) identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderlist[$$LDAPIdentityProviderList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$]__ | Spec for configuring the identity provider. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$]__ | Status of the identity provider. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind"] +==== LDAPIdentityProviderBind + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the username and password for an LDAP bind user. This account will be used to perform LDAP searches. The Secret should be of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". The password must be non-empty. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch"] +==== LDAPIdentityProviderGroupSearch + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. "ou=groups,dc=example,dc=com". When not specified, no group search will be performed and authenticated users will not belong to any groups from the LDAP provider. Also, when not specified, the values of Filter and Attributes are ignored. +| *`filter`* __string__ | Filter is the LDAP search filter which should be applied when searching for groups for a user. The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the dn (distinguished name) of the user entry found as a result of the user search. E.g. "member={}" or "&(objectClass=groupOfNames)(member={})". For more information about LDAP filters, see https://ldap.com/ldap-filters. Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. Optional. When not specified, the default will act as if the Filter were specified as "member={}". +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes[$$LDAPIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each LDAP entry which was found as the result of the group search. +| *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor to obtain new credentials (as their old credentials expire). This allows group membership changes to be quickly reflected into Kubernetes clusters. Since group membership is often used to bind authorization policies, it is important to keep the groups observed in Kubernetes clusters in-sync with the identity provider. + In some environments, frequent group membership queries may result in a significant performance impact on the identity provider and/or the supervisor. The best approach to handle performance impacts is to tweak the group query to be more performant, for example by disabling nested group search or by using a more targeted group search base. + If the group search query cannot be made performant and you are willing to have group memberships remain static for approximately a day, then set skipGroupRefresh to true. This is an insecure configuration as authorization policies that are bound to group membership will not notice if a user has been removed from a particular group until their next login. + This is an experimental feature that may be removed or significantly altered in the future. Consumers of this configuration should carefully read all release notes before upgrading to ensure that the meaning of this field has not changed. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes"] +==== LDAPIdentityProviderGroupSearchAttributes + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`groupName`* __string__ | GroupName specifies the name of the attribute in the LDAP entries whose value shall become a group name in the user's list of groups after a successful authentication. The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". Optional. When not specified, the default will act as if the GroupName were specified as "dn" (distinguished name). +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec"] +==== LDAPIdentityProviderSpec + +Spec for configuring an LDAP identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`host`* __string__ | Host is the hostname of this LDAP identity provider, i.e., where to connect. For example: ldap.example.com:636. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. +| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind[$$LDAPIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. +| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in the LDAP provider. +| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus"] +==== LDAPIdentityProviderStatus + +Status of an LDAP identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`phase`* __LDAPIdentityProviderPhase__ | Phase summarizes the overall status of the LDAPIdentityProvider. +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch"] +==== LDAPIdentityProviderUserSearch + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for users. E.g. "ou=users,dc=example,dc=com". +| *`filter`* __string__ | Filter is the LDAP search filter which should be applied when searching for users. The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the username for which the search is being run. E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see https://ldap.com/ldap-filters. Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. Optional. When not specified, the default will act as if the Filter were specified as the value from Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be explicitly specified, since the default value of "dn={}" would not work. +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes[$$LDAPIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the LDAP entry which was found as the result of the user search. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes"] +==== LDAPIdentityProviderUserSearchAttributes + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`username`* __string__ | Username specifies the name of the attribute in the LDAP entry whose value shall become the username of the user after a successful authentication. This would typically be the same attribute name used in the user search filter, although it can be different. E.g. "mail" or "uid" or "userPrincipalName". The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP server in the user's entry. Distinguished names can be used by specifying lower-case "dn". When this field is set to "dn" then the LDAPIdentityProviderUserSearch's Filter field cannot be blank, since the default value of "dn={}" would not work. +| *`uid`* __string__ | UID specifies the name of the attribute in the LDAP entry which whose value shall be used to uniquely identify the user within this LDAP provider after a successful authentication. E.g. "uidNumber" or "objectGUID". The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP server in the user's entry. Distinguished names can be used by specifying lower-case "dn". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig"] +==== OIDCAuthorizationConfig + +OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization request parameters. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`additionalScopes`* __string array__ | additionalScopes are the additional scopes that will be requested from your OIDC provider in the authorization request during an OIDC Authorization Code Flow and in the token request during a Resource Owner Password Credentials Grant. Note that the "openid" scope will always be requested regardless of the value in this setting, since it is always required according to the OIDC spec. By default, when this field is not set, the Supervisor will request the following scopes: "openid", "offline_access", "email", and "profile". See https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims for a description of the "profile" and "email" scopes. See https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess for a description of the "offline_access" scope. This default value may change in future versions of Pinniped as the standard evolves, or as common patterns used by providers who implement the standard in the ecosystem evolve. By setting this list to anything other than an empty list, you are overriding the default value, so you may wish to include some of "offline_access", "email", and "profile" in your override list. If you do not want any of these scopes to be requested, you may set this list to contain only "openid". Some OIDC providers may also require a scope to get access to the user's group membership, in which case you may wish to include it in this list. Sometimes the scope to request the user's group membership is called "groups", but unfortunately this is not specified in the OIDC standard. Generally speaking, you should include any scopes required to cause the appropriate claims to be the returned by your OIDC provider in the ID token or userinfo endpoint results for those claims which you would like to use in the oidcClaims settings to determine the usernames and group memberships of your Kubernetes users. See your OIDC provider's documentation for more information about what scopes are available to request claims. Additionally, the Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the Supervisor from these authorization flows. For most OIDC providers, the scope required to receive refresh tokens will be "offline_access". See the documentation of your OIDC provider's authorization and token endpoints for its requirements for what to include in the request in order to receive a refresh token in the response, if anything. Note that it may be safe to send "offline_access" even to providers which do not require it, since the provider may ignore scopes that it does not understand or require (see https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the "offline_access" scope, then you must override the default value of this setting. This is required if your OIDC provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). +| *`additionalAuthorizeParameters`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-parameter[$$Parameter$$] array__ | additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", "state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be included in this setting. Additionally, the "hd" parameter cannot be included in this setting at this time. The "hd" parameter is used by Google's OIDC provider to provide a hint as to which "hosted domain" the user should use during login. However, Pinniped does not yet support validating the hosted domain in the resulting ID token, so it is not yet safe to use this feature of Google's OIDC provider with Pinniped. This setting does not influence the parameters sent to the token endpoint in the Resource Owner Password Credentials Grant. The Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the Supervisor from the authorization flows. Some OIDC providers may require a certain value for the "prompt" parameter in order to properly request refresh tokens. See the documentation of your OIDC provider's authorization endpoint for its requirements for what to include in the request in order to receive a refresh token in the response, if anything. If your provider requires the prompt parameter to request a refresh token, then include it here. Also note that most providers also require a certain scope to be requested in order to receive refresh tokens. See the additionalScopes setting for more information about using scopes to request refresh tokens. +| *`allowPasswordGrant`* __boolean__ | allowPasswordGrant, when true, will allow the use of OAuth 2.0's Resource Owner Password Credentials Grant (see https://datatracker.ietf.org/doc/html/rfc6749#section-4.3) to authenticate to the OIDC provider using a username and password without a web browser, in addition to the usual browser-based OIDC Authorization Code Flow. The Resource Owner Password Credentials Grant is not officially part of the OIDC specification, so it may not be supported by your OIDC provider. If your OIDC provider supports returning ID tokens from a Resource Owner Password Credentials Grant token request, then you can choose to set this field to true. This will allow end users to choose to present their username and password to the kubectl CLI (using the Pinniped plugin) to authenticate to the cluster, without using a web browser to log in as is customary in OIDC Authorization Code Flow. This may be convenient for users, especially for identities from your OIDC provider which are not intended to represent a human actor, such as service accounts performing actions in a CI/CD environment. Even if your OIDC provider supports it, you may wish to disable this behavior by setting this field to false when you prefer to only allow users of this OIDCIdentityProvider to log in via the browser-based OIDC Authorization Code Flow. Using the Resource Owner Password Credentials Grant means that the Pinniped CLI and Pinniped Supervisor will directly handle your end users' passwords (similar to LDAPIdentityProvider), and you will not be able to require multi-factor authentication or use the other web-based login features of your OIDC provider during Resource Owner Password Credentials Grant logins. allowPasswordGrant defaults to false. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcclaims"] +==== OIDCClaims + +OIDCClaims provides a mapping from upstream claims into identities. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`groups`* __string__ | Groups provides the name of the ID token claim or userinfo endpoint response claim that will be used to ascertain the groups to which an identity belongs. By default, the identities will not include any group memberships when this setting is not configured. +| *`username`* __string__ | Username provides the name of the ID token claim or userinfo endpoint response claim that will be used to ascertain an identity's username. When not set, the username will be an automatically constructed unique string which will include the issuer URL of your OIDC provider along with the value of the "sub" (subject) claim from the ID token. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcclient"] +==== OIDCClient + +OIDCClient contains information about an OIDC client (e.g., client ID and client secret). + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the clientID and clientSecret for an OIDC client. If only the SecretName is specified in an OIDCClient struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oidc-client" with keys "clientID" and "clientSecret". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcidentityprovider"] +==== OIDCIdentityProvider + +OIDCIdentityProvider describes the configuration of an upstream OpenID Connect identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcidentityproviderlist[$$OIDCIdentityProviderList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$]__ | Spec for configuring the identity provider. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$]__ | Status of the identity provider. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec"] +==== OIDCIdentityProviderSpec + +OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`issuer`* __string__ | Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch /.well-known/openid-configuration. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for discovery/JWKS requests to the issuer. +| *`authorizationConfig`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$]__ | AuthorizationConfig holds information about how to form the OAuth2 authorization request parameters to be used with this OIDC identity provider. +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcclaims[$$OIDCClaims$$]__ | Claims provides the names of token claims that will be used when inspecting an identity from this OIDC identity provider. +| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcclient[$$OIDCClient$$]__ | OIDCClient contains OIDC client information to be used used with this OIDC identity provider. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus"] +==== OIDCIdentityProviderStatus + +OIDCIdentityProviderStatus is the status of an OIDC identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`phase`* __OIDCIdentityProviderPhase__ | Phase summarizes the overall status of the OIDCIdentityProvider. +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-parameter"] +==== Parameter + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`name`* __string__ | The name of the parameter. Required. +| *`value`* __string__ | The value of the parameter. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-tlsspec"] +==== TLSSpec + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. +|=== + + + +[id="{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1"] +=== login.concierge.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped login API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-login-v1alpha1-clustercredential"] +==== ClusterCredential + +ClusterCredential is the cluster-specific credential returned on a successful credential request. It contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`expirationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#time-v1-meta[$$Time$$]__ | ExpirationTimestamp indicates a time when the provided credentials expire. +| *`token`* __string__ | Token is a bearer token used by the client for request authentication. +| *`clientCertificateData`* __string__ | PEM-encoded client TLS certificates (including intermediates, if any). +| *`clientKeyData`* __string__ | PEM-encoded private key for the above certificate. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-login-v1alpha1-tokencredentialrequest"] +==== TokenCredentialRequest + +TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-login-v1alpha1-tokencredentialrequestlist[$$TokenCredentialRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-login-v1alpha1-tokencredentialrequestspec[$$TokenCredentialRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$]__ | +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-login-v1alpha1-tokencredentialrequestspec"] +==== TokenCredentialRequestSpec + +TokenCredentialRequestSpec is the specification of a TokenCredentialRequest, expected on requests to the Pinniped API. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`token`* __string__ | Bearer token supplied with the credential request. +| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-login-v1alpha1-tokencredentialrequeststatus"] +==== TokenCredentialRequestStatus + +TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`credential`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-concierge-login-v1alpha1-clustercredential[$$ClusterCredential$$]__ | A Credential will be returned for a successful credential request. +| *`message`* __string__ | An error message will be returned for an unsuccessful credential request. +|=== + + diff --git a/generated/1.22/apis/concierge/authentication/v1alpha1/doc.go b/generated/1.22/apis/concierge/authentication/v1alpha1/doc.go new file mode 100644 index 00000000..d00d3ba6 --- /dev/null +++ b/generated/1.22/apis/concierge/authentication/v1alpha1/doc.go @@ -0,0 +1,10 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:defaulter-gen=TypeMeta +// +groupName=authentication.concierge.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. +package v1alpha1 diff --git a/generated/1.22/apis/concierge/authentication/v1alpha1/register.go b/generated/1.22/apis/concierge/authentication/v1alpha1/register.go new file mode 100644 index 00000000..f58039e4 --- /dev/null +++ b/generated/1.22/apis/concierge/authentication/v1alpha1/register.go @@ -0,0 +1,45 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "authentication.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &WebhookAuthenticator{}, + &WebhookAuthenticatorList{}, + &JWTAuthenticator{}, + &JWTAuthenticatorList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.22/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.22/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go new file mode 100644 index 00000000..a8596b22 --- /dev/null +++ b/generated/1.22/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -0,0 +1,85 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// Status of a JWT authenticator. +type JWTAuthenticatorStatus struct { + // Represents the observations of the authenticator's current state. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} + +// Spec for configuring a JWT authenticator. +type JWTAuthenticatorSpec struct { + // Issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is + // also used to validate the "iss" JWT claim. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://` + Issuer string `json:"issuer"` + + // Audience is the required value of the "aud" JWT claim. + // +kubebuilder:validation:MinLength=1 + Audience string `json:"audience"` + + // Claims allows customization of the claims that will be mapped to user identity + // for Kubernetes access. + // +optional + Claims JWTTokenClaims `json:"claims"` + + // TLS configuration for communicating with the OIDC provider. + // +optional + TLS *TLSSpec `json:"tls,omitempty"` +} + +// JWTTokenClaims allows customization of the claims that will be mapped to user identity +// for Kubernetes access. +type JWTTokenClaims struct { + // Groups is the name of the claim which should be read to extract the user's + // group membership from the JWT token. When not specified, it will default to "groups". + // +optional + Groups string `json:"groups"` + + // Username is the name of the claim which should be read to extract the + // username from the JWT token. When not specified, it will default to "username". + // +optional + Username string `json:"username"` +} + +// JWTAuthenticator describes the configuration of a JWT authenticator. +// +// Upon receiving a signed JWT, a JWTAuthenticator will performs some validation on it (e.g., valid +// signature, existence of claims, etc.) and extract the username and groups from the token. +// +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped;pinniped-authenticator;pinniped-authenticators,scope=Cluster +// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer` +// +kubebuilder:printcolumn:name="Audience",type=string,JSONPath=`.spec.audience` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type JWTAuthenticator struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec for configuring the authenticator. + Spec JWTAuthenticatorSpec `json:"spec"` + + // Status of the authenticator. + Status JWTAuthenticatorStatus `json:"status,omitempty"` +} + +// List of JWTAuthenticator objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type JWTAuthenticatorList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []JWTAuthenticator `json:"items"` +} diff --git a/generated/1.22/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/1.22/apis/concierge/authentication/v1alpha1/types_meta.go new file mode 100644 index 00000000..76a7d547 --- /dev/null +++ b/generated/1.22/apis/concierge/authentication/v1alpha1/types_meta.go @@ -0,0 +1,75 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// ConditionStatus is effectively an enum type for Condition.Status. +type ConditionStatus string + +// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. +// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes +// can't decide if a resource is in the condition or not. In the future, we could add other +// intermediate conditions, e.g. ConditionDegraded. +const ( + ConditionTrue ConditionStatus = "True" + ConditionFalse ConditionStatus = "False" + ConditionUnknown ConditionStatus = "Unknown" +) + +// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API +// version we can switch to using the upstream type. +// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. +type Condition struct { + // type of condition in CamelCase or in foo.example.com/CamelCase. + // --- + // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + // useful (see .node.status.conditions), the ability to deconflict is important. + // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` + // +kubebuilder:validation:MaxLength=316 + Type string `json:"type"` + + // status of the condition, one of True, False, Unknown. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Enum=True;False;Unknown + Status ConditionStatus `json:"status"` + + // observedGeneration represents the .metadata.generation that the condition was set based upon. + // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + // with respect to the current state of the instance. + // +optional + // +kubebuilder:validation:Minimum=0 + ObservedGeneration int64 `json:"observedGeneration,omitempty"` + + // lastTransitionTime is the last time the condition transitioned from one status to another. + // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Type=string + // +kubebuilder:validation:Format=date-time + LastTransitionTime metav1.Time `json:"lastTransitionTime"` + + // reason contains a programmatic identifier indicating the reason for the condition's last transition. + // Producers of specific condition types may define expected values and meanings for this field, + // and whether the values are considered a guaranteed API. + // The value should be a CamelCase string. + // This field may not be empty. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:MaxLength=1024 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` + Reason string `json:"reason"` + + // message is a human readable message indicating details about the transition. + // This may be an empty string. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:MaxLength=32768 + Message string `json:"message"` +} diff --git a/generated/1.22/apis/concierge/authentication/v1alpha1/types_tls.go b/generated/1.22/apis/concierge/authentication/v1alpha1/types_tls.go new file mode 100644 index 00000000..12231665 --- /dev/null +++ b/generated/1.22/apis/concierge/authentication/v1alpha1/types_tls.go @@ -0,0 +1,11 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +// Configuration for configuring TLS on various authenticators. +type TLSSpec struct { + // X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + // +optional + CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` +} diff --git a/generated/1.22/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.22/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go new file mode 100644 index 00000000..77b1e045 --- /dev/null +++ b/generated/1.22/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -0,0 +1,56 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// Status of a webhook authenticator. +type WebhookAuthenticatorStatus struct { + // Represents the observations of the authenticator's current state. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} + +// Spec for configuring a webhook authenticator. +type WebhookAuthenticatorSpec struct { + // Webhook server endpoint URL. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://` + Endpoint string `json:"endpoint"` + + // TLS configuration. + // +optional + TLS *TLSSpec `json:"tls,omitempty"` +} + +// WebhookAuthenticator describes the configuration of a webhook authenticator. +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped;pinniped-authenticator;pinniped-authenticators,scope=Cluster +// +kubebuilder:printcolumn:name="Endpoint",type=string,JSONPath=`.spec.endpoint` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type WebhookAuthenticator struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec for configuring the authenticator. + Spec WebhookAuthenticatorSpec `json:"spec"` + + // Status of the authenticator. + Status WebhookAuthenticatorStatus `json:"status,omitempty"` +} + +// List of WebhookAuthenticator objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type WebhookAuthenticatorList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []WebhookAuthenticator `json:"items"` +} diff --git a/generated/1.22/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.22/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..883959bf --- /dev/null +++ b/generated/1.22/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,273 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Condition) DeepCopyInto(out *Condition) { + *out = *in + in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. +func (in *Condition) DeepCopy() *Condition { + if in == nil { + return nil + } + out := new(Condition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWTAuthenticator) DeepCopyInto(out *JWTAuthenticator) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticator. +func (in *JWTAuthenticator) DeepCopy() *JWTAuthenticator { + if in == nil { + return nil + } + out := new(JWTAuthenticator) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *JWTAuthenticator) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWTAuthenticatorList) DeepCopyInto(out *JWTAuthenticatorList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]JWTAuthenticator, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorList. +func (in *JWTAuthenticatorList) DeepCopy() *JWTAuthenticatorList { + if in == nil { + return nil + } + out := new(JWTAuthenticatorList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *JWTAuthenticatorList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWTAuthenticatorSpec) DeepCopyInto(out *JWTAuthenticatorSpec) { + *out = *in + out.Claims = in.Claims + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(TLSSpec) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorSpec. +func (in *JWTAuthenticatorSpec) DeepCopy() *JWTAuthenticatorSpec { + if in == nil { + return nil + } + out := new(JWTAuthenticatorSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWTAuthenticatorStatus) DeepCopyInto(out *JWTAuthenticatorStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorStatus. +func (in *JWTAuthenticatorStatus) DeepCopy() *JWTAuthenticatorStatus { + if in == nil { + return nil + } + out := new(JWTAuthenticatorStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWTTokenClaims) DeepCopyInto(out *JWTTokenClaims) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTTokenClaims. +func (in *JWTTokenClaims) DeepCopy() *JWTTokenClaims { + if in == nil { + return nil + } + out := new(JWTTokenClaims) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSSpec) DeepCopyInto(out *TLSSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSSpec. +func (in *TLSSpec) DeepCopy() *TLSSpec { + if in == nil { + return nil + } + out := new(TLSSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookAuthenticator) DeepCopyInto(out *WebhookAuthenticator) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticator. +func (in *WebhookAuthenticator) DeepCopy() *WebhookAuthenticator { + if in == nil { + return nil + } + out := new(WebhookAuthenticator) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WebhookAuthenticator) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookAuthenticatorList) DeepCopyInto(out *WebhookAuthenticatorList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]WebhookAuthenticator, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorList. +func (in *WebhookAuthenticatorList) DeepCopy() *WebhookAuthenticatorList { + if in == nil { + return nil + } + out := new(WebhookAuthenticatorList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WebhookAuthenticatorList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookAuthenticatorSpec) DeepCopyInto(out *WebhookAuthenticatorSpec) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(TLSSpec) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorSpec. +func (in *WebhookAuthenticatorSpec) DeepCopy() *WebhookAuthenticatorSpec { + if in == nil { + return nil + } + out := new(WebhookAuthenticatorSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorStatus. +func (in *WebhookAuthenticatorStatus) DeepCopy() *WebhookAuthenticatorStatus { + if in == nil { + return nil + } + out := new(WebhookAuthenticatorStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.22/apis/concierge/config/v1alpha1/doc.go b/generated/1.22/apis/concierge/config/v1alpha1/doc.go new file mode 100644 index 00000000..97b2f212 --- /dev/null +++ b/generated/1.22/apis/concierge/config/v1alpha1/doc.go @@ -0,0 +1,10 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:defaulter-gen=TypeMeta +// +groupName=config.concierge.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration API. +package v1alpha1 diff --git a/generated/1.22/apis/concierge/config/v1alpha1/register.go b/generated/1.22/apis/concierge/config/v1alpha1/register.go new file mode 100644 index 00000000..8d799898 --- /dev/null +++ b/generated/1.22/apis/concierge/config/v1alpha1/register.go @@ -0,0 +1,43 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "config.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &CredentialIssuer{}, + &CredentialIssuerList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.22/apis/concierge/config/v1alpha1/types_credentialissuer.go b/generated/1.22/apis/concierge/config/v1alpha1/types_credentialissuer.go new file mode 100644 index 00000000..d1cb160b --- /dev/null +++ b/generated/1.22/apis/concierge/config/v1alpha1/types_credentialissuer.go @@ -0,0 +1,244 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// StrategyType enumerates a type of "strategy" used to implement credential access on a cluster. +// +kubebuilder:validation:Enum=KubeClusterSigningCertificate;ImpersonationProxy +type StrategyType string + +// FrontendType enumerates a type of "frontend" used to provide access to users of a cluster. +// +kubebuilder:validation:Enum=TokenCredentialRequestAPI;ImpersonationProxy +type FrontendType string + +// StrategyStatus enumerates whether a strategy is working on a cluster. +// +kubebuilder:validation:Enum=Success;Error +type StrategyStatus string + +// StrategyReason enumerates the detailed reason why a strategy is in a particular status. +// +kubebuilder:validation:Enum=Listening;Pending;Disabled;ErrorDuringSetup;CouldNotFetchKey;CouldNotGetClusterInfo;FetchedKey +type StrategyReason string + +const ( + KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate") + ImpersonationProxyStrategyType = StrategyType("ImpersonationProxy") + + TokenCredentialRequestAPIFrontendType = FrontendType("TokenCredentialRequestAPI") + ImpersonationProxyFrontendType = FrontendType("ImpersonationProxy") + + SuccessStrategyStatus = StrategyStatus("Success") + ErrorStrategyStatus = StrategyStatus("Error") + + ListeningStrategyReason = StrategyReason("Listening") + PendingStrategyReason = StrategyReason("Pending") + DisabledStrategyReason = StrategyReason("Disabled") + ErrorDuringSetupStrategyReason = StrategyReason("ErrorDuringSetup") + CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey") + CouldNotGetClusterInfoStrategyReason = StrategyReason("CouldNotGetClusterInfo") + FetchedKeyStrategyReason = StrategyReason("FetchedKey") +) + +// CredentialIssuerSpec describes the intended configuration of the Concierge. +type CredentialIssuerSpec struct { + // ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. + ImpersonationProxy *ImpersonationProxySpec `json:"impersonationProxy"` +} + +// ImpersonationProxyMode enumerates the configuration modes for the impersonation proxy. +// +// +kubebuilder:validation:Enum=auto;enabled;disabled +type ImpersonationProxyMode string + +const ( + // ImpersonationProxyModeDisabled explicitly disables the impersonation proxy. + ImpersonationProxyModeDisabled = ImpersonationProxyMode("disabled") + + // ImpersonationProxyModeEnabled explicitly enables the impersonation proxy. + ImpersonationProxyModeEnabled = ImpersonationProxyMode("enabled") + + // ImpersonationProxyModeAuto enables or disables the impersonation proxy based upon the cluster in which it is running. + ImpersonationProxyModeAuto = ImpersonationProxyMode("auto") +) + +// ImpersonationProxyServiceType enumerates the types of service that can be provisioned for the impersonation proxy. +// +// +kubebuilder:validation:Enum=LoadBalancer;ClusterIP;None +type ImpersonationProxyServiceType string + +const ( + // ImpersonationProxyServiceTypeLoadBalancer provisions a service of type LoadBalancer. + ImpersonationProxyServiceTypeLoadBalancer = ImpersonationProxyServiceType("LoadBalancer") + + // ImpersonationProxyServiceTypeClusterIP provisions a service of type ClusterIP. + ImpersonationProxyServiceTypeClusterIP = ImpersonationProxyServiceType("ClusterIP") + + // ImpersonationProxyServiceTypeNone does not automatically provision any service. + ImpersonationProxyServiceTypeNone = ImpersonationProxyServiceType("None") +) + +// ImpersonationProxySpec describes the intended configuration of the Concierge impersonation proxy. +type ImpersonationProxySpec struct { + // Mode configures whether the impersonation proxy should be started: + // - "disabled" explicitly disables the impersonation proxy. This is the default. + // - "enabled" explicitly enables the impersonation proxy. + // - "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. + Mode ImpersonationProxyMode `json:"mode"` + + // Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. + // + // +kubebuilder:default:={"type": "LoadBalancer"} + Service ImpersonationProxyServiceSpec `json:"service"` + + // ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will + // be served using the external name of the LoadBalancer service or the cluster service DNS name. + // + // This field must be non-empty when spec.impersonationProxy.service.type is "None". + // + // +optional + ExternalEndpoint string `json:"externalEndpoint,omitempty"` +} + +// ImpersonationProxyServiceSpec describes how the Concierge should provision a Service to expose the impersonation proxy. +type ImpersonationProxyServiceSpec struct { + // Type specifies the type of Service to provision for the impersonation proxy. + // + // If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty + // value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. + // + // +kubebuilder:default:="LoadBalancer" + Type ImpersonationProxyServiceType `json:"type,omitempty"` + + // LoadBalancerIP specifies the IP address to set in the spec.loadBalancerIP field of the provisioned Service. + // This is not supported on all cloud providers. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=255 + // +optional + LoadBalancerIP string `json:"loadBalancerIP,omitempty"` + + // Annotations specifies zero or more key/value pairs to set as annotations on the provisioned Service. + // + // +optional + Annotations map[string]string `json:"annotations,omitempty"` +} + +// CredentialIssuerStatus describes the status of the Concierge. +type CredentialIssuerStatus struct { + // List of integration strategies that were attempted by Pinniped. + Strategies []CredentialIssuerStrategy `json:"strategies"` + + // Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. + // This field is deprecated and will be removed in a future version. + // +optional + KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"` +} + +// CredentialIssuerKubeConfigInfo provides the information needed to form a valid Pinniped-based kubeconfig using this credential issuer. +// This type is deprecated and will be removed in a future version. +type CredentialIssuerKubeConfigInfo struct { + // The K8s API server URL. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://|^http://` + Server string `json:"server"` + + // The K8s API server CA bundle. + // +kubebuilder:validation:MinLength=1 + CertificateAuthorityData string `json:"certificateAuthorityData"` +} + +// CredentialIssuerStrategy describes the status of an integration strategy that was attempted by Pinniped. +type CredentialIssuerStrategy struct { + // Type of integration attempted. + Type StrategyType `json:"type"` + + // Status of the attempted integration strategy. + Status StrategyStatus `json:"status"` + + // Reason for the current status. + Reason StrategyReason `json:"reason"` + + // Human-readable description of the current status. + // +kubebuilder:validation:MinLength=1 + Message string `json:"message"` + + // When the status was last checked. + LastUpdateTime metav1.Time `json:"lastUpdateTime"` + + // Frontend describes how clients can connect using this strategy. + Frontend *CredentialIssuerFrontend `json:"frontend,omitempty"` +} + +// CredentialIssuerFrontend describes how to connect using a particular integration strategy. +type CredentialIssuerFrontend struct { + // Type describes which frontend mechanism clients can use with a strategy. + Type FrontendType `json:"type"` + + // TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. + // This field is only set when Type is "TokenCredentialRequestAPI". + TokenCredentialRequestAPIInfo *TokenCredentialRequestAPIInfo `json:"tokenCredentialRequestInfo,omitempty"` + + // ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. + // This field is only set when Type is "ImpersonationProxy". + ImpersonationProxyInfo *ImpersonationProxyInfo `json:"impersonationProxyInfo,omitempty"` +} + +// TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. +type TokenCredentialRequestAPIInfo struct { + // Server is the Kubernetes API server URL. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://|^http://` + Server string `json:"server"` + + // CertificateAuthorityData is the base64-encoded Kubernetes API server CA bundle. + // +kubebuilder:validation:MinLength=1 + CertificateAuthorityData string `json:"certificateAuthorityData"` +} + +// ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. +type ImpersonationProxyInfo struct { + // Endpoint is the HTTPS endpoint of the impersonation proxy. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://` + Endpoint string `json:"endpoint"` + + // CertificateAuthorityData is the base64-encoded PEM CA bundle of the impersonation proxy. + // +kubebuilder:validation:MinLength=1 + CertificateAuthorityData string `json:"certificateAuthorityData"` +} + +// CredentialIssuer describes the configuration and status of the Pinniped Concierge credential issuer. +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped,scope=Cluster +// +kubebuilder:printcolumn:name="ProxyMode",type=string,JSONPath=`.spec.impersonationProxy.mode` +// +kubebuilder:printcolumn:name="DefaultStrategy",type=string,JSONPath=`.status.strategies[?(@.status == "Success")].type` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type CredentialIssuer struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec describes the intended configuration of the Concierge. + // + // +optional + Spec CredentialIssuerSpec `json:"spec"` + + // CredentialIssuerStatus describes the status of the Concierge. + // + // +optional + Status CredentialIssuerStatus `json:"status"` +} + +// CredentialIssuerList is a list of CredentialIssuer objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type CredentialIssuerList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []CredentialIssuer `json:"items"` +} diff --git a/generated/1.22/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.22/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..a00b3fc8 --- /dev/null +++ b/generated/1.22/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,259 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuer) DeepCopyInto(out *CredentialIssuer) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuer. +func (in *CredentialIssuer) DeepCopy() *CredentialIssuer { + if in == nil { + return nil + } + out := new(CredentialIssuer) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *CredentialIssuer) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerFrontend) DeepCopyInto(out *CredentialIssuerFrontend) { + *out = *in + if in.TokenCredentialRequestAPIInfo != nil { + in, out := &in.TokenCredentialRequestAPIInfo, &out.TokenCredentialRequestAPIInfo + *out = new(TokenCredentialRequestAPIInfo) + **out = **in + } + if in.ImpersonationProxyInfo != nil { + in, out := &in.ImpersonationProxyInfo, &out.ImpersonationProxyInfo + *out = new(ImpersonationProxyInfo) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerFrontend. +func (in *CredentialIssuerFrontend) DeepCopy() *CredentialIssuerFrontend { + if in == nil { + return nil + } + out := new(CredentialIssuerFrontend) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerKubeConfigInfo. +func (in *CredentialIssuerKubeConfigInfo) DeepCopy() *CredentialIssuerKubeConfigInfo { + if in == nil { + return nil + } + out := new(CredentialIssuerKubeConfigInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerList) DeepCopyInto(out *CredentialIssuerList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]CredentialIssuer, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerList. +func (in *CredentialIssuerList) DeepCopy() *CredentialIssuerList { + if in == nil { + return nil + } + out := new(CredentialIssuerList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *CredentialIssuerList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerSpec) DeepCopyInto(out *CredentialIssuerSpec) { + *out = *in + if in.ImpersonationProxy != nil { + in, out := &in.ImpersonationProxy, &out.ImpersonationProxy + *out = new(ImpersonationProxySpec) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerSpec. +func (in *CredentialIssuerSpec) DeepCopy() *CredentialIssuerSpec { + if in == nil { + return nil + } + out := new(CredentialIssuerSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) { + *out = *in + if in.Strategies != nil { + in, out := &in.Strategies, &out.Strategies + *out = make([]CredentialIssuerStrategy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.KubeConfigInfo != nil { + in, out := &in.KubeConfigInfo, &out.KubeConfigInfo + *out = new(CredentialIssuerKubeConfigInfo) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStatus. +func (in *CredentialIssuerStatus) DeepCopy() *CredentialIssuerStatus { + if in == nil { + return nil + } + out := new(CredentialIssuerStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerStrategy) DeepCopyInto(out *CredentialIssuerStrategy) { + *out = *in + in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime) + if in.Frontend != nil { + in, out := &in.Frontend, &out.Frontend + *out = new(CredentialIssuerFrontend) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStrategy. +func (in *CredentialIssuerStrategy) DeepCopy() *CredentialIssuerStrategy { + if in == nil { + return nil + } + out := new(CredentialIssuerStrategy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ImpersonationProxyInfo) DeepCopyInto(out *ImpersonationProxyInfo) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxyInfo. +func (in *ImpersonationProxyInfo) DeepCopy() *ImpersonationProxyInfo { + if in == nil { + return nil + } + out := new(ImpersonationProxyInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ImpersonationProxyServiceSpec) DeepCopyInto(out *ImpersonationProxyServiceSpec) { + *out = *in + if in.Annotations != nil { + in, out := &in.Annotations, &out.Annotations + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxyServiceSpec. +func (in *ImpersonationProxyServiceSpec) DeepCopy() *ImpersonationProxyServiceSpec { + if in == nil { + return nil + } + out := new(ImpersonationProxyServiceSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ImpersonationProxySpec) DeepCopyInto(out *ImpersonationProxySpec) { + *out = *in + in.Service.DeepCopyInto(&out.Service) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxySpec. +func (in *ImpersonationProxySpec) DeepCopy() *ImpersonationProxySpec { + if in == nil { + return nil + } + out := new(ImpersonationProxySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestAPIInfo) DeepCopyInto(out *TokenCredentialRequestAPIInfo) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestAPIInfo. +func (in *TokenCredentialRequestAPIInfo) DeepCopy() *TokenCredentialRequestAPIInfo { + if in == nil { + return nil + } + out := new(TokenCredentialRequestAPIInfo) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.22/apis/concierge/identity/doc.go b/generated/1.22/apis/concierge/identity/doc.go new file mode 100644 index 00000000..130e8942 --- /dev/null +++ b/generated/1.22/apis/concierge/identity/doc.go @@ -0,0 +1,8 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:deepcopy-gen=package +// +groupName=identity.concierge.pinniped.dev + +// Package identity is the internal version of the Pinniped identity API. +package identity diff --git a/generated/1.22/apis/concierge/identity/register.go b/generated/1.22/apis/concierge/identity/register.go new file mode 100644 index 00000000..0cefb834 --- /dev/null +++ b/generated/1.22/apis/concierge/identity/register.go @@ -0,0 +1,38 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package identity + +import ( + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "identity.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} + +// Kind takes an unqualified kind and returns back a Group qualified GroupKind. +func Kind(kind string) schema.GroupKind { + return SchemeGroupVersion.WithKind(kind).GroupKind() +} + +// Resource takes an unqualified resource and returns back a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + AddToScheme = SchemeBuilder.AddToScheme +) + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &WhoAmIRequest{}, + &WhoAmIRequestList{}, + ) + return nil +} diff --git a/generated/1.22/apis/concierge/identity/types_userinfo.go b/generated/1.22/apis/concierge/identity/types_userinfo.go new file mode 100644 index 00000000..65eb50cc --- /dev/null +++ b/generated/1.22/apis/concierge/identity/types_userinfo.go @@ -0,0 +1,37 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package identity + +import "fmt" + +// KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. +// Copied from the Kubernetes token review API. +type KubernetesUserInfo struct { + // User is the UserInfo associated with the current user. + User UserInfo + // Audiences are audience identifiers chosen by the authenticator. + Audiences []string +} + +// UserInfo holds the information about the user needed to implement the +// user.Info interface. +type UserInfo struct { + // The name that uniquely identifies this user among all active users. + Username string + // A unique value that identifies this user across time. If this user is + // deleted and another user by the same name is added, they will have + // different UIDs. + UID string + // The names of groups this user is a part of. + Groups []string + // Any additional information provided by the authenticator. + Extra map[string]ExtraValue +} + +// ExtraValue masks the value so protobuf can generate +type ExtraValue []string + +func (t ExtraValue) String() string { + return fmt.Sprintf("%v", []string(t)) +} diff --git a/generated/1.22/apis/concierge/identity/types_whoami.go b/generated/1.22/apis/concierge/identity/types_whoami.go new file mode 100644 index 00000000..4ba30607 --- /dev/null +++ b/generated/1.22/apis/concierge/identity/types_whoami.go @@ -0,0 +1,40 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package identity + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// WhoAmIRequest submits a request to echo back the current authenticated user. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type WhoAmIRequest struct { + metav1.TypeMeta + metav1.ObjectMeta + + Spec WhoAmIRequestSpec + Status WhoAmIRequestStatus +} + +type WhoAmIRequestSpec struct { + // empty for now but we may add some config here in the future + // any such config must be safe in the context of an unauthenticated user +} + +type WhoAmIRequestStatus struct { + // The current authenticated user, exactly as Kubernetes understands it. + KubernetesUserInfo KubernetesUserInfo + + // We may add concierge specific information here in the future. +} + +// WhoAmIRequestList is a list of WhoAmIRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type WhoAmIRequestList struct { + metav1.TypeMeta + metav1.ListMeta + + // Items is a list of WhoAmIRequest + Items []WhoAmIRequest +} diff --git a/generated/1.22/apis/concierge/identity/v1alpha1/conversion.go b/generated/1.22/apis/concierge/identity/v1alpha1/conversion.go new file mode 100644 index 00000000..63ae004e --- /dev/null +++ b/generated/1.22/apis/concierge/identity/v1alpha1/conversion.go @@ -0,0 +1,4 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 diff --git a/generated/1.22/apis/concierge/identity/v1alpha1/defaults.go b/generated/1.22/apis/concierge/identity/v1alpha1/defaults.go new file mode 100644 index 00000000..15c2bec9 --- /dev/null +++ b/generated/1.22/apis/concierge/identity/v1alpha1/defaults.go @@ -0,0 +1,12 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + "k8s.io/apimachinery/pkg/runtime" +) + +func addDefaultingFuncs(scheme *runtime.Scheme) error { + return RegisterDefaults(scheme) +} diff --git a/generated/1.22/apis/concierge/identity/v1alpha1/doc.go b/generated/1.22/apis/concierge/identity/v1alpha1/doc.go new file mode 100644 index 00000000..c54fd0fa --- /dev/null +++ b/generated/1.22/apis/concierge/identity/v1alpha1/doc.go @@ -0,0 +1,11 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:conversion-gen=go.pinniped.dev/generated/1.22/apis/concierge/identity +// +k8s:defaulter-gen=TypeMeta +// +groupName=identity.concierge.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. +package v1alpha1 diff --git a/generated/1.22/apis/concierge/identity/v1alpha1/register.go b/generated/1.22/apis/concierge/identity/v1alpha1/register.go new file mode 100644 index 00000000..0e17d584 --- /dev/null +++ b/generated/1.22/apis/concierge/identity/v1alpha1/register.go @@ -0,0 +1,43 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "identity.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes, addDefaultingFuncs) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &WhoAmIRequest{}, + &WhoAmIRequestList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.22/apis/concierge/identity/v1alpha1/types_userinfo.go b/generated/1.22/apis/concierge/identity/v1alpha1/types_userinfo.go new file mode 100644 index 00000000..4e509fc1 --- /dev/null +++ b/generated/1.22/apis/concierge/identity/v1alpha1/types_userinfo.go @@ -0,0 +1,41 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import "fmt" + +// KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. +// Copied from the Kubernetes token review API. +type KubernetesUserInfo struct { + // User is the UserInfo associated with the current user. + User UserInfo `json:"user"` + // Audiences are audience identifiers chosen by the authenticator. + // +optional + Audiences []string `json:"audiences,omitempty"` +} + +// UserInfo holds the information about the user needed to implement the +// user.Info interface. +type UserInfo struct { + // The name that uniquely identifies this user among all active users. + Username string `json:"username"` + // A unique value that identifies this user across time. If this user is + // deleted and another user by the same name is added, they will have + // different UIDs. + // +optional + UID string `json:"uid,omitempty"` + // The names of groups this user is a part of. + // +optional + Groups []string `json:"groups,omitempty"` + // Any additional information provided by the authenticator. + // +optional + Extra map[string]ExtraValue `json:"extra,omitempty"` +} + +// ExtraValue masks the value so protobuf can generate +type ExtraValue []string + +func (t ExtraValue) String() string { + return fmt.Sprintf("%v", []string(t)) +} diff --git a/generated/1.22/apis/concierge/identity/v1alpha1/types_whoami.go b/generated/1.22/apis/concierge/identity/v1alpha1/types_whoami.go new file mode 100644 index 00000000..3d884346 --- /dev/null +++ b/generated/1.22/apis/concierge/identity/v1alpha1/types_whoami.go @@ -0,0 +1,43 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// WhoAmIRequest submits a request to echo back the current authenticated user. +// +genclient +// +genclient:nonNamespaced +// +genclient:onlyVerbs=create +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type WhoAmIRequest struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec WhoAmIRequestSpec `json:"spec,omitempty"` + Status WhoAmIRequestStatus `json:"status,omitempty"` +} + +type WhoAmIRequestSpec struct { + // empty for now but we may add some config here in the future + // any such config must be safe in the context of an unauthenticated user +} + +type WhoAmIRequestStatus struct { + // The current authenticated user, exactly as Kubernetes understands it. + KubernetesUserInfo KubernetesUserInfo `json:"kubernetesUserInfo"` + + // We may add concierge specific information here in the future. +} + +// WhoAmIRequestList is a list of WhoAmIRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type WhoAmIRequestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + // Items is a list of WhoAmIRequest + Items []WhoAmIRequest `json:"items"` +} diff --git a/generated/1.22/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/1.22/apis/concierge/identity/v1alpha1/zz_generated.conversion.go new file mode 100644 index 00000000..bffd8ae4 --- /dev/null +++ b/generated/1.22/apis/concierge/identity/v1alpha1/zz_generated.conversion.go @@ -0,0 +1,235 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by conversion-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + unsafe "unsafe" + + identity "go.pinniped.dev/generated/1.22/apis/concierge/identity" + conversion "k8s.io/apimachinery/pkg/conversion" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +func init() { + localSchemeBuilder.Register(RegisterConversions) +} + +// RegisterConversions adds conversion functions to the given scheme. +// Public to allow building arbitrary schemes. +func RegisterConversions(s *runtime.Scheme) error { + if err := s.AddGeneratedConversionFunc((*KubernetesUserInfo)(nil), (*identity.KubernetesUserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(a.(*KubernetesUserInfo), b.(*identity.KubernetesUserInfo), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.KubernetesUserInfo)(nil), (*KubernetesUserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(a.(*identity.KubernetesUserInfo), b.(*KubernetesUserInfo), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*UserInfo)(nil), (*identity.UserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_UserInfo_To_identity_UserInfo(a.(*UserInfo), b.(*identity.UserInfo), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.UserInfo)(nil), (*UserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_UserInfo_To_v1alpha1_UserInfo(a.(*identity.UserInfo), b.(*UserInfo), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*WhoAmIRequest)(nil), (*identity.WhoAmIRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(a.(*WhoAmIRequest), b.(*identity.WhoAmIRequest), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequest)(nil), (*WhoAmIRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(a.(*identity.WhoAmIRequest), b.(*WhoAmIRequest), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*WhoAmIRequestList)(nil), (*identity.WhoAmIRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(a.(*WhoAmIRequestList), b.(*identity.WhoAmIRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestList)(nil), (*WhoAmIRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(a.(*identity.WhoAmIRequestList), b.(*WhoAmIRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*WhoAmIRequestSpec)(nil), (*identity.WhoAmIRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(a.(*WhoAmIRequestSpec), b.(*identity.WhoAmIRequestSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestSpec)(nil), (*WhoAmIRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(a.(*identity.WhoAmIRequestSpec), b.(*WhoAmIRequestSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*WhoAmIRequestStatus)(nil), (*identity.WhoAmIRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(a.(*WhoAmIRequestStatus), b.(*identity.WhoAmIRequestStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestStatus)(nil), (*WhoAmIRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(a.(*identity.WhoAmIRequestStatus), b.(*WhoAmIRequestStatus), scope) + }); err != nil { + return err + } + return nil +} + +func autoConvert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in *KubernetesUserInfo, out *identity.KubernetesUserInfo, s conversion.Scope) error { + if err := Convert_v1alpha1_UserInfo_To_identity_UserInfo(&in.User, &out.User, s); err != nil { + return err + } + out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences)) + return nil +} + +// Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo is an autogenerated conversion function. +func Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in *KubernetesUserInfo, out *identity.KubernetesUserInfo, s conversion.Scope) error { + return autoConvert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in, out, s) +} + +func autoConvert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in *identity.KubernetesUserInfo, out *KubernetesUserInfo, s conversion.Scope) error { + if err := Convert_identity_UserInfo_To_v1alpha1_UserInfo(&in.User, &out.User, s); err != nil { + return err + } + out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences)) + return nil +} + +// Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo is an autogenerated conversion function. +func Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in *identity.KubernetesUserInfo, out *KubernetesUserInfo, s conversion.Scope) error { + return autoConvert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in, out, s) +} + +func autoConvert_v1alpha1_UserInfo_To_identity_UserInfo(in *UserInfo, out *identity.UserInfo, s conversion.Scope) error { + out.Username = in.Username + out.UID = in.UID + out.Groups = *(*[]string)(unsafe.Pointer(&in.Groups)) + out.Extra = *(*map[string]identity.ExtraValue)(unsafe.Pointer(&in.Extra)) + return nil +} + +// Convert_v1alpha1_UserInfo_To_identity_UserInfo is an autogenerated conversion function. +func Convert_v1alpha1_UserInfo_To_identity_UserInfo(in *UserInfo, out *identity.UserInfo, s conversion.Scope) error { + return autoConvert_v1alpha1_UserInfo_To_identity_UserInfo(in, out, s) +} + +func autoConvert_identity_UserInfo_To_v1alpha1_UserInfo(in *identity.UserInfo, out *UserInfo, s conversion.Scope) error { + out.Username = in.Username + out.UID = in.UID + out.Groups = *(*[]string)(unsafe.Pointer(&in.Groups)) + out.Extra = *(*map[string]ExtraValue)(unsafe.Pointer(&in.Extra)) + return nil +} + +// Convert_identity_UserInfo_To_v1alpha1_UserInfo is an autogenerated conversion function. +func Convert_identity_UserInfo_To_v1alpha1_UserInfo(in *identity.UserInfo, out *UserInfo, s conversion.Scope) error { + return autoConvert_identity_UserInfo_To_v1alpha1_UserInfo(in, out, s) +} + +func autoConvert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in *WhoAmIRequest, out *identity.WhoAmIRequest, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest is an autogenerated conversion function. +func Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in *WhoAmIRequest, out *identity.WhoAmIRequest, s conversion.Scope) error { + return autoConvert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in, out, s) +} + +func autoConvert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in *identity.WhoAmIRequest, out *WhoAmIRequest, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest is an autogenerated conversion function. +func Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in *identity.WhoAmIRequest, out *WhoAmIRequest, s conversion.Scope) error { + return autoConvert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in, out, s) +} + +func autoConvert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in *WhoAmIRequestList, out *identity.WhoAmIRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]identity.WhoAmIRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList is an autogenerated conversion function. +func Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in *WhoAmIRequestList, out *identity.WhoAmIRequestList, s conversion.Scope) error { + return autoConvert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in, out, s) +} + +func autoConvert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in *identity.WhoAmIRequestList, out *WhoAmIRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]WhoAmIRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList is an autogenerated conversion function. +func Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in *identity.WhoAmIRequestList, out *WhoAmIRequestList, s conversion.Scope) error { + return autoConvert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in, out, s) +} + +func autoConvert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in *WhoAmIRequestSpec, out *identity.WhoAmIRequestSpec, s conversion.Scope) error { + return nil +} + +// Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec is an autogenerated conversion function. +func Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in *WhoAmIRequestSpec, out *identity.WhoAmIRequestSpec, s conversion.Scope) error { + return autoConvert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in, out, s) +} + +func autoConvert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in *identity.WhoAmIRequestSpec, out *WhoAmIRequestSpec, s conversion.Scope) error { + return nil +} + +// Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec is an autogenerated conversion function. +func Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in *identity.WhoAmIRequestSpec, out *WhoAmIRequestSpec, s conversion.Scope) error { + return autoConvert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in, out, s) +} + +func autoConvert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in *WhoAmIRequestStatus, out *identity.WhoAmIRequestStatus, s conversion.Scope) error { + if err := Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(&in.KubernetesUserInfo, &out.KubernetesUserInfo, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus is an autogenerated conversion function. +func Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in *WhoAmIRequestStatus, out *identity.WhoAmIRequestStatus, s conversion.Scope) error { + return autoConvert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in, out, s) +} + +func autoConvert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in *identity.WhoAmIRequestStatus, out *WhoAmIRequestStatus, s conversion.Scope) error { + if err := Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(&in.KubernetesUserInfo, &out.KubernetesUserInfo, s); err != nil { + return err + } + return nil +} + +// Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus is an autogenerated conversion function. +func Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in *identity.WhoAmIRequestStatus, out *WhoAmIRequestStatus, s conversion.Scope) error { + return autoConvert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in, out, s) +} diff --git a/generated/1.22/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/1.22/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..8206b6dd --- /dev/null +++ b/generated/1.22/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,185 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in ExtraValue) DeepCopyInto(out *ExtraValue) { + { + in := &in + *out = make(ExtraValue, len(*in)) + copy(*out, *in) + return + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue. +func (in ExtraValue) DeepCopy() ExtraValue { + if in == nil { + return nil + } + out := new(ExtraValue) + in.DeepCopyInto(out) + return *out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubernetesUserInfo) DeepCopyInto(out *KubernetesUserInfo) { + *out = *in + in.User.DeepCopyInto(&out.User) + if in.Audiences != nil { + in, out := &in.Audiences, &out.Audiences + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesUserInfo. +func (in *KubernetesUserInfo) DeepCopy() *KubernetesUserInfo { + if in == nil { + return nil + } + out := new(KubernetesUserInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserInfo) DeepCopyInto(out *UserInfo) { + *out = *in + if in.Groups != nil { + in, out := &in.Groups, &out.Groups + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Extra != nil { + in, out := &in.Extra, &out.Extra + *out = make(map[string]ExtraValue, len(*in)) + for key, val := range *in { + var outVal []string + if val == nil { + (*out)[key] = nil + } else { + in, out := &val, &outVal + *out = make(ExtraValue, len(*in)) + copy(*out, *in) + } + (*out)[key] = outVal + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInfo. +func (in *UserInfo) DeepCopy() *UserInfo { + if in == nil { + return nil + } + out := new(UserInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequest) DeepCopyInto(out *WhoAmIRequest) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequest. +func (in *WhoAmIRequest) DeepCopy() *WhoAmIRequest { + if in == nil { + return nil + } + out := new(WhoAmIRequest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WhoAmIRequest) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestList) DeepCopyInto(out *WhoAmIRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]WhoAmIRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestList. +func (in *WhoAmIRequestList) DeepCopy() *WhoAmIRequestList { + if in == nil { + return nil + } + out := new(WhoAmIRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WhoAmIRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestSpec) DeepCopyInto(out *WhoAmIRequestSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestSpec. +func (in *WhoAmIRequestSpec) DeepCopy() *WhoAmIRequestSpec { + if in == nil { + return nil + } + out := new(WhoAmIRequestSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestStatus) DeepCopyInto(out *WhoAmIRequestStatus) { + *out = *in + in.KubernetesUserInfo.DeepCopyInto(&out.KubernetesUserInfo) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestStatus. +func (in *WhoAmIRequestStatus) DeepCopy() *WhoAmIRequestStatus { + if in == nil { + return nil + } + out := new(WhoAmIRequestStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.22/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/1.22/apis/concierge/identity/v1alpha1/zz_generated.defaults.go new file mode 100644 index 00000000..9097a935 --- /dev/null +++ b/generated/1.22/apis/concierge/identity/v1alpha1/zz_generated.defaults.go @@ -0,0 +1,20 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by defaulter-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// RegisterDefaults adds defaulters functions to the given scheme. +// Public to allow building arbitrary schemes. +// All generated defaulters are covering - they call all nested defaulters. +func RegisterDefaults(scheme *runtime.Scheme) error { + return nil +} diff --git a/generated/1.22/apis/concierge/identity/validation/validation.go b/generated/1.22/apis/concierge/identity/validation/validation.go new file mode 100644 index 00000000..27057b61 --- /dev/null +++ b/generated/1.22/apis/concierge/identity/validation/validation.go @@ -0,0 +1,14 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package validation + +import ( + "k8s.io/apimachinery/pkg/util/validation/field" + + identityapi "go.pinniped.dev/generated/1.22/apis/concierge/identity" +) + +func ValidateWhoAmIRequest(whoAmIRequest *identityapi.WhoAmIRequest) field.ErrorList { + return nil // add validation for spec here if we expand it +} diff --git a/generated/1.22/apis/concierge/identity/zz_generated.deepcopy.go b/generated/1.22/apis/concierge/identity/zz_generated.deepcopy.go new file mode 100644 index 00000000..4d844ffd --- /dev/null +++ b/generated/1.22/apis/concierge/identity/zz_generated.deepcopy.go @@ -0,0 +1,185 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package identity + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in ExtraValue) DeepCopyInto(out *ExtraValue) { + { + in := &in + *out = make(ExtraValue, len(*in)) + copy(*out, *in) + return + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue. +func (in ExtraValue) DeepCopy() ExtraValue { + if in == nil { + return nil + } + out := new(ExtraValue) + in.DeepCopyInto(out) + return *out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubernetesUserInfo) DeepCopyInto(out *KubernetesUserInfo) { + *out = *in + in.User.DeepCopyInto(&out.User) + if in.Audiences != nil { + in, out := &in.Audiences, &out.Audiences + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesUserInfo. +func (in *KubernetesUserInfo) DeepCopy() *KubernetesUserInfo { + if in == nil { + return nil + } + out := new(KubernetesUserInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserInfo) DeepCopyInto(out *UserInfo) { + *out = *in + if in.Groups != nil { + in, out := &in.Groups, &out.Groups + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Extra != nil { + in, out := &in.Extra, &out.Extra + *out = make(map[string]ExtraValue, len(*in)) + for key, val := range *in { + var outVal []string + if val == nil { + (*out)[key] = nil + } else { + in, out := &val, &outVal + *out = make(ExtraValue, len(*in)) + copy(*out, *in) + } + (*out)[key] = outVal + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInfo. +func (in *UserInfo) DeepCopy() *UserInfo { + if in == nil { + return nil + } + out := new(UserInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequest) DeepCopyInto(out *WhoAmIRequest) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequest. +func (in *WhoAmIRequest) DeepCopy() *WhoAmIRequest { + if in == nil { + return nil + } + out := new(WhoAmIRequest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WhoAmIRequest) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestList) DeepCopyInto(out *WhoAmIRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]WhoAmIRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestList. +func (in *WhoAmIRequestList) DeepCopy() *WhoAmIRequestList { + if in == nil { + return nil + } + out := new(WhoAmIRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WhoAmIRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestSpec) DeepCopyInto(out *WhoAmIRequestSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestSpec. +func (in *WhoAmIRequestSpec) DeepCopy() *WhoAmIRequestSpec { + if in == nil { + return nil + } + out := new(WhoAmIRequestSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestStatus) DeepCopyInto(out *WhoAmIRequestStatus) { + *out = *in + in.KubernetesUserInfo.DeepCopyInto(&out.KubernetesUserInfo) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestStatus. +func (in *WhoAmIRequestStatus) DeepCopy() *WhoAmIRequestStatus { + if in == nil { + return nil + } + out := new(WhoAmIRequestStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.22/apis/concierge/login/doc.go b/generated/1.22/apis/concierge/login/doc.go new file mode 100644 index 00000000..14af63a2 --- /dev/null +++ b/generated/1.22/apis/concierge/login/doc.go @@ -0,0 +1,8 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:deepcopy-gen=package +// +groupName=login.concierge.pinniped.dev + +// Package login is the internal version of the Pinniped login API. +package login diff --git a/generated/1.22/apis/concierge/login/register.go b/generated/1.22/apis/concierge/login/register.go new file mode 100644 index 00000000..1c3ba130 --- /dev/null +++ b/generated/1.22/apis/concierge/login/register.go @@ -0,0 +1,38 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package login + +import ( + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "login.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} + +// Kind takes an unqualified kind and returns back a Group qualified GroupKind. +func Kind(kind string) schema.GroupKind { + return SchemeGroupVersion.WithKind(kind).GroupKind() +} + +// Resource takes an unqualified resource and returns back a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + AddToScheme = SchemeBuilder.AddToScheme +) + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &TokenCredentialRequest{}, + &TokenCredentialRequestList{}, + ) + return nil +} diff --git a/generated/1.22/apis/concierge/login/types_clustercred.go b/generated/1.22/apis/concierge/login/types_clustercred.go new file mode 100644 index 00000000..dd683b81 --- /dev/null +++ b/generated/1.22/apis/concierge/login/types_clustercred.go @@ -0,0 +1,21 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package login + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// ClusterCredential is a credential (token or certificate) which is valid on the Kubernetes cluster. +type ClusterCredential struct { + // ExpirationTimestamp indicates a time when the provided credentials expire. + ExpirationTimestamp metav1.Time + + // Token is a bearer token used by the client for request authentication. + Token string + + // PEM-encoded client TLS certificates (including intermediates, if any). + ClientCertificateData string + + // PEM-encoded private key for the above certificate. + ClientKeyData string +} diff --git a/generated/1.22/apis/concierge/login/types_token.go b/generated/1.22/apis/concierge/login/types_token.go new file mode 100644 index 00000000..e3af529e --- /dev/null +++ b/generated/1.22/apis/concierge/login/types_token.go @@ -0,0 +1,47 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package login + +import ( + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type TokenCredentialRequestSpec struct { + // Bearer token supplied with the credential request. + Token string + + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference +} + +type TokenCredentialRequestStatus struct { + // A ClusterCredential will be returned for a successful credential request. + // +optional + Credential *ClusterCredential + + // An error message will be returned for an unsuccessful credential request. + // +optional + Message *string +} + +// TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type TokenCredentialRequest struct { + metav1.TypeMeta + metav1.ObjectMeta + + Spec TokenCredentialRequestSpec + Status TokenCredentialRequestStatus +} + +// TokenCredentialRequestList is a list of TokenCredentialRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type TokenCredentialRequestList struct { + metav1.TypeMeta + metav1.ListMeta + + // Items is a list of TokenCredentialRequest + Items []TokenCredentialRequest +} diff --git a/generated/1.22/apis/concierge/login/v1alpha1/conversion.go b/generated/1.22/apis/concierge/login/v1alpha1/conversion.go new file mode 100644 index 00000000..dca8bca2 --- /dev/null +++ b/generated/1.22/apis/concierge/login/v1alpha1/conversion.go @@ -0,0 +1,4 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 diff --git a/generated/1.22/apis/concierge/login/v1alpha1/defaults.go b/generated/1.22/apis/concierge/login/v1alpha1/defaults.go new file mode 100644 index 00000000..12f0acd2 --- /dev/null +++ b/generated/1.22/apis/concierge/login/v1alpha1/defaults.go @@ -0,0 +1,12 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + "k8s.io/apimachinery/pkg/runtime" +) + +func addDefaultingFuncs(scheme *runtime.Scheme) error { + return RegisterDefaults(scheme) +} diff --git a/generated/1.22/apis/concierge/login/v1alpha1/doc.go b/generated/1.22/apis/concierge/login/v1alpha1/doc.go new file mode 100644 index 00000000..19109b8b --- /dev/null +++ b/generated/1.22/apis/concierge/login/v1alpha1/doc.go @@ -0,0 +1,11 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:conversion-gen=go.pinniped.dev/generated/1.22/apis/concierge/login +// +k8s:defaulter-gen=TypeMeta +// +groupName=login.concierge.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped login API. +package v1alpha1 diff --git a/generated/1.22/apis/concierge/login/v1alpha1/register.go b/generated/1.22/apis/concierge/login/v1alpha1/register.go new file mode 100644 index 00000000..60efec82 --- /dev/null +++ b/generated/1.22/apis/concierge/login/v1alpha1/register.go @@ -0,0 +1,43 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "login.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes, addDefaultingFuncs) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &TokenCredentialRequest{}, + &TokenCredentialRequestList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.22/apis/concierge/login/v1alpha1/types_clustercred.go b/generated/1.22/apis/concierge/login/v1alpha1/types_clustercred.go new file mode 100644 index 00000000..eb50c7fe --- /dev/null +++ b/generated/1.22/apis/concierge/login/v1alpha1/types_clustercred.go @@ -0,0 +1,22 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// ClusterCredential is the cluster-specific credential returned on a successful credential request. It +// contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster. +type ClusterCredential struct { + // ExpirationTimestamp indicates a time when the provided credentials expire. + ExpirationTimestamp metav1.Time `json:"expirationTimestamp,omitempty"` + + // Token is a bearer token used by the client for request authentication. + Token string `json:"token,omitempty"` + + // PEM-encoded client TLS certificates (including intermediates, if any). + ClientCertificateData string `json:"clientCertificateData,omitempty"` + + // PEM-encoded private key for the above certificate. + ClientKeyData string `json:"clientKeyData,omitempty"` +} diff --git a/generated/1.22/apis/concierge/login/v1alpha1/types_token.go b/generated/1.22/apis/concierge/login/v1alpha1/types_token.go new file mode 100644 index 00000000..c8f3b66e --- /dev/null +++ b/generated/1.22/apis/concierge/login/v1alpha1/types_token.go @@ -0,0 +1,51 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// TokenCredentialRequestSpec is the specification of a TokenCredentialRequest, expected on requests to the Pinniped API. +type TokenCredentialRequestSpec struct { + // Bearer token supplied with the credential request. + Token string `json:"token,omitempty"` + + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference `json:"authenticator"` +} + +// TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API. +type TokenCredentialRequestStatus struct { + // A Credential will be returned for a successful credential request. + // +optional + Credential *ClusterCredential `json:"credential,omitempty"` + + // An error message will be returned for an unsuccessful credential request. + // +optional + Message *string `json:"message,omitempty"` +} + +// TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. +// +genclient +// +genclient:nonNamespaced +// +genclient:onlyVerbs=create +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type TokenCredentialRequest struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec TokenCredentialRequestSpec `json:"spec,omitempty"` + Status TokenCredentialRequestStatus `json:"status,omitempty"` +} + +// TokenCredentialRequestList is a list of TokenCredentialRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type TokenCredentialRequestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []TokenCredentialRequest `json:"items"` +} diff --git a/generated/1.22/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.22/apis/concierge/login/v1alpha1/zz_generated.conversion.go new file mode 100644 index 00000000..fcb2e7f5 --- /dev/null +++ b/generated/1.22/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -0,0 +1,201 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by conversion-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + unsafe "unsafe" + + login "go.pinniped.dev/generated/1.22/apis/concierge/login" + conversion "k8s.io/apimachinery/pkg/conversion" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +func init() { + localSchemeBuilder.Register(RegisterConversions) +} + +// RegisterConversions adds conversion functions to the given scheme. +// Public to allow building arbitrary schemes. +func RegisterConversions(s *runtime.Scheme) error { + if err := s.AddGeneratedConversionFunc((*ClusterCredential)(nil), (*login.ClusterCredential)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential(a.(*ClusterCredential), b.(*login.ClusterCredential), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*login.ClusterCredential)(nil), (*ClusterCredential)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential(a.(*login.ClusterCredential), b.(*ClusterCredential), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*TokenCredentialRequest)(nil), (*login.TokenCredentialRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(a.(*TokenCredentialRequest), b.(*login.TokenCredentialRequest), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequest)(nil), (*TokenCredentialRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(a.(*login.TokenCredentialRequest), b.(*TokenCredentialRequest), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestList)(nil), (*login.TokenCredentialRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(a.(*TokenCredentialRequestList), b.(*login.TokenCredentialRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestList)(nil), (*TokenCredentialRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(a.(*login.TokenCredentialRequestList), b.(*TokenCredentialRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestSpec)(nil), (*login.TokenCredentialRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(a.(*TokenCredentialRequestSpec), b.(*login.TokenCredentialRequestSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestSpec)(nil), (*TokenCredentialRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(a.(*login.TokenCredentialRequestSpec), b.(*TokenCredentialRequestSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestStatus)(nil), (*login.TokenCredentialRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(a.(*TokenCredentialRequestStatus), b.(*login.TokenCredentialRequestStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestStatus)(nil), (*TokenCredentialRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(a.(*login.TokenCredentialRequestStatus), b.(*TokenCredentialRequestStatus), scope) + }); err != nil { + return err + } + return nil +} + +func autoConvert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in *ClusterCredential, out *login.ClusterCredential, s conversion.Scope) error { + out.ExpirationTimestamp = in.ExpirationTimestamp + out.Token = in.Token + out.ClientCertificateData = in.ClientCertificateData + out.ClientKeyData = in.ClientKeyData + return nil +} + +// Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential is an autogenerated conversion function. +func Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in *ClusterCredential, out *login.ClusterCredential, s conversion.Scope) error { + return autoConvert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in, out, s) +} + +func autoConvert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in *login.ClusterCredential, out *ClusterCredential, s conversion.Scope) error { + out.ExpirationTimestamp = in.ExpirationTimestamp + out.Token = in.Token + out.ClientCertificateData = in.ClientCertificateData + out.ClientKeyData = in.ClientKeyData + return nil +} + +// Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential is an autogenerated conversion function. +func Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in *login.ClusterCredential, out *ClusterCredential, s conversion.Scope) error { + return autoConvert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in, out, s) +} + +func autoConvert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in *TokenCredentialRequest, out *login.TokenCredentialRequest, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest is an autogenerated conversion function. +func Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in *TokenCredentialRequest, out *login.TokenCredentialRequest, s conversion.Scope) error { + return autoConvert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in, out, s) +} + +func autoConvert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in *login.TokenCredentialRequest, out *TokenCredentialRequest, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest is an autogenerated conversion function. +func Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in *login.TokenCredentialRequest, out *TokenCredentialRequest, s conversion.Scope) error { + return autoConvert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in, out, s) +} + +func autoConvert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in *TokenCredentialRequestList, out *login.TokenCredentialRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]login.TokenCredentialRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList is an autogenerated conversion function. +func Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in *TokenCredentialRequestList, out *login.TokenCredentialRequestList, s conversion.Scope) error { + return autoConvert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in, out, s) +} + +func autoConvert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in *login.TokenCredentialRequestList, out *TokenCredentialRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]TokenCredentialRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList is an autogenerated conversion function. +func Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in *login.TokenCredentialRequestList, out *TokenCredentialRequestList, s conversion.Scope) error { + return autoConvert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in, out, s) +} + +func autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error { + out.Token = in.Token + out.Authenticator = in.Authenticator + return nil +} + +// Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec is an autogenerated conversion function. +func Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error { + return autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in, out, s) +} + +func autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error { + out.Token = in.Token + out.Authenticator = in.Authenticator + return nil +} + +// Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec is an autogenerated conversion function. +func Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error { + return autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in, out, s) +} + +func autoConvert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in *TokenCredentialRequestStatus, out *login.TokenCredentialRequestStatus, s conversion.Scope) error { + out.Credential = (*login.ClusterCredential)(unsafe.Pointer(in.Credential)) + out.Message = (*string)(unsafe.Pointer(in.Message)) + return nil +} + +// Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus is an autogenerated conversion function. +func Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in *TokenCredentialRequestStatus, out *login.TokenCredentialRequestStatus, s conversion.Scope) error { + return autoConvert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in, out, s) +} + +func autoConvert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in *login.TokenCredentialRequestStatus, out *TokenCredentialRequestStatus, s conversion.Scope) error { + out.Credential = (*ClusterCredential)(unsafe.Pointer(in.Credential)) + out.Message = (*string)(unsafe.Pointer(in.Message)) + return nil +} + +// Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus is an autogenerated conversion function. +func Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in *login.TokenCredentialRequestStatus, out *TokenCredentialRequestStatus, s conversion.Scope) error { + return autoConvert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in, out, s) +} diff --git a/generated/1.22/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.22/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..6f39cfec --- /dev/null +++ b/generated/1.22/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,134 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterCredential) DeepCopyInto(out *ClusterCredential) { + *out = *in + in.ExpirationTimestamp.DeepCopyInto(&out.ExpirationTimestamp) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCredential. +func (in *ClusterCredential) DeepCopy() *ClusterCredential { + if in == nil { + return nil + } + out := new(ClusterCredential) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequest) DeepCopyInto(out *TokenCredentialRequest) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequest. +func (in *TokenCredentialRequest) DeepCopy() *TokenCredentialRequest { + if in == nil { + return nil + } + out := new(TokenCredentialRequest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TokenCredentialRequest) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestList) DeepCopyInto(out *TokenCredentialRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]TokenCredentialRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestList. +func (in *TokenCredentialRequestList) DeepCopy() *TokenCredentialRequestList { + if in == nil { + return nil + } + out := new(TokenCredentialRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { + *out = *in + in.Authenticator.DeepCopyInto(&out.Authenticator) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestSpec. +func (in *TokenCredentialRequestSpec) DeepCopy() *TokenCredentialRequestSpec { + if in == nil { + return nil + } + out := new(TokenCredentialRequestSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestStatus) DeepCopyInto(out *TokenCredentialRequestStatus) { + *out = *in + if in.Credential != nil { + in, out := &in.Credential, &out.Credential + *out = new(ClusterCredential) + (*in).DeepCopyInto(*out) + } + if in.Message != nil { + in, out := &in.Message, &out.Message + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestStatus. +func (in *TokenCredentialRequestStatus) DeepCopy() *TokenCredentialRequestStatus { + if in == nil { + return nil + } + out := new(TokenCredentialRequestStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.22/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/1.22/apis/concierge/login/v1alpha1/zz_generated.defaults.go new file mode 100644 index 00000000..9097a935 --- /dev/null +++ b/generated/1.22/apis/concierge/login/v1alpha1/zz_generated.defaults.go @@ -0,0 +1,20 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by defaulter-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// RegisterDefaults adds defaulters functions to the given scheme. +// Public to allow building arbitrary schemes. +// All generated defaulters are covering - they call all nested defaulters. +func RegisterDefaults(scheme *runtime.Scheme) error { + return nil +} diff --git a/generated/1.22/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.22/apis/concierge/login/zz_generated.deepcopy.go new file mode 100644 index 00000000..07f4f074 --- /dev/null +++ b/generated/1.22/apis/concierge/login/zz_generated.deepcopy.go @@ -0,0 +1,134 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package login + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterCredential) DeepCopyInto(out *ClusterCredential) { + *out = *in + in.ExpirationTimestamp.DeepCopyInto(&out.ExpirationTimestamp) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCredential. +func (in *ClusterCredential) DeepCopy() *ClusterCredential { + if in == nil { + return nil + } + out := new(ClusterCredential) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequest) DeepCopyInto(out *TokenCredentialRequest) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequest. +func (in *TokenCredentialRequest) DeepCopy() *TokenCredentialRequest { + if in == nil { + return nil + } + out := new(TokenCredentialRequest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TokenCredentialRequest) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestList) DeepCopyInto(out *TokenCredentialRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]TokenCredentialRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestList. +func (in *TokenCredentialRequestList) DeepCopy() *TokenCredentialRequestList { + if in == nil { + return nil + } + out := new(TokenCredentialRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { + *out = *in + in.Authenticator.DeepCopyInto(&out.Authenticator) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestSpec. +func (in *TokenCredentialRequestSpec) DeepCopy() *TokenCredentialRequestSpec { + if in == nil { + return nil + } + out := new(TokenCredentialRequestSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestStatus) DeepCopyInto(out *TokenCredentialRequestStatus) { + *out = *in + if in.Credential != nil { + in, out := &in.Credential, &out.Credential + *out = new(ClusterCredential) + (*in).DeepCopyInto(*out) + } + if in.Message != nil { + in, out := &in.Message, &out.Message + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestStatus. +func (in *TokenCredentialRequestStatus) DeepCopy() *TokenCredentialRequestStatus { + if in == nil { + return nil + } + out := new(TokenCredentialRequestStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.22/apis/go.mod b/generated/1.22/apis/go.mod new file mode 100644 index 00000000..63226535 --- /dev/null +++ b/generated/1.22/apis/go.mod @@ -0,0 +1,9 @@ +// This go.mod file is generated by ./hack/codegen.sh. +module go.pinniped.dev/generated/1.22/apis + +go 1.13 + +require ( + k8s.io/api v0.22.6 + k8s.io/apimachinery v0.22.6 +) diff --git a/generated/1.22/apis/go.sum b/generated/1.22/apis/go.sum new file mode 100644 index 00000000..e2526f09 --- /dev/null +++ b/generated/1.22/apis/go.sum @@ -0,0 +1,221 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= +github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= +github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= +github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= +github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/evanphx/json-patch v4.11.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= +github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= +github.com/go-logr/logr v0.4.0 h1:K7/B1jt6fIBQVd4Owv2MqGQClcgf0R266+7C/QjRcLc= +github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= +github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= +github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= +github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= +github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97DwqyJO1AENw9kA= +github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= +github.com/json-iterator/go v1.1.11 h1:uVUAXhF2To8cbw/3xN3pxj6kk7TYKs98NIrTqPlMWAQ= +github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI= +github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= +github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= +github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= +github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= +github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= +github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= +github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20211209124913-491a49abca63 h1:iocB37TsdFuN6IBRZ+ry36wrkoV51/tl5vOWqkcPGvY= +golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +k8s.io/api v0.22.6 h1:acjE5ABt0KpsBI9QCtLqaQEPSF94jOtE/LoFxSYasSE= +k8s.io/api v0.22.6/go.mod h1:q1F7IfaNrbi/83ebLy3YFQYLjPSNyunZ/IXQxMmbwCg= +k8s.io/apimachinery v0.22.6 h1:z7vxNRkFX0NToA+8D17kzLZ/T4t+DqwzUlqqbqRepRs= +k8s.io/apimachinery v0.22.6/go.mod h1:ZvVLP5iLhwVFg2Yx9Gh5W0um0DUauExbRhe+2Z8I1EU= +k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= +k8s.io/klog/v2 v2.9.0 h1:D7HV+n1V57XeZ0m6tdRkfknthUaM06VFbWldOFh8kzM= +k8s.io/klog/v2 v2.9.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= +k8s.io/kube-openapi v0.0.0-20211109043538-20434351676c/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= +sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= +sigs.k8s.io/structured-merge-diff/v4 v4.2.1 h1:bKCqE9GvQ5tiVHn5rfn1r+yao3aLQEaLzkkmAkf+A6Y= +sigs.k8s.io/structured-merge-diff/v4 v4.2.1/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= +sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= +sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/generated/1.22/apis/supervisor/config/v1alpha1/doc.go b/generated/1.22/apis/supervisor/config/v1alpha1/doc.go new file mode 100644 index 00000000..89051782 --- /dev/null +++ b/generated/1.22/apis/supervisor/config/v1alpha1/doc.go @@ -0,0 +1,11 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:conversion-gen=go.pinniped.dev/generated/1.22/apis/supervisor/config +// +k8s:defaulter-gen=TypeMeta +// +groupName=config.supervisor.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuration API. +package v1alpha1 diff --git a/generated/1.22/apis/supervisor/config/v1alpha1/register.go b/generated/1.22/apis/supervisor/config/v1alpha1/register.go new file mode 100644 index 00000000..69045298 --- /dev/null +++ b/generated/1.22/apis/supervisor/config/v1alpha1/register.go @@ -0,0 +1,43 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "config.supervisor.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &FederationDomain{}, + &FederationDomainList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.22/apis/supervisor/config/v1alpha1/types_federationdomain.go b/generated/1.22/apis/supervisor/config/v1alpha1/types_federationdomain.go new file mode 100644 index 00000000..e92303a9 --- /dev/null +++ b/generated/1.22/apis/supervisor/config/v1alpha1/types_federationdomain.go @@ -0,0 +1,134 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +kubebuilder:validation:Enum=Success;Duplicate;Invalid;SameIssuerHostMustUseSameSecret +type FederationDomainStatusCondition string + +const ( + SuccessFederationDomainStatusCondition = FederationDomainStatusCondition("Success") + DuplicateFederationDomainStatusCondition = FederationDomainStatusCondition("Duplicate") + SameIssuerHostMustUseSameSecretFederationDomainStatusCondition = FederationDomainStatusCondition("SameIssuerHostMustUseSameSecret") + InvalidFederationDomainStatusCondition = FederationDomainStatusCondition("Invalid") +) + +// FederationDomainTLSSpec is a struct that describes the TLS configuration for an OIDC Provider. +type FederationDomainTLSSpec struct { + // SecretName is an optional name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains + // the TLS serving certificate for the HTTPS endpoints served by this FederationDomain. When provided, the TLS Secret + // named here must contain keys named `tls.crt` and `tls.key` that contain the certificate and private key to use + // for TLS. + // + // Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) supported by all major browsers. + // + // SecretName is required if you would like to use different TLS certificates for issuers of different hostnames. + // SNI requests do not include port numbers, so all issuers with the same DNS hostname must use the same + // SecretName value even if they have different port numbers. + // + // SecretName is not required when you would like to use only the HTTP endpoints (e.g. when terminating TLS at an + // Ingress). It is also not required when you would like all requests to this OIDC Provider's HTTPS endpoints to + // use the default TLS certificate, which is configured elsewhere. + // + // When your Issuer URL's host is an IP address, then this field is ignored. SNI does not work for IP addresses. + // + // +optional + SecretName string `json:"secretName,omitempty"` +} + +// FederationDomainSpec is a struct that describes an OIDC Provider. +type FederationDomainSpec struct { + // Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the + // identifier that it will use for the iss claim in issued JWTs. This field will also be used as + // the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is + // https://example.com/foo, then your authorization endpoint will look like + // https://example.com/foo/some/path/to/auth/endpoint). + // + // See + // https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. + // +kubebuilder:validation:MinLength=1 + Issuer string `json:"issuer"` + + // TLS configures how this FederationDomain is served over Transport Layer Security (TLS). + // +optional + TLS *FederationDomainTLSSpec `json:"tls,omitempty"` +} + +// FederationDomainSecrets holds information about this OIDC Provider's secrets. +type FederationDomainSecrets struct { + // JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are + // stored. If it is empty, then the signing/verification keys are either unknown or they don't + // exist. + // +optional + JWKS corev1.LocalObjectReference `json:"jwks,omitempty"` + + // TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + // signing tokens is stored. + // +optional + TokenSigningKey corev1.LocalObjectReference `json:"tokenSigningKey,omitempty"` + + // StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + // signing state parameters is stored. + // +optional + StateSigningKey corev1.LocalObjectReference `json:"stateSigningKey,omitempty"` + + // StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + // encrypting state parameters is stored. + // +optional + StateEncryptionKey corev1.LocalObjectReference `json:"stateEncryptionKey,omitempty"` +} + +// FederationDomainStatus is a struct that describes the actual state of an OIDC Provider. +type FederationDomainStatus struct { + // Status holds an enum that describes the state of this OIDC Provider. Note that this Status can + // represent success or failure. + // +optional + Status FederationDomainStatusCondition `json:"status,omitempty"` + + // Message provides human-readable details about the Status. + // +optional + Message string `json:"message,omitempty"` + + // LastUpdateTime holds the time at which the Status was last updated. It is a pointer to get + // around some undesirable behavior with respect to the empty metav1.Time value (see + // https://github.com/kubernetes/kubernetes/issues/86811). + // +optional + LastUpdateTime *metav1.Time `json:"lastUpdateTime,omitempty"` + + // Secrets contains information about this OIDC Provider's secrets. + // +optional + Secrets FederationDomainSecrets `json:"secrets,omitempty"` +} + +// FederationDomain describes the configuration of an OIDC provider. +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped +// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer` +// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.status` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type FederationDomain struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec of the OIDC provider. + Spec FederationDomainSpec `json:"spec"` + + // Status of the OIDC provider. + Status FederationDomainStatus `json:"status,omitempty"` +} + +// List of FederationDomain objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type FederationDomainList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []FederationDomain `json:"items"` +} diff --git a/generated/1.22/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.22/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..856b8988 --- /dev/null +++ b/generated/1.22/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,152 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomain) DeepCopyInto(out *FederationDomain) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomain. +func (in *FederationDomain) DeepCopy() *FederationDomain { + if in == nil { + return nil + } + out := new(FederationDomain) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *FederationDomain) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomainList) DeepCopyInto(out *FederationDomainList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]FederationDomain, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainList. +func (in *FederationDomainList) DeepCopy() *FederationDomainList { + if in == nil { + return nil + } + out := new(FederationDomainList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *FederationDomainList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomainSecrets) DeepCopyInto(out *FederationDomainSecrets) { + *out = *in + out.JWKS = in.JWKS + out.TokenSigningKey = in.TokenSigningKey + out.StateSigningKey = in.StateSigningKey + out.StateEncryptionKey = in.StateEncryptionKey + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainSecrets. +func (in *FederationDomainSecrets) DeepCopy() *FederationDomainSecrets { + if in == nil { + return nil + } + out := new(FederationDomainSecrets) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomainSpec) DeepCopyInto(out *FederationDomainSpec) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(FederationDomainTLSSpec) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainSpec. +func (in *FederationDomainSpec) DeepCopy() *FederationDomainSpec { + if in == nil { + return nil + } + out := new(FederationDomainSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomainStatus) DeepCopyInto(out *FederationDomainStatus) { + *out = *in + if in.LastUpdateTime != nil { + in, out := &in.LastUpdateTime, &out.LastUpdateTime + *out = (*in).DeepCopy() + } + out.Secrets = in.Secrets + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainStatus. +func (in *FederationDomainStatus) DeepCopy() *FederationDomainStatus { + if in == nil { + return nil + } + out := new(FederationDomainStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomainTLSSpec) DeepCopyInto(out *FederationDomainTLSSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainTLSSpec. +func (in *FederationDomainTLSSpec) DeepCopy() *FederationDomainTLSSpec { + if in == nil { + return nil + } + out := new(FederationDomainTLSSpec) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.22/apis/supervisor/idp/v1alpha1/doc.go b/generated/1.22/apis/supervisor/idp/v1alpha1/doc.go new file mode 100644 index 00000000..a9e91c47 --- /dev/null +++ b/generated/1.22/apis/supervisor/idp/v1alpha1/doc.go @@ -0,0 +1,11 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:defaulter-gen=TypeMeta +// +groupName=idp.supervisor.pinniped.dev +// +groupGoName=IDP + +// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor identity provider (IDP) API. +package v1alpha1 diff --git a/generated/1.22/apis/supervisor/idp/v1alpha1/register.go b/generated/1.22/apis/supervisor/idp/v1alpha1/register.go new file mode 100644 index 00000000..8829a863 --- /dev/null +++ b/generated/1.22/apis/supervisor/idp/v1alpha1/register.go @@ -0,0 +1,47 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "idp.supervisor.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &OIDCIdentityProvider{}, + &OIDCIdentityProviderList{}, + &LDAPIdentityProvider{}, + &LDAPIdentityProviderList{}, + &ActiveDirectoryIdentityProvider{}, + &ActiveDirectoryIdentityProviderList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.22/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/1.22/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go new file mode 100644 index 00000000..18626629 --- /dev/null +++ b/generated/1.22/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go @@ -0,0 +1,207 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type ActiveDirectoryIdentityProviderPhase string + +const ( + // ActiveDirectoryPhasePending is the default phase for newly-created ActiveDirectoryIdentityProvider resources. + ActiveDirectoryPhasePending ActiveDirectoryIdentityProviderPhase = "Pending" + + // ActiveDirectoryPhaseReady is the phase for an ActiveDirectoryIdentityProvider resource in a healthy state. + ActiveDirectoryPhaseReady ActiveDirectoryIdentityProviderPhase = "Ready" + + // ActiveDirectoryPhaseError is the phase for an ActiveDirectoryIdentityProvider in an unhealthy state. + ActiveDirectoryPhaseError ActiveDirectoryIdentityProviderPhase = "Error" +) + +// Status of an Active Directory identity provider. +type ActiveDirectoryIdentityProviderStatus struct { + // Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + // +kubebuilder:default=Pending + // +kubebuilder:validation:Enum=Pending;Ready;Error + Phase ActiveDirectoryIdentityProviderPhase `json:"phase,omitempty"` + + // Represents the observations of an identity provider's current state. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} + +type ActiveDirectoryIdentityProviderBind struct { + // SecretName contains the name of a namespace-local Secret object that provides the username and + // password for an Active Directory bind user. This account will be used to perform LDAP searches. The Secret should be + // of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value + // should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". + // The password must be non-empty. + // +kubebuilder:validation:MinLength=1 + SecretName string `json:"secretName"` +} + +type ActiveDirectoryIdentityProviderUserSearchAttributes struct { + // Username specifies the name of the attribute in Active Directory entry whose value shall become the username + // of the user after a successful authentication. + // Optional, when empty this defaults to "userPrincipalName". + // +optional + Username string `json:"username,omitempty"` + + // UID specifies the name of the attribute in the ActiveDirectory entry which whose value shall be used to uniquely + // identify the user within this ActiveDirectory provider after a successful authentication. + // Optional, when empty this defaults to "objectGUID". + // +optional + UID string `json:"uid,omitempty"` +} + +type ActiveDirectoryIdentityProviderGroupSearchAttributes struct { + // GroupName specifies the name of the attribute in the Active Directory entries whose value shall become a group name + // in the user's list of groups after a successful authentication. + // The value of this field is case-sensitive and must match the case of the attribute name returned by the ActiveDirectory + // server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". + // Optional. When not specified, this defaults to a custom field that looks like "sAMAccountName@domain", + // where domain is constructed from the domain components of the group DN. + // +optional + GroupName string `json:"groupName,omitempty"` +} + +type ActiveDirectoryIdentityProviderUserSearch struct { + // Base is the dn (distinguished name) that should be used as the search base when searching for users. + // E.g. "ou=users,dc=example,dc=com". + // Optional, when not specified it will be based on the result of a query for the defaultNamingContext + // (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). + // The default behavior searches your entire domain for users. + // It may make sense to specify a subtree as a search base if you wish to exclude some users + // or to make searches faster. + // +optional + Base string `json:"base,omitempty"` + + // Filter is the search filter which should be applied when searching for users. The pattern "{}" must occur + // in the filter at least once and will be dynamically replaced by the username for which the search is being run. + // E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see + // https://ldap.com/ldap-filters. + // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + // Optional. When not specified, the default will be + // '(&(objectClass=person)(!(objectClass=computer))(!(showInAdvancedViewOnly=TRUE))(|(sAMAccountName={}")(mail={})(userPrincipalName={})(sAMAccountType=805306368))' + // This means that the user is a person, is not a computer, the sAMAccountType is for a normal user account, + // and is not shown in advanced view only + // (which would likely mean its a system created service account with advanced permissions). + // Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. + // +optional + Filter string `json:"filter,omitempty"` + + // Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as + // the result of the user search. + // +optional + Attributes ActiveDirectoryIdentityProviderUserSearchAttributes `json:"attributes,omitempty"` +} + +type ActiveDirectoryIdentityProviderGroupSearch struct { + // Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. + // "ou=groups,dc=example,dc=com". + // Optional, when not specified it will be based on the result of a query for the defaultNamingContext + // (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). + // The default behavior searches your entire domain for groups. + // It may make sense to specify a subtree as a search base if you wish to exclude some groups + // for security reasons or to make searches faster. + // +optional + Base string `json:"base,omitempty"` + + // Filter is the ActiveDirectory search filter which should be applied when searching for groups for a user. + // The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the + // dn (distinguished name) of the user entry found as a result of the user search. E.g. "member={}" or + // "&(objectClass=groupOfNames)(member={})". For more information about ActiveDirectory filters, see + // https://ldap.com/ldap-filters. + // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + // Optional. When not specified, the default will act as if the filter were specified as + // "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={})". + // This searches nested groups by default. + // Note that nested group search can be slow for some Active Directory servers. To disable it, + // you can set the filter to + // "(&(objectClass=group)(member={})" + // +optional + Filter string `json:"filter,omitempty"` + + // Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as + // the result of the group search. + // +optional + Attributes ActiveDirectoryIdentityProviderGroupSearchAttributes `json:"attributes,omitempty"` + + // The user's group membership is refreshed as they interact with the supervisor + // to obtain new credentials (as their old credentials expire). This allows group + // membership changes to be quickly reflected into Kubernetes clusters. Since + // group membership is often used to bind authorization policies, it is important + // to keep the groups observed in Kubernetes clusters in-sync with the identity + // provider. + // + // In some environments, frequent group membership queries may result in a + // significant performance impact on the identity provider and/or the supervisor. + // The best approach to handle performance impacts is to tweak the group query + // to be more performant, for example by disabling nested group search or by + // using a more targeted group search base. + // + // If the group search query cannot be made performant and you are willing to + // have group memberships remain static for approximately a day, then set + // skipGroupRefresh to true. This is an insecure configuration as authorization + // policies that are bound to group membership will not notice if a user has + // been removed from a particular group until their next login. + // + // This is an experimental feature that may be removed or significantly altered + // in the future. Consumers of this configuration should carefully read all + // release notes before upgrading to ensure that the meaning of this field has + // not changed. + SkipGroupRefresh bool `json:"skipGroupRefresh,omitempty"` +} + +// Spec for configuring an ActiveDirectory identity provider. +type ActiveDirectoryIdentityProviderSpec struct { + // Host is the hostname of this Active Directory identity provider, i.e., where to connect. For example: ldap.example.com:636. + // +kubebuilder:validation:MinLength=1 + Host string `json:"host"` + + // TLS contains the connection settings for how to establish the connection to the Host. + TLS *TLSSpec `json:"tls,omitempty"` + + // Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server + // to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + Bind ActiveDirectoryIdentityProviderBind `json:"bind,omitempty"` + + // UserSearch contains the configuration for searching for a user by name in Active Directory. + UserSearch ActiveDirectoryIdentityProviderUserSearch `json:"userSearch,omitempty"` + + // GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. + GroupSearch ActiveDirectoryIdentityProviderGroupSearch `json:"groupSearch,omitempty"` +} + +// ActiveDirectoryIdentityProvider describes the configuration of an upstream Microsoft Active Directory identity provider. +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps +// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=`.spec.host` +// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type ActiveDirectoryIdentityProvider struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec for configuring the identity provider. + Spec ActiveDirectoryIdentityProviderSpec `json:"spec"` + + // Status of the identity provider. + Status ActiveDirectoryIdentityProviderStatus `json:"status,omitempty"` +} + +// List of ActiveDirectoryIdentityProvider objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type ActiveDirectoryIdentityProviderList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []ActiveDirectoryIdentityProvider `json:"items"` +} diff --git a/generated/1.22/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/1.22/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go new file mode 100644 index 00000000..09cb843d --- /dev/null +++ b/generated/1.22/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go @@ -0,0 +1,196 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type LDAPIdentityProviderPhase string + +const ( + // LDAPPhasePending is the default phase for newly-created LDAPIdentityProvider resources. + LDAPPhasePending LDAPIdentityProviderPhase = "Pending" + + // LDAPPhaseReady is the phase for an LDAPIdentityProvider resource in a healthy state. + LDAPPhaseReady LDAPIdentityProviderPhase = "Ready" + + // LDAPPhaseError is the phase for an LDAPIdentityProvider in an unhealthy state. + LDAPPhaseError LDAPIdentityProviderPhase = "Error" +) + +// Status of an LDAP identity provider. +type LDAPIdentityProviderStatus struct { + // Phase summarizes the overall status of the LDAPIdentityProvider. + // +kubebuilder:default=Pending + // +kubebuilder:validation:Enum=Pending;Ready;Error + Phase LDAPIdentityProviderPhase `json:"phase,omitempty"` + + // Represents the observations of an identity provider's current state. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} + +type LDAPIdentityProviderBind struct { + // SecretName contains the name of a namespace-local Secret object that provides the username and + // password for an LDAP bind user. This account will be used to perform LDAP searches. The Secret should be + // of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value + // should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". + // The password must be non-empty. + // +kubebuilder:validation:MinLength=1 + SecretName string `json:"secretName"` +} + +type LDAPIdentityProviderUserSearchAttributes struct { + // Username specifies the name of the attribute in the LDAP entry whose value shall become the username + // of the user after a successful authentication. This would typically be the same attribute name used in + // the user search filter, although it can be different. E.g. "mail" or "uid" or "userPrincipalName". + // The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP + // server in the user's entry. Distinguished names can be used by specifying lower-case "dn". When this field + // is set to "dn" then the LDAPIdentityProviderUserSearch's Filter field cannot be blank, since the default + // value of "dn={}" would not work. + // +kubebuilder:validation:MinLength=1 + Username string `json:"username,omitempty"` + + // UID specifies the name of the attribute in the LDAP entry which whose value shall be used to uniquely + // identify the user within this LDAP provider after a successful authentication. E.g. "uidNumber" or "objectGUID". + // The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP + // server in the user's entry. Distinguished names can be used by specifying lower-case "dn". + // +kubebuilder:validation:MinLength=1 + UID string `json:"uid,omitempty"` +} + +type LDAPIdentityProviderGroupSearchAttributes struct { + // GroupName specifies the name of the attribute in the LDAP entries whose value shall become a group name + // in the user's list of groups after a successful authentication. + // The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP + // server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". + // Optional. When not specified, the default will act as if the GroupName were specified as "dn" (distinguished name). + // +optional + GroupName string `json:"groupName,omitempty"` +} + +type LDAPIdentityProviderUserSearch struct { + // Base is the dn (distinguished name) that should be used as the search base when searching for users. + // E.g. "ou=users,dc=example,dc=com". + // +kubebuilder:validation:MinLength=1 + Base string `json:"base,omitempty"` + + // Filter is the LDAP search filter which should be applied when searching for users. The pattern "{}" must occur + // in the filter at least once and will be dynamically replaced by the username for which the search is being run. + // E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see + // https://ldap.com/ldap-filters. + // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + // Optional. When not specified, the default will act as if the Filter were specified as the value from + // Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be + // explicitly specified, since the default value of "dn={}" would not work. + // +optional + Filter string `json:"filter,omitempty"` + + // Attributes specifies how the user's information should be read from the LDAP entry which was found as + // the result of the user search. + // +optional + Attributes LDAPIdentityProviderUserSearchAttributes `json:"attributes,omitempty"` +} + +type LDAPIdentityProviderGroupSearch struct { + // Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. + // "ou=groups,dc=example,dc=com". When not specified, no group search will be performed and + // authenticated users will not belong to any groups from the LDAP provider. Also, when not specified, + // the values of Filter and Attributes are ignored. + // +optional + Base string `json:"base,omitempty"` + + // Filter is the LDAP search filter which should be applied when searching for groups for a user. + // The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the + // dn (distinguished name) of the user entry found as a result of the user search. E.g. "member={}" or + // "&(objectClass=groupOfNames)(member={})". For more information about LDAP filters, see + // https://ldap.com/ldap-filters. + // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + // Optional. When not specified, the default will act as if the Filter were specified as "member={}". + // +optional + Filter string `json:"filter,omitempty"` + + // Attributes specifies how the group's information should be read from each LDAP entry which was found as + // the result of the group search. + // +optional + Attributes LDAPIdentityProviderGroupSearchAttributes `json:"attributes,omitempty"` + + // The user's group membership is refreshed as they interact with the supervisor + // to obtain new credentials (as their old credentials expire). This allows group + // membership changes to be quickly reflected into Kubernetes clusters. Since + // group membership is often used to bind authorization policies, it is important + // to keep the groups observed in Kubernetes clusters in-sync with the identity + // provider. + // + // In some environments, frequent group membership queries may result in a + // significant performance impact on the identity provider and/or the supervisor. + // The best approach to handle performance impacts is to tweak the group query + // to be more performant, for example by disabling nested group search or by + // using a more targeted group search base. + // + // If the group search query cannot be made performant and you are willing to + // have group memberships remain static for approximately a day, then set + // skipGroupRefresh to true. This is an insecure configuration as authorization + // policies that are bound to group membership will not notice if a user has + // been removed from a particular group until their next login. + // + // This is an experimental feature that may be removed or significantly altered + // in the future. Consumers of this configuration should carefully read all + // release notes before upgrading to ensure that the meaning of this field has + // not changed. + SkipGroupRefresh bool `json:"skipGroupRefresh,omitempty"` +} + +// Spec for configuring an LDAP identity provider. +type LDAPIdentityProviderSpec struct { + // Host is the hostname of this LDAP identity provider, i.e., where to connect. For example: ldap.example.com:636. + // +kubebuilder:validation:MinLength=1 + Host string `json:"host"` + + // TLS contains the connection settings for how to establish the connection to the Host. + TLS *TLSSpec `json:"tls,omitempty"` + + // Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server + // to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + Bind LDAPIdentityProviderBind `json:"bind,omitempty"` + + // UserSearch contains the configuration for searching for a user by name in the LDAP provider. + UserSearch LDAPIdentityProviderUserSearch `json:"userSearch,omitempty"` + + // GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. + GroupSearch LDAPIdentityProviderGroupSearch `json:"groupSearch,omitempty"` +} + +// LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access +// Protocol (LDAP) identity provider. +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps +// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=`.spec.host` +// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type LDAPIdentityProvider struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec for configuring the identity provider. + Spec LDAPIdentityProviderSpec `json:"spec"` + + // Status of the identity provider. + Status LDAPIdentityProviderStatus `json:"status,omitempty"` +} + +// List of LDAPIdentityProvider objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type LDAPIdentityProviderList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []LDAPIdentityProvider `json:"items"` +} diff --git a/generated/1.22/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/1.22/apis/supervisor/idp/v1alpha1/types_meta.go new file mode 100644 index 00000000..76a7d547 --- /dev/null +++ b/generated/1.22/apis/supervisor/idp/v1alpha1/types_meta.go @@ -0,0 +1,75 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// ConditionStatus is effectively an enum type for Condition.Status. +type ConditionStatus string + +// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. +// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes +// can't decide if a resource is in the condition or not. In the future, we could add other +// intermediate conditions, e.g. ConditionDegraded. +const ( + ConditionTrue ConditionStatus = "True" + ConditionFalse ConditionStatus = "False" + ConditionUnknown ConditionStatus = "Unknown" +) + +// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API +// version we can switch to using the upstream type. +// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. +type Condition struct { + // type of condition in CamelCase or in foo.example.com/CamelCase. + // --- + // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + // useful (see .node.status.conditions), the ability to deconflict is important. + // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` + // +kubebuilder:validation:MaxLength=316 + Type string `json:"type"` + + // status of the condition, one of True, False, Unknown. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Enum=True;False;Unknown + Status ConditionStatus `json:"status"` + + // observedGeneration represents the .metadata.generation that the condition was set based upon. + // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + // with respect to the current state of the instance. + // +optional + // +kubebuilder:validation:Minimum=0 + ObservedGeneration int64 `json:"observedGeneration,omitempty"` + + // lastTransitionTime is the last time the condition transitioned from one status to another. + // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Type=string + // +kubebuilder:validation:Format=date-time + LastTransitionTime metav1.Time `json:"lastTransitionTime"` + + // reason contains a programmatic identifier indicating the reason for the condition's last transition. + // Producers of specific condition types may define expected values and meanings for this field, + // and whether the values are considered a guaranteed API. + // The value should be a CamelCase string. + // This field may not be empty. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:MaxLength=1024 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` + Reason string `json:"reason"` + + // message is a human readable message indicating details about the transition. + // This may be an empty string. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:MaxLength=32768 + Message string `json:"message"` +} diff --git a/generated/1.22/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/1.22/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go new file mode 100644 index 00000000..798275a9 --- /dev/null +++ b/generated/1.22/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go @@ -0,0 +1,206 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type OIDCIdentityProviderPhase string + +const ( + // PhasePending is the default phase for newly-created OIDCIdentityProvider resources. + PhasePending OIDCIdentityProviderPhase = "Pending" + + // PhaseReady is the phase for an OIDCIdentityProvider resource in a healthy state. + PhaseReady OIDCIdentityProviderPhase = "Ready" + + // PhaseError is the phase for an OIDCIdentityProvider in an unhealthy state. + PhaseError OIDCIdentityProviderPhase = "Error" +) + +// OIDCIdentityProviderStatus is the status of an OIDC identity provider. +type OIDCIdentityProviderStatus struct { + // Phase summarizes the overall status of the OIDCIdentityProvider. + // +kubebuilder:default=Pending + // +kubebuilder:validation:Enum=Pending;Ready;Error + Phase OIDCIdentityProviderPhase `json:"phase,omitempty"` + + // Represents the observations of an identity provider's current state. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} + +// OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization +// request parameters. +type OIDCAuthorizationConfig struct { + // additionalScopes are the additional scopes that will be requested from your OIDC provider in the authorization + // request during an OIDC Authorization Code Flow and in the token request during a Resource Owner Password Credentials + // Grant. Note that the "openid" scope will always be requested regardless of the value in this setting, since it is + // always required according to the OIDC spec. By default, when this field is not set, the Supervisor will request + // the following scopes: "openid", "offline_access", "email", and "profile". See + // https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims for a description of the "profile" and "email" + // scopes. See https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess for a description of the + // "offline_access" scope. This default value may change in future versions of Pinniped as the standard evolves, + // or as common patterns used by providers who implement the standard in the ecosystem evolve. + // By setting this list to anything other than an empty list, you are overriding the + // default value, so you may wish to include some of "offline_access", "email", and "profile" in your override list. + // If you do not want any of these scopes to be requested, you may set this list to contain only "openid". + // Some OIDC providers may also require a scope to get access to the user's group membership, in which case you + // may wish to include it in this list. Sometimes the scope to request the user's group membership is called + // "groups", but unfortunately this is not specified in the OIDC standard. + // Generally speaking, you should include any scopes required to cause the appropriate claims to be the returned by + // your OIDC provider in the ID token or userinfo endpoint results for those claims which you would like to use in + // the oidcClaims settings to determine the usernames and group memberships of your Kubernetes users. See + // your OIDC provider's documentation for more information about what scopes are available to request claims. + // Additionally, the Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the Supervisor + // from these authorization flows. For most OIDC providers, the scope required to receive refresh tokens will be + // "offline_access". See the documentation of your OIDC provider's authorization and token endpoints for its + // requirements for what to include in the request in order to receive a refresh token in the response, if anything. + // Note that it may be safe to send "offline_access" even to providers which do not require it, since the provider + // may ignore scopes that it does not understand or require (see + // https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the + // "offline_access" scope, then you must override the default value of this setting. This is required if your OIDC + // provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). + // +optional + AdditionalScopes []string `json:"additionalScopes,omitempty"` + + // additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your + // OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra + // parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", + // "state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be + // included in this setting. Additionally, the "hd" parameter cannot be included in this setting at this time. + // The "hd" parameter is used by Google's OIDC provider to provide a hint as to which "hosted domain" the user + // should use during login. However, Pinniped does not yet support validating the hosted domain in the resulting + // ID token, so it is not yet safe to use this feature of Google's OIDC provider with Pinniped. + // This setting does not influence the parameters sent to the token endpoint in the Resource Owner Password + // Credentials Grant. The Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the + // Supervisor from the authorization flows. Some OIDC providers may require a certain value for the "prompt" + // parameter in order to properly request refresh tokens. See the documentation of your OIDC provider's + // authorization endpoint for its requirements for what to include in the request in order to receive a refresh + // token in the response, if anything. If your provider requires the prompt parameter to request a refresh token, + // then include it here. Also note that most providers also require a certain scope to be requested in order to + // receive refresh tokens. See the additionalScopes setting for more information about using scopes to request + // refresh tokens. + // +optional + // +patchMergeKey=name + // +patchStrategy=merge + // +listType=map + // +listMapKey=name + AdditionalAuthorizeParameters []Parameter `json:"additionalAuthorizeParameters,omitempty"` + + // allowPasswordGrant, when true, will allow the use of OAuth 2.0's Resource Owner Password Credentials Grant + // (see https://datatracker.ietf.org/doc/html/rfc6749#section-4.3) to authenticate to the OIDC provider using a + // username and password without a web browser, in addition to the usual browser-based OIDC Authorization Code Flow. + // The Resource Owner Password Credentials Grant is not officially part of the OIDC specification, so it may not be + // supported by your OIDC provider. If your OIDC provider supports returning ID tokens from a Resource Owner Password + // Credentials Grant token request, then you can choose to set this field to true. This will allow end users to choose + // to present their username and password to the kubectl CLI (using the Pinniped plugin) to authenticate to the + // cluster, without using a web browser to log in as is customary in OIDC Authorization Code Flow. This may be + // convenient for users, especially for identities from your OIDC provider which are not intended to represent a human + // actor, such as service accounts performing actions in a CI/CD environment. Even if your OIDC provider supports it, + // you may wish to disable this behavior by setting this field to false when you prefer to only allow users of this + // OIDCIdentityProvider to log in via the browser-based OIDC Authorization Code Flow. Using the Resource Owner Password + // Credentials Grant means that the Pinniped CLI and Pinniped Supervisor will directly handle your end users' passwords + // (similar to LDAPIdentityProvider), and you will not be able to require multi-factor authentication or use the other + // web-based login features of your OIDC provider during Resource Owner Password Credentials Grant logins. + // allowPasswordGrant defaults to false. + // +optional + AllowPasswordGrant bool `json:"allowPasswordGrant,omitempty"` +} + +// Parameter is a key/value pair which represents a parameter in an HTTP request. +type Parameter struct { + // The name of the parameter. Required. + // +kubebuilder:validation:MinLength=1 + Name string `json:"name"` + + // The value of the parameter. + // +optional + Value string `json:"value,omitempty"` +} + +// OIDCClaims provides a mapping from upstream claims into identities. +type OIDCClaims struct { + // Groups provides the name of the ID token claim or userinfo endpoint response claim that will be used to ascertain + // the groups to which an identity belongs. By default, the identities will not include any group memberships when + // this setting is not configured. + // +optional + Groups string `json:"groups"` + + // Username provides the name of the ID token claim or userinfo endpoint response claim that will be used to + // ascertain an identity's username. When not set, the username will be an automatically constructed unique string + // which will include the issuer URL of your OIDC provider along with the value of the "sub" (subject) claim from + // the ID token. + // +optional + Username string `json:"username"` +} + +// OIDCClient contains information about an OIDC client (e.g., client ID and client +// secret). +type OIDCClient struct { + // SecretName contains the name of a namespace-local Secret object that provides the clientID and + // clientSecret for an OIDC client. If only the SecretName is specified in an OIDCClient + // struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oidc-client" with keys + // "clientID" and "clientSecret". + SecretName string `json:"secretName"` +} + +// OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. +type OIDCIdentityProviderSpec struct { + // Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch + // /.well-known/openid-configuration. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://` + Issuer string `json:"issuer"` + + // TLS configuration for discovery/JWKS requests to the issuer. + // +optional + TLS *TLSSpec `json:"tls,omitempty"` + + // AuthorizationConfig holds information about how to form the OAuth2 authorization request + // parameters to be used with this OIDC identity provider. + // +optional + AuthorizationConfig OIDCAuthorizationConfig `json:"authorizationConfig,omitempty"` + + // Claims provides the names of token claims that will be used when inspecting an identity from + // this OIDC identity provider. + // +optional + Claims OIDCClaims `json:"claims"` + + // OIDCClient contains OIDC client information to be used used with this OIDC identity + // provider. + Client OIDCClient `json:"client"` +} + +// OIDCIdentityProvider describes the configuration of an upstream OpenID Connect identity provider. +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps +// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer` +// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type OIDCIdentityProvider struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec for configuring the identity provider. + Spec OIDCIdentityProviderSpec `json:"spec"` + + // Status of the identity provider. + Status OIDCIdentityProviderStatus `json:"status,omitempty"` +} + +// OIDCIdentityProviderList lists OIDCIdentityProvider objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCIdentityProviderList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []OIDCIdentityProvider `json:"items"` +} diff --git a/generated/1.22/apis/supervisor/idp/v1alpha1/types_tls.go b/generated/1.22/apis/supervisor/idp/v1alpha1/types_tls.go new file mode 100644 index 00000000..1413a262 --- /dev/null +++ b/generated/1.22/apis/supervisor/idp/v1alpha1/types_tls.go @@ -0,0 +1,11 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +// Configuration for TLS parameters related to identity provider integration. +type TLSSpec struct { + // X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + // +optional + CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` +} diff --git a/generated/1.22/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.22/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..5f5be6f3 --- /dev/null +++ b/generated/1.22/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,608 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProvider) DeepCopyInto(out *ActiveDirectoryIdentityProvider) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProvider. +func (in *ActiveDirectoryIdentityProvider) DeepCopy() *ActiveDirectoryIdentityProvider { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProvider) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ActiveDirectoryIdentityProvider) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderBind) DeepCopyInto(out *ActiveDirectoryIdentityProviderBind) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderBind. +func (in *ActiveDirectoryIdentityProviderBind) DeepCopy() *ActiveDirectoryIdentityProviderBind { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderBind) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderGroupSearch) DeepCopyInto(out *ActiveDirectoryIdentityProviderGroupSearch) { + *out = *in + out.Attributes = in.Attributes + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderGroupSearch. +func (in *ActiveDirectoryIdentityProviderGroupSearch) DeepCopy() *ActiveDirectoryIdentityProviderGroupSearch { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderGroupSearch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderGroupSearchAttributes) DeepCopyInto(out *ActiveDirectoryIdentityProviderGroupSearchAttributes) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderGroupSearchAttributes. +func (in *ActiveDirectoryIdentityProviderGroupSearchAttributes) DeepCopy() *ActiveDirectoryIdentityProviderGroupSearchAttributes { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderGroupSearchAttributes) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderList) DeepCopyInto(out *ActiveDirectoryIdentityProviderList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ActiveDirectoryIdentityProvider, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderList. +func (in *ActiveDirectoryIdentityProviderList) DeepCopy() *ActiveDirectoryIdentityProviderList { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ActiveDirectoryIdentityProviderList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderSpec) DeepCopyInto(out *ActiveDirectoryIdentityProviderSpec) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(TLSSpec) + **out = **in + } + out.Bind = in.Bind + out.UserSearch = in.UserSearch + out.GroupSearch = in.GroupSearch + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderSpec. +func (in *ActiveDirectoryIdentityProviderSpec) DeepCopy() *ActiveDirectoryIdentityProviderSpec { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderStatus) DeepCopyInto(out *ActiveDirectoryIdentityProviderStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderStatus. +func (in *ActiveDirectoryIdentityProviderStatus) DeepCopy() *ActiveDirectoryIdentityProviderStatus { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderUserSearch) DeepCopyInto(out *ActiveDirectoryIdentityProviderUserSearch) { + *out = *in + out.Attributes = in.Attributes + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderUserSearch. +func (in *ActiveDirectoryIdentityProviderUserSearch) DeepCopy() *ActiveDirectoryIdentityProviderUserSearch { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderUserSearch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopyInto(out *ActiveDirectoryIdentityProviderUserSearchAttributes) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderUserSearchAttributes. +func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopy() *ActiveDirectoryIdentityProviderUserSearchAttributes { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderUserSearchAttributes) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Condition) DeepCopyInto(out *Condition) { + *out = *in + in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. +func (in *Condition) DeepCopy() *Condition { + if in == nil { + return nil + } + out := new(Condition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProvider) DeepCopyInto(out *LDAPIdentityProvider) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProvider. +func (in *LDAPIdentityProvider) DeepCopy() *LDAPIdentityProvider { + if in == nil { + return nil + } + out := new(LDAPIdentityProvider) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *LDAPIdentityProvider) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderBind) DeepCopyInto(out *LDAPIdentityProviderBind) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderBind. +func (in *LDAPIdentityProviderBind) DeepCopy() *LDAPIdentityProviderBind { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderBind) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderGroupSearch) DeepCopyInto(out *LDAPIdentityProviderGroupSearch) { + *out = *in + out.Attributes = in.Attributes + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderGroupSearch. +func (in *LDAPIdentityProviderGroupSearch) DeepCopy() *LDAPIdentityProviderGroupSearch { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderGroupSearch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderGroupSearchAttributes) DeepCopyInto(out *LDAPIdentityProviderGroupSearchAttributes) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderGroupSearchAttributes. +func (in *LDAPIdentityProviderGroupSearchAttributes) DeepCopy() *LDAPIdentityProviderGroupSearchAttributes { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderGroupSearchAttributes) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderList) DeepCopyInto(out *LDAPIdentityProviderList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]LDAPIdentityProvider, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderList. +func (in *LDAPIdentityProviderList) DeepCopy() *LDAPIdentityProviderList { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *LDAPIdentityProviderList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderSpec) DeepCopyInto(out *LDAPIdentityProviderSpec) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(TLSSpec) + **out = **in + } + out.Bind = in.Bind + out.UserSearch = in.UserSearch + out.GroupSearch = in.GroupSearch + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderSpec. +func (in *LDAPIdentityProviderSpec) DeepCopy() *LDAPIdentityProviderSpec { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderStatus) DeepCopyInto(out *LDAPIdentityProviderStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderStatus. +func (in *LDAPIdentityProviderStatus) DeepCopy() *LDAPIdentityProviderStatus { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderUserSearch) DeepCopyInto(out *LDAPIdentityProviderUserSearch) { + *out = *in + out.Attributes = in.Attributes + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderUserSearch. +func (in *LDAPIdentityProviderUserSearch) DeepCopy() *LDAPIdentityProviderUserSearch { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderUserSearch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderUserSearchAttributes) DeepCopyInto(out *LDAPIdentityProviderUserSearchAttributes) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderUserSearchAttributes. +func (in *LDAPIdentityProviderUserSearchAttributes) DeepCopy() *LDAPIdentityProviderUserSearchAttributes { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderUserSearchAttributes) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCAuthorizationConfig) DeepCopyInto(out *OIDCAuthorizationConfig) { + *out = *in + if in.AdditionalScopes != nil { + in, out := &in.AdditionalScopes, &out.AdditionalScopes + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AdditionalAuthorizeParameters != nil { + in, out := &in.AdditionalAuthorizeParameters, &out.AdditionalAuthorizeParameters + *out = make([]Parameter, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCAuthorizationConfig. +func (in *OIDCAuthorizationConfig) DeepCopy() *OIDCAuthorizationConfig { + if in == nil { + return nil + } + out := new(OIDCAuthorizationConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClaims) DeepCopyInto(out *OIDCClaims) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClaims. +func (in *OIDCClaims) DeepCopy() *OIDCClaims { + if in == nil { + return nil + } + out := new(OIDCClaims) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. +func (in *OIDCClient) DeepCopy() *OIDCClient { + if in == nil { + return nil + } + out := new(OIDCClient) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCIdentityProvider) DeepCopyInto(out *OIDCIdentityProvider) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProvider. +func (in *OIDCIdentityProvider) DeepCopy() *OIDCIdentityProvider { + if in == nil { + return nil + } + out := new(OIDCIdentityProvider) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCIdentityProvider) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCIdentityProviderList) DeepCopyInto(out *OIDCIdentityProviderList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCIdentityProvider, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderList. +func (in *OIDCIdentityProviderList) DeepCopy() *OIDCIdentityProviderList { + if in == nil { + return nil + } + out := new(OIDCIdentityProviderList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCIdentityProviderList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCIdentityProviderSpec) DeepCopyInto(out *OIDCIdentityProviderSpec) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(TLSSpec) + **out = **in + } + in.AuthorizationConfig.DeepCopyInto(&out.AuthorizationConfig) + out.Claims = in.Claims + out.Client = in.Client + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderSpec. +func (in *OIDCIdentityProviderSpec) DeepCopy() *OIDCIdentityProviderSpec { + if in == nil { + return nil + } + out := new(OIDCIdentityProviderSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCIdentityProviderStatus) DeepCopyInto(out *OIDCIdentityProviderStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderStatus. +func (in *OIDCIdentityProviderStatus) DeepCopy() *OIDCIdentityProviderStatus { + if in == nil { + return nil + } + out := new(OIDCIdentityProviderStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Parameter) DeepCopyInto(out *Parameter) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Parameter. +func (in *Parameter) DeepCopy() *Parameter { + if in == nil { + return nil + } + out := new(Parameter) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSSpec) DeepCopyInto(out *TLSSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSSpec. +func (in *TLSSpec) DeepCopy() *TLSSpec { + if in == nil { + return nil + } + out := new(TLSSpec) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.22/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go b/generated/1.22/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go new file mode 100644 index 00000000..ea055090 --- /dev/null +++ b/generated/1.22/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go @@ -0,0 +1,66 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +// IDPType are the strings that can be returned by the Supervisor identity provider discovery endpoint +// as the "type" of each returned identity provider. +type IDPType string + +// IDPFlow are the strings that can be returned by the Supervisor identity provider discovery endpoint +// in the array of allowed client "flows" for each returned identity provider. +type IDPFlow string + +const ( + IDPTypeOIDC IDPType = "oidc" + IDPTypeLDAP IDPType = "ldap" + IDPTypeActiveDirectory IDPType = "activedirectory" + + IDPFlowCLIPassword IDPFlow = "cli_password" + IDPFlowBrowserAuthcode IDPFlow = "browser_authcode" +) + +// Equals is a convenience function for comparing an IDPType to a string. +func (r IDPType) Equals(s string) bool { + return string(r) == s +} + +// String is a convenience function to convert an IDPType to a string. +func (r IDPType) String() string { + return string(r) +} + +// Equals is a convenience function for comparing an IDPFlow to a string. +func (r IDPFlow) Equals(s string) bool { + return string(r) == s +} + +// String is a convenience function to convert an IDPFlow to a string. +func (r IDPFlow) String() string { + return string(r) +} + +// OIDCDiscoveryResponse is part of the response from a FederationDomain's OpenID Provider Configuration +// Document returned by the .well-known/openid-configuration endpoint. It ignores all the standard OpenID Provider +// configuration metadata and only picks out the portion related to Supervisor identity provider discovery. +type OIDCDiscoveryResponse struct { + SupervisorDiscovery OIDCDiscoveryResponseIDPEndpoint `json:"discovery.supervisor.pinniped.dev/v1alpha1"` +} + +// OIDCDiscoveryResponseIDPEndpoint contains the URL for the identity provider discovery endpoint. +type OIDCDiscoveryResponseIDPEndpoint struct { + PinnipedIDPsEndpoint string `json:"pinniped_identity_providers_endpoint"` +} + +// IDPDiscoveryResponse is the response of a FederationDomain's identity provider discovery endpoint. +type IDPDiscoveryResponse struct { + PinnipedIDPs []PinnipedIDP `json:"pinniped_identity_providers"` +} + +// PinnipedIDP describes a single identity provider as included in the response of a FederationDomain's +// identity provider discovery endpoint. +type PinnipedIDP struct { + Name string `json:"name"` + Type IDPType `json:"type"` + Flows []IDPFlow `json:"flows,omitempty"` +} diff --git a/generated/1.22/apis/supervisor/oidc/types_supervisor_oidc.go b/generated/1.22/apis/supervisor/oidc/types_supervisor_oidc.go new file mode 100644 index 00000000..b35aafcb --- /dev/null +++ b/generated/1.22/apis/supervisor/oidc/types_supervisor_oidc.go @@ -0,0 +1,25 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package oidc + +// Constants related to the Supervisor FederationDomain's authorization and token endpoints. +const ( + // AuthorizeUsernameHeaderName is the name of the HTTP header which can be used to transmit a username + // to the authorize endpoint when using a password flow, for example an OIDCIdentityProvider with a password grant + // or an LDAPIdentityProvider. + AuthorizeUsernameHeaderName = "Pinniped-Username" + + // AuthorizePasswordHeaderName is the name of the HTTP header which can be used to transmit a password + // to the authorize endpoint when using a password flow, for example an OIDCIdentityProvider with a password grant + // or an LDAPIdentityProvider. + AuthorizePasswordHeaderName = "Pinniped-Password" //nolint:gosec // this is not a credential + + // AuthorizeUpstreamIDPNameParamName is the name of the HTTP request parameter which can be used to help select which + // identity provider should be used for authentication by sending the name of the desired identity provider. + AuthorizeUpstreamIDPNameParamName = "pinniped_idp_name" + + // AuthorizeUpstreamIDPTypeParamName is the name of the HTTP request parameter which can be used to help select which + // identity provider should be used for authentication by sending the type of the desired identity provider. + AuthorizeUpstreamIDPTypeParamName = "pinniped_idp_type" +) diff --git a/generated/1.22/client/concierge/clientset/versioned/clientset.go b/generated/1.22/client/concierge/clientset/versioned/clientset.go new file mode 100644 index 00000000..62a1ea71 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/clientset.go @@ -0,0 +1,126 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package versioned + +import ( + "fmt" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" +) + +type Interface interface { + Discovery() discovery.DiscoveryInterface + AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface + ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface + IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface + LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface +} + +// Clientset contains the clients for groups. Each group has exactly one +// version included in a Clientset. +type Clientset struct { + *discovery.DiscoveryClient + authenticationV1alpha1 *authenticationv1alpha1.AuthenticationV1alpha1Client + configV1alpha1 *configv1alpha1.ConfigV1alpha1Client + identityV1alpha1 *identityv1alpha1.IdentityV1alpha1Client + loginV1alpha1 *loginv1alpha1.LoginV1alpha1Client +} + +// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client +func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { + return c.authenticationV1alpha1 +} + +// ConfigV1alpha1 retrieves the ConfigV1alpha1Client +func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { + return c.configV1alpha1 +} + +// IdentityV1alpha1 retrieves the IdentityV1alpha1Client +func (c *Clientset) IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface { + return c.identityV1alpha1 +} + +// LoginV1alpha1 retrieves the LoginV1alpha1Client +func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface { + return c.loginV1alpha1 +} + +// Discovery retrieves the DiscoveryClient +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + if c == nil { + return nil + } + return c.DiscoveryClient +} + +// NewForConfig creates a new Clientset for the given config. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfig will generate a rate-limiter in configShallowCopy. +func NewForConfig(c *rest.Config) (*Clientset, error) { + configShallowCopy := *c + if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { + if configShallowCopy.Burst <= 0 { + return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") + } + configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) + } + var cs Clientset + var err error + cs.authenticationV1alpha1, err = authenticationv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.configV1alpha1, err = configv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.identityV1alpha1, err = identityv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.loginV1alpha1, err = loginv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + return &cs, nil +} + +// NewForConfigOrDie creates a new Clientset for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *Clientset { + var cs Clientset + cs.authenticationV1alpha1 = authenticationv1alpha1.NewForConfigOrDie(c) + cs.configV1alpha1 = configv1alpha1.NewForConfigOrDie(c) + cs.identityV1alpha1 = identityv1alpha1.NewForConfigOrDie(c) + cs.loginV1alpha1 = loginv1alpha1.NewForConfigOrDie(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) + return &cs +} + +// New creates a new Clientset for the given RESTClient. +func New(c rest.Interface) *Clientset { + var cs Clientset + cs.authenticationV1alpha1 = authenticationv1alpha1.New(c) + cs.configV1alpha1 = configv1alpha1.New(c) + cs.identityV1alpha1 = identityv1alpha1.New(c) + cs.loginV1alpha1 = loginv1alpha1.New(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClient(c) + return &cs +} diff --git a/generated/1.22/client/concierge/clientset/versioned/doc.go b/generated/1.22/client/concierge/clientset/versioned/doc.go new file mode 100644 index 00000000..5dc02e6e --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated clientset. +package versioned diff --git a/generated/1.22/client/concierge/clientset/versioned/fake/clientset_generated.go b/generated/1.22/client/concierge/clientset/versioned/fake/clientset_generated.go new file mode 100644 index 00000000..a2af91e9 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/fake/clientset_generated.go @@ -0,0 +1,93 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + clientset "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned" + authenticationv1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + fakeauthenticationv1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake" + configv1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1" + fakeconfigv1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/fake" + identityv1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1" + fakeidentityv1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake" + loginv1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1" + fakeloginv1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/fake" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/discovery" + fakediscovery "k8s.io/client-go/discovery/fake" + "k8s.io/client-go/testing" +) + +// NewSimpleClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +func NewSimpleClientset(objects ...runtime.Object) *Clientset { + o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{tracker: o} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +// Clientset implements clientset.Interface. Meant to be embedded into a +// struct to get a default implementation. This makes faking out just the method +// you want to test easier. +type Clientset struct { + testing.Fake + discovery *fakediscovery.FakeDiscovery + tracker testing.ObjectTracker +} + +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + return c.discovery +} + +func (c *Clientset) Tracker() testing.ObjectTracker { + return c.tracker +} + +var ( + _ clientset.Interface = &Clientset{} + _ testing.FakeClient = &Clientset{} +) + +// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client +func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { + return &fakeauthenticationv1alpha1.FakeAuthenticationV1alpha1{Fake: &c.Fake} +} + +// ConfigV1alpha1 retrieves the ConfigV1alpha1Client +func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { + return &fakeconfigv1alpha1.FakeConfigV1alpha1{Fake: &c.Fake} +} + +// IdentityV1alpha1 retrieves the IdentityV1alpha1Client +func (c *Clientset) IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface { + return &fakeidentityv1alpha1.FakeIdentityV1alpha1{Fake: &c.Fake} +} + +// LoginV1alpha1 retrieves the LoginV1alpha1Client +func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface { + return &fakeloginv1alpha1.FakeLoginV1alpha1{Fake: &c.Fake} +} diff --git a/generated/1.22/client/concierge/clientset/versioned/fake/doc.go b/generated/1.22/client/concierge/clientset/versioned/fake/doc.go new file mode 100644 index 00000000..7c9538fd --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated fake clientset. +package fake diff --git a/generated/1.22/client/concierge/clientset/versioned/fake/register.go b/generated/1.22/client/concierge/clientset/versioned/fake/register.go new file mode 100644 index 00000000..b2499254 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/fake/register.go @@ -0,0 +1,49 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/login/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var scheme = runtime.NewScheme() +var codecs = serializer.NewCodecFactory(scheme) + +var localSchemeBuilder = runtime.SchemeBuilder{ + authenticationv1alpha1.AddToScheme, + configv1alpha1.AddToScheme, + identityv1alpha1.AddToScheme, + loginv1alpha1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(scheme)) +} diff --git a/generated/1.22/client/concierge/clientset/versioned/scheme/doc.go b/generated/1.22/client/concierge/clientset/versioned/scheme/doc.go new file mode 100644 index 00000000..cc02f1d3 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/scheme/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package contains the scheme of the automatically generated clientset. +package scheme diff --git a/generated/1.22/client/concierge/clientset/versioned/scheme/register.go b/generated/1.22/client/concierge/clientset/versioned/scheme/register.go new file mode 100644 index 00000000..10b3df0b --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/scheme/register.go @@ -0,0 +1,49 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package scheme + +import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/login/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var Scheme = runtime.NewScheme() +var Codecs = serializer.NewCodecFactory(Scheme) +var ParameterCodec = runtime.NewParameterCodec(Scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + authenticationv1alpha1.AddToScheme, + configv1alpha1.AddToScheme, + identityv1alpha1.AddToScheme, + loginv1alpha1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(Scheme)) +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go new file mode 100644 index 00000000..0865704c --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go @@ -0,0 +1,81 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/authentication/v1alpha1" + "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type AuthenticationV1alpha1Interface interface { + RESTClient() rest.Interface + JWTAuthenticatorsGetter + WebhookAuthenticatorsGetter +} + +// AuthenticationV1alpha1Client is used to interact with features provided by the authentication.concierge.pinniped.dev group. +type AuthenticationV1alpha1Client struct { + restClient rest.Interface +} + +func (c *AuthenticationV1alpha1Client) JWTAuthenticators() JWTAuthenticatorInterface { + return newJWTAuthenticators(c) +} + +func (c *AuthenticationV1alpha1Client) WebhookAuthenticators() WebhookAuthenticatorInterface { + return newWebhookAuthenticators(c) +} + +// NewForConfig creates a new AuthenticationV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &AuthenticationV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new AuthenticationV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *AuthenticationV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new AuthenticationV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *AuthenticationV1alpha1Client { + return &AuthenticationV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *AuthenticationV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go new file mode 100644 index 00000000..033508fe --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go @@ -0,0 +1,31 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeAuthenticationV1alpha1 struct { + *testing.Fake +} + +func (c *FakeAuthenticationV1alpha1) JWTAuthenticators() v1alpha1.JWTAuthenticatorInterface { + return &FakeJWTAuthenticators{c} +} + +func (c *FakeAuthenticationV1alpha1) WebhookAuthenticators() v1alpha1.WebhookAuthenticatorInterface { + return &FakeWebhookAuthenticators{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeAuthenticationV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go new file mode 100644 index 00000000..4c3a0412 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go @@ -0,0 +1,120 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeJWTAuthenticators implements JWTAuthenticatorInterface +type FakeJWTAuthenticators struct { + Fake *FakeAuthenticationV1alpha1 +} + +var jwtauthenticatorsResource = schema.GroupVersionResource{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Resource: "jwtauthenticators"} + +var jwtauthenticatorsKind = schema.GroupVersionKind{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Kind: "JWTAuthenticator"} + +// Get takes name of the jWTAuthenticator, and returns the corresponding jWTAuthenticator object, and an error if there is any. +func (c *FakeJWTAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.JWTAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(jwtauthenticatorsResource, name), &v1alpha1.JWTAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.JWTAuthenticator), err +} + +// List takes label and field selectors, and returns the list of JWTAuthenticators that match those selectors. +func (c *FakeJWTAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.JWTAuthenticatorList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(jwtauthenticatorsResource, jwtauthenticatorsKind, opts), &v1alpha1.JWTAuthenticatorList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.JWTAuthenticatorList{ListMeta: obj.(*v1alpha1.JWTAuthenticatorList).ListMeta} + for _, item := range obj.(*v1alpha1.JWTAuthenticatorList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested jWTAuthenticators. +func (c *FakeJWTAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(jwtauthenticatorsResource, opts)) +} + +// Create takes the representation of a jWTAuthenticator and creates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. +func (c *FakeJWTAuthenticators) Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (result *v1alpha1.JWTAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(jwtauthenticatorsResource, jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.JWTAuthenticator), err +} + +// Update takes the representation of a jWTAuthenticator and updates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. +func (c *FakeJWTAuthenticators) Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(jwtauthenticatorsResource, jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.JWTAuthenticator), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeJWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(jwtauthenticatorsResource, "status", jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.JWTAuthenticator), err +} + +// Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. +func (c *FakeJWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(jwtauthenticatorsResource, name), &v1alpha1.JWTAuthenticator{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeJWTAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(jwtauthenticatorsResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.JWTAuthenticatorList{}) + return err +} + +// Patch applies the patch and returns the patched jWTAuthenticator. +func (c *FakeJWTAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(jwtauthenticatorsResource, name, pt, data, subresources...), &v1alpha1.JWTAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.JWTAuthenticator), err +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go new file mode 100644 index 00000000..4a096d8d --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go @@ -0,0 +1,120 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeWebhookAuthenticators implements WebhookAuthenticatorInterface +type FakeWebhookAuthenticators struct { + Fake *FakeAuthenticationV1alpha1 +} + +var webhookauthenticatorsResource = schema.GroupVersionResource{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Resource: "webhookauthenticators"} + +var webhookauthenticatorsKind = schema.GroupVersionKind{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Kind: "WebhookAuthenticator"} + +// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. +func (c *FakeWebhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(webhookauthenticatorsResource, name), &v1alpha1.WebhookAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. +func (c *FakeWebhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(webhookauthenticatorsResource, webhookauthenticatorsKind, opts), &v1alpha1.WebhookAuthenticatorList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.WebhookAuthenticatorList{ListMeta: obj.(*v1alpha1.WebhookAuthenticatorList).ListMeta} + for _, item := range obj.(*v1alpha1.WebhookAuthenticatorList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested webhookAuthenticators. +func (c *FakeWebhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(webhookauthenticatorsResource, opts)) +} + +// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *FakeWebhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(webhookauthenticatorsResource, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *FakeWebhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(webhookauthenticatorsResource, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeWebhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(webhookauthenticatorsResource, "status", webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. +func (c *FakeWebhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(webhookauthenticatorsResource, name), &v1alpha1.WebhookAuthenticator{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeWebhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(webhookauthenticatorsResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.WebhookAuthenticatorList{}) + return err +} + +// Patch applies the patch and returns the patched webhookAuthenticator. +func (c *FakeWebhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(webhookauthenticatorsResource, name, pt, data, subresources...), &v1alpha1.WebhookAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..03757746 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go @@ -0,0 +1,10 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type JWTAuthenticatorExpansion interface{} + +type WebhookAuthenticatorExpansion interface{} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go new file mode 100644 index 00000000..4d90ceb1 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go @@ -0,0 +1,171 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// JWTAuthenticatorsGetter has a method to return a JWTAuthenticatorInterface. +// A group's client should implement this interface. +type JWTAuthenticatorsGetter interface { + JWTAuthenticators() JWTAuthenticatorInterface +} + +// JWTAuthenticatorInterface has methods to work with JWTAuthenticator resources. +type JWTAuthenticatorInterface interface { + Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (*v1alpha1.JWTAuthenticator, error) + Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) + UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.JWTAuthenticator, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.JWTAuthenticatorList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) + JWTAuthenticatorExpansion +} + +// jWTAuthenticators implements JWTAuthenticatorInterface +type jWTAuthenticators struct { + client rest.Interface +} + +// newJWTAuthenticators returns a JWTAuthenticators +func newJWTAuthenticators(c *AuthenticationV1alpha1Client) *jWTAuthenticators { + return &jWTAuthenticators{ + client: c.RESTClient(), + } +} + +// Get takes name of the jWTAuthenticator, and returns the corresponding jWTAuthenticator object, and an error if there is any. +func (c *jWTAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.JWTAuthenticator, err error) { + result = &v1alpha1.JWTAuthenticator{} + err = c.client.Get(). + Resource("jwtauthenticators"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of JWTAuthenticators that match those selectors. +func (c *jWTAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.JWTAuthenticatorList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.JWTAuthenticatorList{} + err = c.client.Get(). + Resource("jwtauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested jWTAuthenticators. +func (c *jWTAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("jwtauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a jWTAuthenticator and creates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. +func (c *jWTAuthenticators) Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (result *v1alpha1.JWTAuthenticator, err error) { + result = &v1alpha1.JWTAuthenticator{} + err = c.client.Post(). + Resource("jwtauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(jWTAuthenticator). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a jWTAuthenticator and updates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. +func (c *jWTAuthenticators) Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { + result = &v1alpha1.JWTAuthenticator{} + err = c.client.Put(). + Resource("jwtauthenticators"). + Name(jWTAuthenticator.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(jWTAuthenticator). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *jWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { + result = &v1alpha1.JWTAuthenticator{} + err = c.client.Put(). + Resource("jwtauthenticators"). + Name(jWTAuthenticator.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(jWTAuthenticator). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. +func (c *jWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("jwtauthenticators"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *jWTAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("jwtauthenticators"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched jWTAuthenticator. +func (c *jWTAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) { + result = &v1alpha1.JWTAuthenticator{} + err = c.client.Patch(pt). + Resource("jwtauthenticators"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 00000000..923a5134 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,171 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// WebhookAuthenticatorsGetter has a method to return a WebhookAuthenticatorInterface. +// A group's client should implement this interface. +type WebhookAuthenticatorsGetter interface { + WebhookAuthenticators() WebhookAuthenticatorInterface +} + +// WebhookAuthenticatorInterface has methods to work with WebhookAuthenticator resources. +type WebhookAuthenticatorInterface interface { + Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (*v1alpha1.WebhookAuthenticator, error) + Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) + UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.WebhookAuthenticator, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.WebhookAuthenticatorList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) + WebhookAuthenticatorExpansion +} + +// webhookAuthenticators implements WebhookAuthenticatorInterface +type webhookAuthenticators struct { + client rest.Interface +} + +// newWebhookAuthenticators returns a WebhookAuthenticators +func newWebhookAuthenticators(c *AuthenticationV1alpha1Client) *webhookAuthenticators { + return &webhookAuthenticators{ + client: c.RESTClient(), + } +} + +// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. +func (c *webhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Get(). + Resource("webhookauthenticators"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. +func (c *webhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.WebhookAuthenticatorList{} + err = c.client.Get(). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested webhookAuthenticators. +func (c *webhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *webhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Post(). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(webhookAuthenticator). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *webhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Put(). + Resource("webhookauthenticators"). + Name(webhookAuthenticator.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(webhookAuthenticator). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *webhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Put(). + Resource("webhookauthenticators"). + Name(webhookAuthenticator.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(webhookAuthenticator). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. +func (c *webhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("webhookauthenticators"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *webhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("webhookauthenticators"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched webhookAuthenticator. +func (c *webhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Patch(pt). + Resource("webhookauthenticators"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go new file mode 100644 index 00000000..2bd88de6 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/config/v1alpha1" + "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type ConfigV1alpha1Interface interface { + RESTClient() rest.Interface + CredentialIssuersGetter +} + +// ConfigV1alpha1Client is used to interact with features provided by the config.concierge.pinniped.dev group. +type ConfigV1alpha1Client struct { + restClient rest.Interface +} + +func (c *ConfigV1alpha1Client) CredentialIssuers() CredentialIssuerInterface { + return newCredentialIssuers(c) +} + +// NewForConfig creates a new ConfigV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &ConfigV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new ConfigV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *ConfigV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new ConfigV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *ConfigV1alpha1Client { + return &ConfigV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *ConfigV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go b/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go new file mode 100644 index 00000000..91acc1f9 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go @@ -0,0 +1,171 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// CredentialIssuersGetter has a method to return a CredentialIssuerInterface. +// A group's client should implement this interface. +type CredentialIssuersGetter interface { + CredentialIssuers() CredentialIssuerInterface +} + +// CredentialIssuerInterface has methods to work with CredentialIssuer resources. +type CredentialIssuerInterface interface { + Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (*v1alpha1.CredentialIssuer, error) + Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) + UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuer, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) + CredentialIssuerExpansion +} + +// credentialIssuers implements CredentialIssuerInterface +type credentialIssuers struct { + client rest.Interface +} + +// newCredentialIssuers returns a CredentialIssuers +func newCredentialIssuers(c *ConfigV1alpha1Client) *credentialIssuers { + return &credentialIssuers{ + client: c.RESTClient(), + } +} + +// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any. +func (c *credentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) { + result = &v1alpha1.CredentialIssuer{} + err = c.client.Get(). + Resource("credentialissuers"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors. +func (c *credentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.CredentialIssuerList{} + err = c.client.Get(). + Resource("credentialissuers"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested credentialIssuers. +func (c *credentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("credentialissuers"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. +func (c *credentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) { + result = &v1alpha1.CredentialIssuer{} + err = c.client.Post(). + Resource("credentialissuers"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(credentialIssuer). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. +func (c *credentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { + result = &v1alpha1.CredentialIssuer{} + err = c.client.Put(). + Resource("credentialissuers"). + Name(credentialIssuer.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(credentialIssuer). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *credentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { + result = &v1alpha1.CredentialIssuer{} + err = c.client.Put(). + Resource("credentialissuers"). + Name(credentialIssuer.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(credentialIssuer). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. +func (c *credentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("credentialissuers"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *credentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("credentialissuers"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched credentialIssuer. +func (c *credentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) { + result = &v1alpha1.CredentialIssuer{} + err = c.client.Patch(pt). + Resource("credentialissuers"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go new file mode 100644 index 00000000..eed96367 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeConfigV1alpha1 struct { + *testing.Fake +} + +func (c *FakeConfigV1alpha1) CredentialIssuers() v1alpha1.CredentialIssuerInterface { + return &FakeCredentialIssuers{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go b/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go new file mode 100644 index 00000000..8d138856 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go @@ -0,0 +1,120 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/config/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeCredentialIssuers implements CredentialIssuerInterface +type FakeCredentialIssuers struct { + Fake *FakeConfigV1alpha1 +} + +var credentialissuersResource = schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuers"} + +var credentialissuersKind = schema.GroupVersionKind{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuer"} + +// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any. +func (c *FakeCredentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(credentialissuersResource, name), &v1alpha1.CredentialIssuer{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CredentialIssuer), err +} + +// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors. +func (c *FakeCredentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(credentialissuersResource, credentialissuersKind, opts), &v1alpha1.CredentialIssuerList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.CredentialIssuerList{ListMeta: obj.(*v1alpha1.CredentialIssuerList).ListMeta} + for _, item := range obj.(*v1alpha1.CredentialIssuerList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested credentialIssuers. +func (c *FakeCredentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(credentialissuersResource, opts)) +} + +// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. +func (c *FakeCredentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(credentialissuersResource, credentialIssuer), &v1alpha1.CredentialIssuer{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CredentialIssuer), err +} + +// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. +func (c *FakeCredentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(credentialissuersResource, credentialIssuer), &v1alpha1.CredentialIssuer{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CredentialIssuer), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeCredentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(credentialissuersResource, "status", credentialIssuer), &v1alpha1.CredentialIssuer{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CredentialIssuer), err +} + +// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. +func (c *FakeCredentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(credentialissuersResource, name), &v1alpha1.CredentialIssuer{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeCredentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(credentialissuersResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerList{}) + return err +} + +// Patch applies the patch and returns the patched credentialIssuer. +func (c *FakeCredentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(credentialissuersResource, name, pt, data, subresources...), &v1alpha1.CredentialIssuer{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CredentialIssuer), err +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..294cd402 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -0,0 +1,8 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type CredentialIssuerExpansion interface{} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go b/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go b/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go b/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go new file mode 100644 index 00000000..f62b994f --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeIdentityV1alpha1 struct { + *testing.Fake +} + +func (c *FakeIdentityV1alpha1) WhoAmIRequests() v1alpha1.WhoAmIRequestInterface { + return &FakeWhoAmIRequests{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeIdentityV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go b/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go new file mode 100644 index 00000000..e87ba055 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go @@ -0,0 +1,34 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/identity/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + testing "k8s.io/client-go/testing" +) + +// FakeWhoAmIRequests implements WhoAmIRequestInterface +type FakeWhoAmIRequests struct { + Fake *FakeIdentityV1alpha1 +} + +var whoamirequestsResource = schema.GroupVersionResource{Group: "identity.concierge.pinniped.dev", Version: "v1alpha1", Resource: "whoamirequests"} + +var whoamirequestsKind = schema.GroupVersionKind{Group: "identity.concierge.pinniped.dev", Version: "v1alpha1", Kind: "WhoAmIRequest"} + +// Create takes the representation of a whoAmIRequest and creates it. Returns the server's representation of the whoAmIRequest, and an error, if there is any. +func (c *FakeWhoAmIRequests) Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (result *v1alpha1.WhoAmIRequest, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(whoamirequestsResource, whoAmIRequest), &v1alpha1.WhoAmIRequest{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WhoAmIRequest), err +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go b/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..925d9ca3 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go @@ -0,0 +1,8 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type WhoAmIRequestExpansion interface{} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go b/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go new file mode 100644 index 00000000..be63a087 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/identity/v1alpha1" + "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type IdentityV1alpha1Interface interface { + RESTClient() rest.Interface + WhoAmIRequestsGetter +} + +// IdentityV1alpha1Client is used to interact with features provided by the identity.concierge.pinniped.dev group. +type IdentityV1alpha1Client struct { + restClient rest.Interface +} + +func (c *IdentityV1alpha1Client) WhoAmIRequests() WhoAmIRequestInterface { + return newWhoAmIRequests(c) +} + +// NewForConfig creates a new IdentityV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*IdentityV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &IdentityV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new IdentityV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *IdentityV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new IdentityV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *IdentityV1alpha1Client { + return &IdentityV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *IdentityV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go b/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go new file mode 100644 index 00000000..02400c35 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go @@ -0,0 +1,51 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/identity/v1alpha1" + scheme "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + rest "k8s.io/client-go/rest" +) + +// WhoAmIRequestsGetter has a method to return a WhoAmIRequestInterface. +// A group's client should implement this interface. +type WhoAmIRequestsGetter interface { + WhoAmIRequests() WhoAmIRequestInterface +} + +// WhoAmIRequestInterface has methods to work with WhoAmIRequest resources. +type WhoAmIRequestInterface interface { + Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (*v1alpha1.WhoAmIRequest, error) + WhoAmIRequestExpansion +} + +// whoAmIRequests implements WhoAmIRequestInterface +type whoAmIRequests struct { + client rest.Interface +} + +// newWhoAmIRequests returns a WhoAmIRequests +func newWhoAmIRequests(c *IdentityV1alpha1Client) *whoAmIRequests { + return &whoAmIRequests{ + client: c.RESTClient(), + } +} + +// Create takes the representation of a whoAmIRequest and creates it. Returns the server's representation of the whoAmIRequest, and an error, if there is any. +func (c *whoAmIRequests) Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (result *v1alpha1.WhoAmIRequest, err error) { + result = &v1alpha1.WhoAmIRequest{} + err = c.client.Post(). + Resource("whoamirequests"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(whoAmIRequest). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go b/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go b/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go b/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go new file mode 100644 index 00000000..cd3da29f --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeLoginV1alpha1 struct { + *testing.Fake +} + +func (c *FakeLoginV1alpha1) TokenCredentialRequests() v1alpha1.TokenCredentialRequestInterface { + return &FakeTokenCredentialRequests{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeLoginV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go b/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go new file mode 100644 index 00000000..d8fb228e --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go @@ -0,0 +1,34 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/login/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + testing "k8s.io/client-go/testing" +) + +// FakeTokenCredentialRequests implements TokenCredentialRequestInterface +type FakeTokenCredentialRequests struct { + Fake *FakeLoginV1alpha1 +} + +var tokencredentialrequestsResource = schema.GroupVersionResource{Group: "login.concierge.pinniped.dev", Version: "v1alpha1", Resource: "tokencredentialrequests"} + +var tokencredentialrequestsKind = schema.GroupVersionKind{Group: "login.concierge.pinniped.dev", Version: "v1alpha1", Kind: "TokenCredentialRequest"} + +// Create takes the representation of a tokenCredentialRequest and creates it. Returns the server's representation of the tokenCredentialRequest, and an error, if there is any. +func (c *FakeTokenCredentialRequests) Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (result *v1alpha1.TokenCredentialRequest, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(tokencredentialrequestsResource, tokenCredentialRequest), &v1alpha1.TokenCredentialRequest{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.TokenCredentialRequest), err +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go b/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..7ed35ca8 --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go @@ -0,0 +1,8 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type TokenCredentialRequestExpansion interface{} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go b/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go new file mode 100644 index 00000000..579dcc0c --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/login/v1alpha1" + "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type LoginV1alpha1Interface interface { + RESTClient() rest.Interface + TokenCredentialRequestsGetter +} + +// LoginV1alpha1Client is used to interact with features provided by the login.concierge.pinniped.dev group. +type LoginV1alpha1Client struct { + restClient rest.Interface +} + +func (c *LoginV1alpha1Client) TokenCredentialRequests() TokenCredentialRequestInterface { + return newTokenCredentialRequests(c) +} + +// NewForConfig creates a new LoginV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*LoginV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &LoginV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new LoginV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *LoginV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new LoginV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *LoginV1alpha1Client { + return &LoginV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *LoginV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go b/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go new file mode 100644 index 00000000..d35af11c --- /dev/null +++ b/generated/1.22/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go @@ -0,0 +1,51 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/login/v1alpha1" + scheme "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + rest "k8s.io/client-go/rest" +) + +// TokenCredentialRequestsGetter has a method to return a TokenCredentialRequestInterface. +// A group's client should implement this interface. +type TokenCredentialRequestsGetter interface { + TokenCredentialRequests() TokenCredentialRequestInterface +} + +// TokenCredentialRequestInterface has methods to work with TokenCredentialRequest resources. +type TokenCredentialRequestInterface interface { + Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (*v1alpha1.TokenCredentialRequest, error) + TokenCredentialRequestExpansion +} + +// tokenCredentialRequests implements TokenCredentialRequestInterface +type tokenCredentialRequests struct { + client rest.Interface +} + +// newTokenCredentialRequests returns a TokenCredentialRequests +func newTokenCredentialRequests(c *LoginV1alpha1Client) *tokenCredentialRequests { + return &tokenCredentialRequests{ + client: c.RESTClient(), + } +} + +// Create takes the representation of a tokenCredentialRequest and creates it. Returns the server's representation of the tokenCredentialRequest, and an error, if there is any. +func (c *tokenCredentialRequests) Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (result *v1alpha1.TokenCredentialRequest, err error) { + result = &v1alpha1.TokenCredentialRequest{} + err = c.client.Post(). + Resource("tokencredentialrequests"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(tokenCredentialRequest). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.22/client/concierge/informers/externalversions/authentication/interface.go b/generated/1.22/client/concierge/informers/externalversions/authentication/interface.go new file mode 100644 index 00000000..fd599cd3 --- /dev/null +++ b/generated/1.22/client/concierge/informers/externalversions/authentication/interface.go @@ -0,0 +1,33 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package authentication + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/informers/externalversions/authentication/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.22/client/concierge/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/generated/1.22/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go b/generated/1.22/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go new file mode 100644 index 00000000..2e520953 --- /dev/null +++ b/generated/1.22/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go @@ -0,0 +1,39 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "go.pinniped.dev/generated/1.22/client/concierge/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // JWTAuthenticators returns a JWTAuthenticatorInformer. + JWTAuthenticators() JWTAuthenticatorInformer + // WebhookAuthenticators returns a WebhookAuthenticatorInformer. + WebhookAuthenticators() WebhookAuthenticatorInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// JWTAuthenticators returns a JWTAuthenticatorInformer. +func (v *version) JWTAuthenticators() JWTAuthenticatorInformer { + return &jWTAuthenticatorInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} + +// WebhookAuthenticators returns a WebhookAuthenticatorInformer. +func (v *version) WebhookAuthenticators() WebhookAuthenticatorInformer { + return &webhookAuthenticatorInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.22/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go b/generated/1.22/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go new file mode 100644 index 00000000..8398f260 --- /dev/null +++ b/generated/1.22/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/authentication/v1alpha1" + versioned "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.22/client/concierge/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/listers/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// JWTAuthenticatorInformer provides access to a shared informer and lister for +// JWTAuthenticators. +type JWTAuthenticatorInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.JWTAuthenticatorLister +} + +type jWTAuthenticatorInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewJWTAuthenticatorInformer constructs a new informer for JWTAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredJWTAuthenticatorInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredJWTAuthenticatorInformer constructs a new informer for JWTAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().JWTAuthenticators().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(context.TODO(), options) + }, + }, + &authenticationv1alpha1.JWTAuthenticator{}, + resyncPeriod, + indexers, + ) +} + +func (f *jWTAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredJWTAuthenticatorInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *jWTAuthenticatorInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&authenticationv1alpha1.JWTAuthenticator{}, f.defaultInformer) +} + +func (f *jWTAuthenticatorInformer) Lister() v1alpha1.JWTAuthenticatorLister { + return v1alpha1.NewJWTAuthenticatorLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.22/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/1.22/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 00000000..f3a33303 --- /dev/null +++ b/generated/1.22/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/authentication/v1alpha1" + versioned "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.22/client/concierge/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/listers/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// WebhookAuthenticatorInformer provides access to a shared informer and lister for +// WebhookAuthenticators. +type WebhookAuthenticatorInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.WebhookAuthenticatorLister +} + +type webhookAuthenticatorInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredWebhookAuthenticatorInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(context.TODO(), options) + }, + }, + &authenticationv1alpha1.WebhookAuthenticator{}, + resyncPeriod, + indexers, + ) +} + +func (f *webhookAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredWebhookAuthenticatorInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *webhookAuthenticatorInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&authenticationv1alpha1.WebhookAuthenticator{}, f.defaultInformer) +} + +func (f *webhookAuthenticatorInformer) Lister() v1alpha1.WebhookAuthenticatorLister { + return v1alpha1.NewWebhookAuthenticatorLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.22/client/concierge/informers/externalversions/config/interface.go b/generated/1.22/client/concierge/informers/externalversions/config/interface.go new file mode 100644 index 00000000..12ae8797 --- /dev/null +++ b/generated/1.22/client/concierge/informers/externalversions/config/interface.go @@ -0,0 +1,33 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package config + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/informers/externalversions/config/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.22/client/concierge/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/generated/1.22/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go b/generated/1.22/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go new file mode 100644 index 00000000..18d30f1e --- /dev/null +++ b/generated/1.22/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + configv1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/config/v1alpha1" + versioned "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.22/client/concierge/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.22/client/concierge/listers/config/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// CredentialIssuerInformer provides access to a shared informer and lister for +// CredentialIssuers. +type CredentialIssuerInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.CredentialIssuerLister +} + +type credentialIssuerInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewCredentialIssuerInformer constructs a new informer for CredentialIssuer type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredCredentialIssuerInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredCredentialIssuerInformer constructs a new informer for CredentialIssuer type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().CredentialIssuers().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().CredentialIssuers().Watch(context.TODO(), options) + }, + }, + &configv1alpha1.CredentialIssuer{}, + resyncPeriod, + indexers, + ) +} + +func (f *credentialIssuerInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredCredentialIssuerInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *credentialIssuerInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&configv1alpha1.CredentialIssuer{}, f.defaultInformer) +} + +func (f *credentialIssuerInformer) Lister() v1alpha1.CredentialIssuerLister { + return v1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.22/client/concierge/informers/externalversions/config/v1alpha1/interface.go b/generated/1.22/client/concierge/informers/externalversions/config/v1alpha1/interface.go new file mode 100644 index 00000000..1278dd53 --- /dev/null +++ b/generated/1.22/client/concierge/informers/externalversions/config/v1alpha1/interface.go @@ -0,0 +1,32 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "go.pinniped.dev/generated/1.22/client/concierge/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // CredentialIssuers returns a CredentialIssuerInformer. + CredentialIssuers() CredentialIssuerInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// CredentialIssuers returns a CredentialIssuerInformer. +func (v *version) CredentialIssuers() CredentialIssuerInformer { + return &credentialIssuerInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.22/client/concierge/informers/externalversions/factory.go b/generated/1.22/client/concierge/informers/externalversions/factory.go new file mode 100644 index 00000000..70dfe00d --- /dev/null +++ b/generated/1.22/client/concierge/informers/externalversions/factory.go @@ -0,0 +1,173 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + reflect "reflect" + sync "sync" + time "time" + + versioned "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned" + authentication "go.pinniped.dev/generated/1.22/client/concierge/informers/externalversions/authentication" + config "go.pinniped.dev/generated/1.22/client/concierge/informers/externalversions/config" + internalinterfaces "go.pinniped.dev/generated/1.22/client/concierge/informers/externalversions/internalinterfaces" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// SharedInformerOption defines the functional option type for SharedInformerFactory. +type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory + +type sharedInformerFactory struct { + client versioned.Interface + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc + lock sync.Mutex + defaultResync time.Duration + customResync map[reflect.Type]time.Duration + + informers map[reflect.Type]cache.SharedIndexInformer + // startedInformers is used for tracking which informers have been started. + // This allows Start() to be called multiple times safely. + startedInformers map[reflect.Type]bool +} + +// WithCustomResyncConfig sets a custom resync period for the specified informer types. +func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + for k, v := range resyncConfig { + factory.customResync[reflect.TypeOf(k)] = v + } + return factory + } +} + +// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. +func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.tweakListOptions = tweakListOptions + return factory + } +} + +// WithNamespace limits the SharedInformerFactory to the specified namespace. +func WithNamespace(namespace string) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.namespace = namespace + return factory + } +} + +// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. +func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync) +} + +// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. +// Listers obtained via this SharedInformerFactory will be subject to the same filters +// as specified here. +// Deprecated: Please use NewSharedInformerFactoryWithOptions instead +func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) +} + +// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. +func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { + factory := &sharedInformerFactory{ + client: client, + namespace: v1.NamespaceAll, + defaultResync: defaultResync, + informers: make(map[reflect.Type]cache.SharedIndexInformer), + startedInformers: make(map[reflect.Type]bool), + customResync: make(map[reflect.Type]time.Duration), + } + + // Apply all options + for _, opt := range options { + factory = opt(factory) + } + + return factory +} + +// Start initializes all requested informers. +func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.lock.Lock() + defer f.lock.Unlock() + + for informerType, informer := range f.informers { + if !f.startedInformers[informerType] { + go informer.Run(stopCh) + f.startedInformers[informerType] = true + } + } +} + +// WaitForCacheSync waits for all started informers' cache were synced. +func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + informers := func() map[reflect.Type]cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informers := map[reflect.Type]cache.SharedIndexInformer{} + for informerType, informer := range f.informers { + if f.startedInformers[informerType] { + informers[informerType] = informer + } + } + return informers + }() + + res := map[reflect.Type]bool{} + for informType, informer := range informers { + res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + } + return res +} + +// InternalInformerFor returns the SharedIndexInformer for obj using an internal +// client. +func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informerType := reflect.TypeOf(obj) + informer, exists := f.informers[informerType] + if exists { + return informer + } + + resyncPeriod, exists := f.customResync[informerType] + if !exists { + resyncPeriod = f.defaultResync + } + + informer = newFunc(f.client, resyncPeriod) + f.informers[informerType] = informer + + return informer +} + +// SharedInformerFactory provides shared informers for resources in all known +// API group versions. +type SharedInformerFactory interface { + internalinterfaces.SharedInformerFactory + ForResource(resource schema.GroupVersionResource) (GenericInformer, error) + WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + + Authentication() authentication.Interface + Config() config.Interface +} + +func (f *sharedInformerFactory) Authentication() authentication.Interface { + return authentication.New(f, f.namespace, f.tweakListOptions) +} + +func (f *sharedInformerFactory) Config() config.Interface { + return config.New(f, f.namespace, f.tweakListOptions) +} diff --git a/generated/1.22/client/concierge/informers/externalversions/generic.go b/generated/1.22/client/concierge/informers/externalversions/generic.go new file mode 100644 index 00000000..b916d3f6 --- /dev/null +++ b/generated/1.22/client/concierge/informers/externalversions/generic.go @@ -0,0 +1,56 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + "fmt" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/config/v1alpha1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// GenericInformer is type of SharedIndexInformer which will locate and delegate to other +// sharedInformers based on type +type GenericInformer interface { + Informer() cache.SharedIndexInformer + Lister() cache.GenericLister +} + +type genericInformer struct { + informer cache.SharedIndexInformer + resource schema.GroupResource +} + +// Informer returns the SharedIndexInformer. +func (f *genericInformer) Informer() cache.SharedIndexInformer { + return f.informer +} + +// Lister returns the GenericLister. +func (f *genericInformer) Lister() cache.GenericLister { + return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) +} + +// ForResource gives generic access to a shared informer of the matching type +// TODO extend this to unknown resources with a client pool +func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { + switch resource { + // Group=authentication.concierge.pinniped.dev, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithResource("jwtauthenticators"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().JWTAuthenticators().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("webhookauthenticators"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil + + // Group=config.concierge.pinniped.dev, Version=v1alpha1 + case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuers"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuers().Informer()}, nil + + } + + return nil, fmt.Errorf("no informer found for %v", resource) +} diff --git a/generated/1.22/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.22/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go new file mode 100644 index 00000000..d9428efc --- /dev/null +++ b/generated/1.22/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package internalinterfaces + +import ( + time "time" + + versioned "go.pinniped.dev/generated/1.22/client/concierge/clientset/versioned" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + cache "k8s.io/client-go/tools/cache" +) + +// NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer. +type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer + +// SharedInformerFactory a small interface to allow for adding an informer without an import cycle +type SharedInformerFactory interface { + Start(stopCh <-chan struct{}) + InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer +} + +// TweakListOptionsFunc is a function that transforms a v1.ListOptions. +type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/generated/1.22/client/concierge/listers/authentication/v1alpha1/expansion_generated.go b/generated/1.22/client/concierge/listers/authentication/v1alpha1/expansion_generated.go new file mode 100644 index 00000000..665b978e --- /dev/null +++ b/generated/1.22/client/concierge/listers/authentication/v1alpha1/expansion_generated.go @@ -0,0 +1,14 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// JWTAuthenticatorListerExpansion allows custom methods to be added to +// JWTAuthenticatorLister. +type JWTAuthenticatorListerExpansion interface{} + +// WebhookAuthenticatorListerExpansion allows custom methods to be added to +// WebhookAuthenticatorLister. +type WebhookAuthenticatorListerExpansion interface{} diff --git a/generated/1.22/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go b/generated/1.22/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go new file mode 100644 index 00000000..2a1dcd93 --- /dev/null +++ b/generated/1.22/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go @@ -0,0 +1,55 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/authentication/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// JWTAuthenticatorLister helps list JWTAuthenticators. +// All objects returned here must be treated as read-only. +type JWTAuthenticatorLister interface { + // List lists all JWTAuthenticators in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.JWTAuthenticator, err error) + // Get retrieves the JWTAuthenticator from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.JWTAuthenticator, error) + JWTAuthenticatorListerExpansion +} + +// jWTAuthenticatorLister implements the JWTAuthenticatorLister interface. +type jWTAuthenticatorLister struct { + indexer cache.Indexer +} + +// NewJWTAuthenticatorLister returns a new JWTAuthenticatorLister. +func NewJWTAuthenticatorLister(indexer cache.Indexer) JWTAuthenticatorLister { + return &jWTAuthenticatorLister{indexer: indexer} +} + +// List lists all JWTAuthenticators in the indexer. +func (s *jWTAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.JWTAuthenticator, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.JWTAuthenticator)) + }) + return ret, err +} + +// Get retrieves the JWTAuthenticator from the index for a given name. +func (s *jWTAuthenticatorLister) Get(name string) (*v1alpha1.JWTAuthenticator, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("jwtauthenticator"), name) + } + return obj.(*v1alpha1.JWTAuthenticator), nil +} diff --git a/generated/1.22/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.22/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 00000000..edb2313d --- /dev/null +++ b/generated/1.22/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,55 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/authentication/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// WebhookAuthenticatorLister helps list WebhookAuthenticators. +// All objects returned here must be treated as read-only. +type WebhookAuthenticatorLister interface { + // List lists all WebhookAuthenticators in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) + // Get retrieves the WebhookAuthenticator from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.WebhookAuthenticator, error) + WebhookAuthenticatorListerExpansion +} + +// webhookAuthenticatorLister implements the WebhookAuthenticatorLister interface. +type webhookAuthenticatorLister struct { + indexer cache.Indexer +} + +// NewWebhookAuthenticatorLister returns a new WebhookAuthenticatorLister. +func NewWebhookAuthenticatorLister(indexer cache.Indexer) WebhookAuthenticatorLister { + return &webhookAuthenticatorLister{indexer: indexer} +} + +// List lists all WebhookAuthenticators in the indexer. +func (s *webhookAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.WebhookAuthenticator)) + }) + return ret, err +} + +// Get retrieves the WebhookAuthenticator from the index for a given name. +func (s *webhookAuthenticatorLister) Get(name string) (*v1alpha1.WebhookAuthenticator, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("webhookauthenticator"), name) + } + return obj.(*v1alpha1.WebhookAuthenticator), nil +} diff --git a/generated/1.22/client/concierge/listers/config/v1alpha1/credentialissuer.go b/generated/1.22/client/concierge/listers/config/v1alpha1/credentialissuer.go new file mode 100644 index 00000000..88481b7e --- /dev/null +++ b/generated/1.22/client/concierge/listers/config/v1alpha1/credentialissuer.go @@ -0,0 +1,55 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/apis/concierge/config/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// CredentialIssuerLister helps list CredentialIssuers. +// All objects returned here must be treated as read-only. +type CredentialIssuerLister interface { + // List lists all CredentialIssuers in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) + // Get retrieves the CredentialIssuer from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.CredentialIssuer, error) + CredentialIssuerListerExpansion +} + +// credentialIssuerLister implements the CredentialIssuerLister interface. +type credentialIssuerLister struct { + indexer cache.Indexer +} + +// NewCredentialIssuerLister returns a new CredentialIssuerLister. +func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister { + return &credentialIssuerLister{indexer: indexer} +} + +// List lists all CredentialIssuers in the indexer. +func (s *credentialIssuerLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.CredentialIssuer)) + }) + return ret, err +} + +// Get retrieves the CredentialIssuer from the index for a given name. +func (s *credentialIssuerLister) Get(name string) (*v1alpha1.CredentialIssuer, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuer"), name) + } + return obj.(*v1alpha1.CredentialIssuer), nil +} diff --git a/generated/1.22/client/concierge/listers/config/v1alpha1/expansion_generated.go b/generated/1.22/client/concierge/listers/config/v1alpha1/expansion_generated.go new file mode 100644 index 00000000..7212c891 --- /dev/null +++ b/generated/1.22/client/concierge/listers/config/v1alpha1/expansion_generated.go @@ -0,0 +1,10 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// CredentialIssuerListerExpansion allows custom methods to be added to +// CredentialIssuerLister. +type CredentialIssuerListerExpansion interface{} diff --git a/generated/1.22/client/go.mod b/generated/1.22/client/go.mod new file mode 100644 index 00000000..9eb8a759 --- /dev/null +++ b/generated/1.22/client/go.mod @@ -0,0 +1,12 @@ +// This go.mod file is generated by ./hack/codegen.sh. +module go.pinniped.dev/generated/1.22/client + +go 1.13 + +require ( + go.pinniped.dev/generated/1.22/apis v0.0.0 + k8s.io/apimachinery v0.22.6 + k8s.io/client-go v0.22.6 +) + +replace go.pinniped.dev/generated/1.22/apis => ../apis diff --git a/generated/1.22/client/go.sum b/generated/1.22/client/go.sum new file mode 100644 index 00000000..5f7f4693 --- /dev/null +++ b/generated/1.22/client/go.sum @@ -0,0 +1,451 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= +cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= +cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= +cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= +cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= +cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= +cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= +cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= +cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= +cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= +cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= +cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= +cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= +cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= +cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= +cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= +cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= +cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= +cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= +cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= +dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= +github.com/Azure/go-autorest/autorest v0.11.18/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA= +github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= +github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= +github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= +github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= +github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= +github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= +github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= +github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= +github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/evanphx/json-patch v4.11.0+incompatible h1:glyUF9yIYtMHzn8xaKw5rMhdWcwsYV8dZHIq5567/xs= +github.com/evanphx/json-patch v4.11.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= +github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4= +github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= +github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= +github.com/go-logr/logr v0.4.0 h1:K7/B1jt6fIBQVd4Owv2MqGQClcgf0R266+7C/QjRcLc= +github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= +github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= +github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= +github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= +github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= +github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= +github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= +github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= +github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= +github.com/googleapis/gnostic v0.5.5 h1:9fHAtK0uDfpveeqqo1hkEZJcFvYXAiCN3UutL8F9xHw= +github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97DwqyJO1AENw9kA= +github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= +github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= +github.com/json-iterator/go v1.1.11 h1:uVUAXhF2To8cbw/3xN3pxj6kk7TYKs98NIrTqPlMWAQ= +github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= +github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI= +github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= +github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78= +github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= +github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= +github.com/onsi/ginkgo v1.14.0 h1:2mOpI4JVVPBN+WQRa0WKH2eXR+Ey+uK4n7Zj0aYpIQA= +github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= +github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= +github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= +github.com/onsi/gomega v1.10.1 h1:o0+MgICZLuZ7xjH7Vx6zS/zcu93/BEp1VwkIW1mEXCE= +github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= +github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= +github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= +go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= +go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= +golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= +golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= +golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= +golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= +golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= +golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= +golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= +golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= +golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= +golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= +golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20211209124913-491a49abca63 h1:iocB37TsdFuN6IBRZ+ry36wrkoV51/tl5vOWqkcPGvY= +golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d h1:TzXSXBo42m9gQenoE3b9BGiEpg5IG2JkU5FkPIawgtw= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210616094352-59db8d763f22 h1:RqytpXGR1iVNX7psjB3ff8y7sNFinVFvkx1c8SjBkio= +golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d h1:SZxvLBoTP5yHO3Frd4z4vrF+DBX9vMVanchswa69toE= +golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac h1:7zkz7BUtwNFFqcowJ+RIgu2MaV/MapERkDIy+mwPyjs= +golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= +google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= +google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= +google.golang.org/appengine v1.6.5 h1:tycE03LOZYQNhDpS27tcQdAzLCVMaj7QT2SXxebnpCM= +google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= +google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= +google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= +google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/lk= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= +honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +k8s.io/api v0.22.6 h1:acjE5ABt0KpsBI9QCtLqaQEPSF94jOtE/LoFxSYasSE= +k8s.io/api v0.22.6/go.mod h1:q1F7IfaNrbi/83ebLy3YFQYLjPSNyunZ/IXQxMmbwCg= +k8s.io/apimachinery v0.22.6 h1:z7vxNRkFX0NToA+8D17kzLZ/T4t+DqwzUlqqbqRepRs= +k8s.io/apimachinery v0.22.6/go.mod h1:ZvVLP5iLhwVFg2Yx9Gh5W0um0DUauExbRhe+2Z8I1EU= +k8s.io/client-go v0.22.6 h1:ugAXeC312xeGXsn7zTRz+btgtLBnW3qYhtUUpVQL7YE= +k8s.io/client-go v0.22.6/go.mod h1:TffU4AV2idZGeP+g3kdFZP+oHVHWPL1JYFySOALriw0= +k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= +k8s.io/klog/v2 v2.9.0 h1:D7HV+n1V57XeZ0m6tdRkfknthUaM06VFbWldOFh8kzM= +k8s.io/klog/v2 v2.9.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= +k8s.io/kube-openapi v0.0.0-20211109043538-20434351676c h1:jvamsI1tn9V0S8jicyX82qaFC0H/NKxv2e5mbqsgR80= +k8s.io/kube-openapi v0.0.0-20211109043538-20434351676c/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= +k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a h1:8dYfu/Fc9Gz2rNJKB9IQRGgQOh2clmRzNIPPY1xLY5g= +k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= +rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= +rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= +sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= +sigs.k8s.io/structured-merge-diff/v4 v4.2.1 h1:bKCqE9GvQ5tiVHn5rfn1r+yao3aLQEaLzkkmAkf+A6Y= +sigs.k8s.io/structured-merge-diff/v4 v4.2.1/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= +sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= +sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/generated/1.22/client/supervisor/clientset/versioned/clientset.go b/generated/1.22/client/supervisor/clientset/versioned/clientset.go new file mode 100644 index 00000000..b110aa5d --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/clientset.go @@ -0,0 +1,98 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package versioned + +import ( + "fmt" + + configv1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" +) + +type Interface interface { + Discovery() discovery.DiscoveryInterface + ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface + IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface +} + +// Clientset contains the clients for groups. Each group has exactly one +// version included in a Clientset. +type Clientset struct { + *discovery.DiscoveryClient + configV1alpha1 *configv1alpha1.ConfigV1alpha1Client + iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client +} + +// ConfigV1alpha1 retrieves the ConfigV1alpha1Client +func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { + return c.configV1alpha1 +} + +// IDPV1alpha1 retrieves the IDPV1alpha1Client +func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { + return c.iDPV1alpha1 +} + +// Discovery retrieves the DiscoveryClient +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + if c == nil { + return nil + } + return c.DiscoveryClient +} + +// NewForConfig creates a new Clientset for the given config. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfig will generate a rate-limiter in configShallowCopy. +func NewForConfig(c *rest.Config) (*Clientset, error) { + configShallowCopy := *c + if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { + if configShallowCopy.Burst <= 0 { + return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") + } + configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) + } + var cs Clientset + var err error + cs.configV1alpha1, err = configv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.iDPV1alpha1, err = idpv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + return &cs, nil +} + +// NewForConfigOrDie creates a new Clientset for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *Clientset { + var cs Clientset + cs.configV1alpha1 = configv1alpha1.NewForConfigOrDie(c) + cs.iDPV1alpha1 = idpv1alpha1.NewForConfigOrDie(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) + return &cs +} + +// New creates a new Clientset for the given RESTClient. +func New(c rest.Interface) *Clientset { + var cs Clientset + cs.configV1alpha1 = configv1alpha1.New(c) + cs.iDPV1alpha1 = idpv1alpha1.New(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClient(c) + return &cs +} diff --git a/generated/1.22/client/supervisor/clientset/versioned/doc.go b/generated/1.22/client/supervisor/clientset/versioned/doc.go new file mode 100644 index 00000000..5dc02e6e --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated clientset. +package versioned diff --git a/generated/1.22/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.22/client/supervisor/clientset/versioned/fake/clientset_generated.go new file mode 100644 index 00000000..919b66cf --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -0,0 +1,79 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + clientset "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned" + configv1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1" + fakeconfigv1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" + idpv1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + fakeidpv1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/discovery" + fakediscovery "k8s.io/client-go/discovery/fake" + "k8s.io/client-go/testing" +) + +// NewSimpleClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +func NewSimpleClientset(objects ...runtime.Object) *Clientset { + o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{tracker: o} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +// Clientset implements clientset.Interface. Meant to be embedded into a +// struct to get a default implementation. This makes faking out just the method +// you want to test easier. +type Clientset struct { + testing.Fake + discovery *fakediscovery.FakeDiscovery + tracker testing.ObjectTracker +} + +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + return c.discovery +} + +func (c *Clientset) Tracker() testing.ObjectTracker { + return c.tracker +} + +var ( + _ clientset.Interface = &Clientset{} + _ testing.FakeClient = &Clientset{} +) + +// ConfigV1alpha1 retrieves the ConfigV1alpha1Client +func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { + return &fakeconfigv1alpha1.FakeConfigV1alpha1{Fake: &c.Fake} +} + +// IDPV1alpha1 retrieves the IDPV1alpha1Client +func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { + return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} +} diff --git a/generated/1.22/client/supervisor/clientset/versioned/fake/doc.go b/generated/1.22/client/supervisor/clientset/versioned/fake/doc.go new file mode 100644 index 00000000..7c9538fd --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated fake clientset. +package fake diff --git a/generated/1.22/client/supervisor/clientset/versioned/fake/register.go b/generated/1.22/client/supervisor/clientset/versioned/fake/register.go new file mode 100644 index 00000000..38fb0501 --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/fake/register.go @@ -0,0 +1,45 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + configv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var scheme = runtime.NewScheme() +var codecs = serializer.NewCodecFactory(scheme) + +var localSchemeBuilder = runtime.SchemeBuilder{ + configv1alpha1.AddToScheme, + idpv1alpha1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(scheme)) +} diff --git a/generated/1.22/client/supervisor/clientset/versioned/scheme/doc.go b/generated/1.22/client/supervisor/clientset/versioned/scheme/doc.go new file mode 100644 index 00000000..cc02f1d3 --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/scheme/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package contains the scheme of the automatically generated clientset. +package scheme diff --git a/generated/1.22/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.22/client/supervisor/clientset/versioned/scheme/register.go new file mode 100644 index 00000000..1fdb17cd --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/scheme/register.go @@ -0,0 +1,45 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package scheme + +import ( + configv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var Scheme = runtime.NewScheme() +var Codecs = serializer.NewCodecFactory(Scheme) +var ParameterCodec = runtime.NewParameterCodec(Scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + configv1alpha1.AddToScheme, + idpv1alpha1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(Scheme)) +} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go new file mode 100644 index 00000000..8b13c709 --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/config/v1alpha1" + "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type ConfigV1alpha1Interface interface { + RESTClient() rest.Interface + FederationDomainsGetter +} + +// ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. +type ConfigV1alpha1Client struct { + restClient rest.Interface +} + +func (c *ConfigV1alpha1Client) FederationDomains(namespace string) FederationDomainInterface { + return newFederationDomains(c, namespace) +} + +// NewForConfig creates a new ConfigV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &ConfigV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new ConfigV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *ConfigV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new ConfigV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *ConfigV1alpha1Client { + return &ConfigV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *ConfigV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go new file mode 100644 index 00000000..309e08b8 --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeConfigV1alpha1 struct { + *testing.Fake +} + +func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.FederationDomainInterface { + return &FakeFederationDomains{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go new file mode 100644 index 00000000..8ff118f0 --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go @@ -0,0 +1,129 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/config/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeFederationDomains implements FederationDomainInterface +type FakeFederationDomains struct { + Fake *FakeConfigV1alpha1 + ns string +} + +var federationdomainsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "federationdomains"} + +var federationdomainsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "FederationDomain"} + +// Get takes name of the federationDomain, and returns the corresponding federationDomain object, and an error if there is any. +func (c *FakeFederationDomains) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.FederationDomain, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(federationdomainsResource, c.ns, name), &v1alpha1.FederationDomain{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.FederationDomain), err +} + +// List takes label and field selectors, and returns the list of FederationDomains that match those selectors. +func (c *FakeFederationDomains) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.FederationDomainList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(federationdomainsResource, federationdomainsKind, c.ns, opts), &v1alpha1.FederationDomainList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.FederationDomainList{ListMeta: obj.(*v1alpha1.FederationDomainList).ListMeta} + for _, item := range obj.(*v1alpha1.FederationDomainList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested federationDomains. +func (c *FakeFederationDomains) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(federationdomainsResource, c.ns, opts)) + +} + +// Create takes the representation of a federationDomain and creates it. Returns the server's representation of the federationDomain, and an error, if there is any. +func (c *FakeFederationDomains) Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (result *v1alpha1.FederationDomain, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(federationdomainsResource, c.ns, federationDomain), &v1alpha1.FederationDomain{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.FederationDomain), err +} + +// Update takes the representation of a federationDomain and updates it. Returns the server's representation of the federationDomain, and an error, if there is any. +func (c *FakeFederationDomains) Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(federationdomainsResource, c.ns, federationDomain), &v1alpha1.FederationDomain{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.FederationDomain), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeFederationDomains) UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(federationdomainsResource, "status", c.ns, federationDomain), &v1alpha1.FederationDomain{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.FederationDomain), err +} + +// Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. +func (c *FakeFederationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(federationdomainsResource, c.ns, name), &v1alpha1.FederationDomain{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeFederationDomains) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(federationdomainsResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.FederationDomainList{}) + return err +} + +// Patch applies the patch and returns the patched federationDomain. +func (c *FakeFederationDomains) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(federationdomainsResource, c.ns, name, pt, data, subresources...), &v1alpha1.FederationDomain{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.FederationDomain), err +} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go new file mode 100644 index 00000000..5698ede3 --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go @@ -0,0 +1,182 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// FederationDomainsGetter has a method to return a FederationDomainInterface. +// A group's client should implement this interface. +type FederationDomainsGetter interface { + FederationDomains(namespace string) FederationDomainInterface +} + +// FederationDomainInterface has methods to work with FederationDomain resources. +type FederationDomainInterface interface { + Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (*v1alpha1.FederationDomain, error) + Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) + UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.FederationDomain, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.FederationDomainList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) + FederationDomainExpansion +} + +// federationDomains implements FederationDomainInterface +type federationDomains struct { + client rest.Interface + ns string +} + +// newFederationDomains returns a FederationDomains +func newFederationDomains(c *ConfigV1alpha1Client, namespace string) *federationDomains { + return &federationDomains{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the federationDomain, and returns the corresponding federationDomain object, and an error if there is any. +func (c *federationDomains) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.FederationDomain, err error) { + result = &v1alpha1.FederationDomain{} + err = c.client.Get(). + Namespace(c.ns). + Resource("federationdomains"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of FederationDomains that match those selectors. +func (c *federationDomains) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.FederationDomainList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.FederationDomainList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("federationdomains"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested federationDomains. +func (c *federationDomains) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("federationdomains"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a federationDomain and creates it. Returns the server's representation of the federationDomain, and an error, if there is any. +func (c *federationDomains) Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (result *v1alpha1.FederationDomain, err error) { + result = &v1alpha1.FederationDomain{} + err = c.client.Post(). + Namespace(c.ns). + Resource("federationdomains"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(federationDomain). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a federationDomain and updates it. Returns the server's representation of the federationDomain, and an error, if there is any. +func (c *federationDomains) Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { + result = &v1alpha1.FederationDomain{} + err = c.client.Put(). + Namespace(c.ns). + Resource("federationdomains"). + Name(federationDomain.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(federationDomain). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *federationDomains) UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { + result = &v1alpha1.FederationDomain{} + err = c.client.Put(). + Namespace(c.ns). + Resource("federationdomains"). + Name(federationDomain.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(federationDomain). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. +func (c *federationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("federationdomains"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *federationDomains) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("federationdomains"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched federationDomain. +func (c *federationDomains) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) { + result = &v1alpha1.FederationDomain{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("federationdomains"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..ba9c9173 --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -0,0 +1,8 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type FederationDomainExpansion interface{} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go new file mode 100644 index 00000000..b308c1e9 --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go @@ -0,0 +1,182 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// ActiveDirectoryIdentityProvidersGetter has a method to return a ActiveDirectoryIdentityProviderInterface. +// A group's client should implement this interface. +type ActiveDirectoryIdentityProvidersGetter interface { + ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderInterface +} + +// ActiveDirectoryIdentityProviderInterface has methods to work with ActiveDirectoryIdentityProvider resources. +type ActiveDirectoryIdentityProviderInterface interface { + Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ActiveDirectoryIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) + ActiveDirectoryIdentityProviderExpansion +} + +// activeDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface +type activeDirectoryIdentityProviders struct { + client rest.Interface + ns string +} + +// newActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviders +func newActiveDirectoryIdentityProviders(c *IDPV1alpha1Client, namespace string) *activeDirectoryIdentityProviders { + return &activeDirectoryIdentityProviders{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the activeDirectoryIdentityProvider, and returns the corresponding activeDirectoryIdentityProvider object, and an error if there is any. +func (c *activeDirectoryIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + result = &v1alpha1.ActiveDirectoryIdentityProvider{} + err = c.client.Get(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of ActiveDirectoryIdentityProviders that match those selectors. +func (c *activeDirectoryIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ActiveDirectoryIdentityProviderList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.ActiveDirectoryIdentityProviderList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested activeDirectoryIdentityProviders. +func (c *activeDirectoryIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a activeDirectoryIdentityProvider and creates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. +func (c *activeDirectoryIdentityProviders) Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + result = &v1alpha1.ActiveDirectoryIdentityProvider{} + err = c.client.Post(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(activeDirectoryIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a activeDirectoryIdentityProvider and updates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. +func (c *activeDirectoryIdentityProviders) Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + result = &v1alpha1.ActiveDirectoryIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + Name(activeDirectoryIdentityProvider.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(activeDirectoryIdentityProvider). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *activeDirectoryIdentityProviders) UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + result = &v1alpha1.ActiveDirectoryIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + Name(activeDirectoryIdentityProvider.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(activeDirectoryIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. +func (c *activeDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *activeDirectoryIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched activeDirectoryIdentityProvider. +func (c *activeDirectoryIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + result = &v1alpha1.ActiveDirectoryIdentityProvider{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go new file mode 100644 index 00000000..772be532 --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go @@ -0,0 +1,129 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeActiveDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface +type FakeActiveDirectoryIdentityProviders struct { + Fake *FakeIDPV1alpha1 + ns string +} + +var activedirectoryidentityprovidersResource = schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "activedirectoryidentityproviders"} + +var activedirectoryidentityprovidersKind = schema.GroupVersionKind{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "ActiveDirectoryIdentityProvider"} + +// Get takes name of the activeDirectoryIdentityProvider, and returns the corresponding activeDirectoryIdentityProvider object, and an error if there is any. +func (c *FakeActiveDirectoryIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(activedirectoryidentityprovidersResource, c.ns, name), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err +} + +// List takes label and field selectors, and returns the list of ActiveDirectoryIdentityProviders that match those selectors. +func (c *FakeActiveDirectoryIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ActiveDirectoryIdentityProviderList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(activedirectoryidentityprovidersResource, activedirectoryidentityprovidersKind, c.ns, opts), &v1alpha1.ActiveDirectoryIdentityProviderList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.ActiveDirectoryIdentityProviderList{ListMeta: obj.(*v1alpha1.ActiveDirectoryIdentityProviderList).ListMeta} + for _, item := range obj.(*v1alpha1.ActiveDirectoryIdentityProviderList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested activeDirectoryIdentityProviders. +func (c *FakeActiveDirectoryIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(activedirectoryidentityprovidersResource, c.ns, opts)) + +} + +// Create takes the representation of a activeDirectoryIdentityProvider and creates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. +func (c *FakeActiveDirectoryIdentityProviders) Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(activedirectoryidentityprovidersResource, c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err +} + +// Update takes the representation of a activeDirectoryIdentityProvider and updates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. +func (c *FakeActiveDirectoryIdentityProviders) Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(activedirectoryidentityprovidersResource, c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeActiveDirectoryIdentityProviders) UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(activedirectoryidentityprovidersResource, "status", c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err +} + +// Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. +func (c *FakeActiveDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(activedirectoryidentityprovidersResource, c.ns, name), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeActiveDirectoryIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(activedirectoryidentityprovidersResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.ActiveDirectoryIdentityProviderList{}) + return err +} + +// Patch applies the patch and returns the patched activeDirectoryIdentityProvider. +func (c *FakeActiveDirectoryIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(activedirectoryidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err +} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go new file mode 100644 index 00000000..b03c3c91 --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go @@ -0,0 +1,35 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeIDPV1alpha1 struct { + *testing.Fake +} + +func (c *FakeIDPV1alpha1) ActiveDirectoryIdentityProviders(namespace string) v1alpha1.ActiveDirectoryIdentityProviderInterface { + return &FakeActiveDirectoryIdentityProviders{c, namespace} +} + +func (c *FakeIDPV1alpha1) LDAPIdentityProviders(namespace string) v1alpha1.LDAPIdentityProviderInterface { + return &FakeLDAPIdentityProviders{c, namespace} +} + +func (c *FakeIDPV1alpha1) OIDCIdentityProviders(namespace string) v1alpha1.OIDCIdentityProviderInterface { + return &FakeOIDCIdentityProviders{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeIDPV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go new file mode 100644 index 00000000..45792692 --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go @@ -0,0 +1,129 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeLDAPIdentityProviders implements LDAPIdentityProviderInterface +type FakeLDAPIdentityProviders struct { + Fake *FakeIDPV1alpha1 + ns string +} + +var ldapidentityprovidersResource = schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "ldapidentityproviders"} + +var ldapidentityprovidersKind = schema.GroupVersionKind{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "LDAPIdentityProvider"} + +// Get takes name of the lDAPIdentityProvider, and returns the corresponding lDAPIdentityProvider object, and an error if there is any. +func (c *FakeLDAPIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(ldapidentityprovidersResource, c.ns, name), &v1alpha1.LDAPIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.LDAPIdentityProvider), err +} + +// List takes label and field selectors, and returns the list of LDAPIdentityProviders that match those selectors. +func (c *FakeLDAPIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.LDAPIdentityProviderList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(ldapidentityprovidersResource, ldapidentityprovidersKind, c.ns, opts), &v1alpha1.LDAPIdentityProviderList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.LDAPIdentityProviderList{ListMeta: obj.(*v1alpha1.LDAPIdentityProviderList).ListMeta} + for _, item := range obj.(*v1alpha1.LDAPIdentityProviderList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested lDAPIdentityProviders. +func (c *FakeLDAPIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(ldapidentityprovidersResource, c.ns, opts)) + +} + +// Create takes the representation of a lDAPIdentityProvider and creates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. +func (c *FakeLDAPIdentityProviders) Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(ldapidentityprovidersResource, c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.LDAPIdentityProvider), err +} + +// Update takes the representation of a lDAPIdentityProvider and updates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. +func (c *FakeLDAPIdentityProviders) Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(ldapidentityprovidersResource, c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.LDAPIdentityProvider), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeLDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(ldapidentityprovidersResource, "status", c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.LDAPIdentityProvider), err +} + +// Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. +func (c *FakeLDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(ldapidentityprovidersResource, c.ns, name), &v1alpha1.LDAPIdentityProvider{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeLDAPIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(ldapidentityprovidersResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.LDAPIdentityProviderList{}) + return err +} + +// Patch applies the patch and returns the patched lDAPIdentityProvider. +func (c *FakeLDAPIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(ldapidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.LDAPIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.LDAPIdentityProvider), err +} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go new file mode 100644 index 00000000..1f7d6a6b --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go @@ -0,0 +1,129 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeOIDCIdentityProviders implements OIDCIdentityProviderInterface +type FakeOIDCIdentityProviders struct { + Fake *FakeIDPV1alpha1 + ns string +} + +var oidcidentityprovidersResource = schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcidentityproviders"} + +var oidcidentityprovidersKind = schema.GroupVersionKind{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCIdentityProvider"} + +// Get takes name of the oIDCIdentityProvider, and returns the corresponding oIDCIdentityProvider object, and an error if there is any. +func (c *FakeOIDCIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(oidcidentityprovidersResource, c.ns, name), &v1alpha1.OIDCIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCIdentityProvider), err +} + +// List takes label and field selectors, and returns the list of OIDCIdentityProviders that match those selectors. +func (c *FakeOIDCIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCIdentityProviderList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(oidcidentityprovidersResource, oidcidentityprovidersKind, c.ns, opts), &v1alpha1.OIDCIdentityProviderList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.OIDCIdentityProviderList{ListMeta: obj.(*v1alpha1.OIDCIdentityProviderList).ListMeta} + for _, item := range obj.(*v1alpha1.OIDCIdentityProviderList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested oIDCIdentityProviders. +func (c *FakeOIDCIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(oidcidentityprovidersResource, c.ns, opts)) + +} + +// Create takes the representation of a oIDCIdentityProvider and creates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. +func (c *FakeOIDCIdentityProviders) Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(oidcidentityprovidersResource, c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCIdentityProvider), err +} + +// Update takes the representation of a oIDCIdentityProvider and updates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. +func (c *FakeOIDCIdentityProviders) Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(oidcidentityprovidersResource, c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCIdentityProvider), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeOIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(oidcidentityprovidersResource, "status", c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCIdentityProvider), err +} + +// Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. +func (c *FakeOIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(oidcidentityprovidersResource, c.ns, name), &v1alpha1.OIDCIdentityProvider{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeOIDCIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(oidcidentityprovidersResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.OIDCIdentityProviderList{}) + return err +} + +// Patch applies the patch and returns the patched oIDCIdentityProvider. +func (c *FakeOIDCIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(oidcidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCIdentityProvider), err +} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..cbefaca4 --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go @@ -0,0 +1,12 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type ActiveDirectoryIdentityProviderExpansion interface{} + +type LDAPIdentityProviderExpansion interface{} + +type OIDCIdentityProviderExpansion interface{} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go new file mode 100644 index 00000000..62d2677d --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" + "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type IDPV1alpha1Interface interface { + RESTClient() rest.Interface + ActiveDirectoryIdentityProvidersGetter + LDAPIdentityProvidersGetter + OIDCIdentityProvidersGetter +} + +// IDPV1alpha1Client is used to interact with features provided by the idp.supervisor.pinniped.dev group. +type IDPV1alpha1Client struct { + restClient rest.Interface +} + +func (c *IDPV1alpha1Client) ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderInterface { + return newActiveDirectoryIdentityProviders(c, namespace) +} + +func (c *IDPV1alpha1Client) LDAPIdentityProviders(namespace string) LDAPIdentityProviderInterface { + return newLDAPIdentityProviders(c, namespace) +} + +func (c *IDPV1alpha1Client) OIDCIdentityProviders(namespace string) OIDCIdentityProviderInterface { + return newOIDCIdentityProviders(c, namespace) +} + +// NewForConfig creates a new IDPV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &IDPV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new IDPV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *IDPV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new IDPV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *IDPV1alpha1Client { + return &IDPV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *IDPV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go new file mode 100644 index 00000000..28b37041 --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go @@ -0,0 +1,182 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// LDAPIdentityProvidersGetter has a method to return a LDAPIdentityProviderInterface. +// A group's client should implement this interface. +type LDAPIdentityProvidersGetter interface { + LDAPIdentityProviders(namespace string) LDAPIdentityProviderInterface +} + +// LDAPIdentityProviderInterface has methods to work with LDAPIdentityProvider resources. +type LDAPIdentityProviderInterface interface { + Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (*v1alpha1.LDAPIdentityProvider, error) + Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) + UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.LDAPIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.LDAPIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) + LDAPIdentityProviderExpansion +} + +// lDAPIdentityProviders implements LDAPIdentityProviderInterface +type lDAPIdentityProviders struct { + client rest.Interface + ns string +} + +// newLDAPIdentityProviders returns a LDAPIdentityProviders +func newLDAPIdentityProviders(c *IDPV1alpha1Client, namespace string) *lDAPIdentityProviders { + return &lDAPIdentityProviders{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the lDAPIdentityProvider, and returns the corresponding lDAPIdentityProvider object, and an error if there is any. +func (c *lDAPIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + result = &v1alpha1.LDAPIdentityProvider{} + err = c.client.Get(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of LDAPIdentityProviders that match those selectors. +func (c *lDAPIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.LDAPIdentityProviderList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.LDAPIdentityProviderList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested lDAPIdentityProviders. +func (c *lDAPIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a lDAPIdentityProvider and creates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. +func (c *lDAPIdentityProviders) Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + result = &v1alpha1.LDAPIdentityProvider{} + err = c.client.Post(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(lDAPIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a lDAPIdentityProvider and updates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. +func (c *lDAPIdentityProviders) Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + result = &v1alpha1.LDAPIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + Name(lDAPIdentityProvider.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(lDAPIdentityProvider). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *lDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + result = &v1alpha1.LDAPIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + Name(lDAPIdentityProvider.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(lDAPIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. +func (c *lDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *lDAPIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched lDAPIdentityProvider. +func (c *lDAPIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) { + result = &v1alpha1.LDAPIdentityProvider{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("ldapidentityproviders"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go new file mode 100644 index 00000000..f8c9be3b --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go @@ -0,0 +1,182 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// OIDCIdentityProvidersGetter has a method to return a OIDCIdentityProviderInterface. +// A group's client should implement this interface. +type OIDCIdentityProvidersGetter interface { + OIDCIdentityProviders(namespace string) OIDCIdentityProviderInterface +} + +// OIDCIdentityProviderInterface has methods to work with OIDCIdentityProvider resources. +type OIDCIdentityProviderInterface interface { + Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (*v1alpha1.OIDCIdentityProvider, error) + Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) + UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) + OIDCIdentityProviderExpansion +} + +// oIDCIdentityProviders implements OIDCIdentityProviderInterface +type oIDCIdentityProviders struct { + client rest.Interface + ns string +} + +// newOIDCIdentityProviders returns a OIDCIdentityProviders +func newOIDCIdentityProviders(c *IDPV1alpha1Client, namespace string) *oIDCIdentityProviders { + return &oIDCIdentityProviders{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the oIDCIdentityProvider, and returns the corresponding oIDCIdentityProvider object, and an error if there is any. +func (c *oIDCIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + result = &v1alpha1.OIDCIdentityProvider{} + err = c.client.Get(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of OIDCIdentityProviders that match those selectors. +func (c *oIDCIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCIdentityProviderList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.OIDCIdentityProviderList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested oIDCIdentityProviders. +func (c *oIDCIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a oIDCIdentityProvider and creates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. +func (c *oIDCIdentityProviders) Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + result = &v1alpha1.OIDCIdentityProvider{} + err = c.client.Post(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(oIDCIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a oIDCIdentityProvider and updates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. +func (c *oIDCIdentityProviders) Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + result = &v1alpha1.OIDCIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + Name(oIDCIdentityProvider.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(oIDCIdentityProvider). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *oIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + result = &v1alpha1.OIDCIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + Name(oIDCIdentityProvider.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(oIDCIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. +func (c *oIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *oIDCIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched oIDCIdentityProvider. +func (c *oIDCIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) { + result = &v1alpha1.OIDCIdentityProvider{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("oidcidentityproviders"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.22/client/supervisor/informers/externalversions/config/interface.go b/generated/1.22/client/supervisor/informers/externalversions/config/interface.go new file mode 100644 index 00000000..006de4ef --- /dev/null +++ b/generated/1.22/client/supervisor/informers/externalversions/config/interface.go @@ -0,0 +1,33 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package config + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/config/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/generated/1.22/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go b/generated/1.22/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go new file mode 100644 index 00000000..4ead9c33 --- /dev/null +++ b/generated/1.22/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go @@ -0,0 +1,77 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + configv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/config/v1alpha1" + versioned "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/listers/config/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// FederationDomainInformer provides access to a shared informer and lister for +// FederationDomains. +type FederationDomainInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.FederationDomainLister +} + +type federationDomainInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewFederationDomainInformer constructs a new informer for FederationDomain type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredFederationDomainInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredFederationDomainInformer constructs a new informer for FederationDomain type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().FederationDomains(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().FederationDomains(namespace).Watch(context.TODO(), options) + }, + }, + &configv1alpha1.FederationDomain{}, + resyncPeriod, + indexers, + ) +} + +func (f *federationDomainInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredFederationDomainInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *federationDomainInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&configv1alpha1.FederationDomain{}, f.defaultInformer) +} + +func (f *federationDomainInformer) Lister() v1alpha1.FederationDomainLister { + return v1alpha1.NewFederationDomainLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.22/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.22/client/supervisor/informers/externalversions/config/v1alpha1/interface.go new file mode 100644 index 00000000..f2d9a689 --- /dev/null +++ b/generated/1.22/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -0,0 +1,32 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // FederationDomains returns a FederationDomainInformer. + FederationDomains() FederationDomainInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// FederationDomains returns a FederationDomainInformer. +func (v *version) FederationDomains() FederationDomainInformer { + return &federationDomainInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.22/client/supervisor/informers/externalversions/factory.go b/generated/1.22/client/supervisor/informers/externalversions/factory.go new file mode 100644 index 00000000..1686a18c --- /dev/null +++ b/generated/1.22/client/supervisor/informers/externalversions/factory.go @@ -0,0 +1,173 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + reflect "reflect" + sync "sync" + time "time" + + versioned "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned" + config "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/config" + idp "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/idp" + internalinterfaces "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/internalinterfaces" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// SharedInformerOption defines the functional option type for SharedInformerFactory. +type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory + +type sharedInformerFactory struct { + client versioned.Interface + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc + lock sync.Mutex + defaultResync time.Duration + customResync map[reflect.Type]time.Duration + + informers map[reflect.Type]cache.SharedIndexInformer + // startedInformers is used for tracking which informers have been started. + // This allows Start() to be called multiple times safely. + startedInformers map[reflect.Type]bool +} + +// WithCustomResyncConfig sets a custom resync period for the specified informer types. +func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + for k, v := range resyncConfig { + factory.customResync[reflect.TypeOf(k)] = v + } + return factory + } +} + +// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. +func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.tweakListOptions = tweakListOptions + return factory + } +} + +// WithNamespace limits the SharedInformerFactory to the specified namespace. +func WithNamespace(namespace string) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.namespace = namespace + return factory + } +} + +// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. +func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync) +} + +// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. +// Listers obtained via this SharedInformerFactory will be subject to the same filters +// as specified here. +// Deprecated: Please use NewSharedInformerFactoryWithOptions instead +func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) +} + +// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. +func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { + factory := &sharedInformerFactory{ + client: client, + namespace: v1.NamespaceAll, + defaultResync: defaultResync, + informers: make(map[reflect.Type]cache.SharedIndexInformer), + startedInformers: make(map[reflect.Type]bool), + customResync: make(map[reflect.Type]time.Duration), + } + + // Apply all options + for _, opt := range options { + factory = opt(factory) + } + + return factory +} + +// Start initializes all requested informers. +func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.lock.Lock() + defer f.lock.Unlock() + + for informerType, informer := range f.informers { + if !f.startedInformers[informerType] { + go informer.Run(stopCh) + f.startedInformers[informerType] = true + } + } +} + +// WaitForCacheSync waits for all started informers' cache were synced. +func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + informers := func() map[reflect.Type]cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informers := map[reflect.Type]cache.SharedIndexInformer{} + for informerType, informer := range f.informers { + if f.startedInformers[informerType] { + informers[informerType] = informer + } + } + return informers + }() + + res := map[reflect.Type]bool{} + for informType, informer := range informers { + res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + } + return res +} + +// InternalInformerFor returns the SharedIndexInformer for obj using an internal +// client. +func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informerType := reflect.TypeOf(obj) + informer, exists := f.informers[informerType] + if exists { + return informer + } + + resyncPeriod, exists := f.customResync[informerType] + if !exists { + resyncPeriod = f.defaultResync + } + + informer = newFunc(f.client, resyncPeriod) + f.informers[informerType] = informer + + return informer +} + +// SharedInformerFactory provides shared informers for resources in all known +// API group versions. +type SharedInformerFactory interface { + internalinterfaces.SharedInformerFactory + ForResource(resource schema.GroupVersionResource) (GenericInformer, error) + WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + + Config() config.Interface + IDP() idp.Interface +} + +func (f *sharedInformerFactory) Config() config.Interface { + return config.New(f, f.namespace, f.tweakListOptions) +} + +func (f *sharedInformerFactory) IDP() idp.Interface { + return idp.New(f, f.namespace, f.tweakListOptions) +} diff --git a/generated/1.22/client/supervisor/informers/externalversions/generic.go b/generated/1.22/client/supervisor/informers/externalversions/generic.go new file mode 100644 index 00000000..9d595d85 --- /dev/null +++ b/generated/1.22/client/supervisor/informers/externalversions/generic.go @@ -0,0 +1,58 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + "fmt" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// GenericInformer is type of SharedIndexInformer which will locate and delegate to other +// sharedInformers based on type +type GenericInformer interface { + Informer() cache.SharedIndexInformer + Lister() cache.GenericLister +} + +type genericInformer struct { + informer cache.SharedIndexInformer + resource schema.GroupResource +} + +// Informer returns the SharedIndexInformer. +func (f *genericInformer) Informer() cache.SharedIndexInformer { + return f.informer +} + +// Lister returns the GenericLister. +func (f *genericInformer) Lister() cache.GenericLister { + return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) +} + +// ForResource gives generic access to a shared informer of the matching type +// TODO extend this to unknown resources with a client pool +func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { + switch resource { + // Group=config.supervisor.pinniped.dev, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithResource("federationdomains"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().FederationDomains().Informer()}, nil + + // Group=idp.supervisor.pinniped.dev, Version=v1alpha1 + case idpv1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"): + return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().ActiveDirectoryIdentityProviders().Informer()}, nil + case idpv1alpha1.SchemeGroupVersion.WithResource("ldapidentityproviders"): + return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().LDAPIdentityProviders().Informer()}, nil + case idpv1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"): + return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().OIDCIdentityProviders().Informer()}, nil + + } + + return nil, fmt.Errorf("no informer found for %v", resource) +} diff --git a/generated/1.22/client/supervisor/informers/externalversions/idp/interface.go b/generated/1.22/client/supervisor/informers/externalversions/idp/interface.go new file mode 100644 index 00000000..cebd96bb --- /dev/null +++ b/generated/1.22/client/supervisor/informers/externalversions/idp/interface.go @@ -0,0 +1,33 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package idp + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go new file mode 100644 index 00000000..e514aa20 --- /dev/null +++ b/generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go @@ -0,0 +1,77 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + idpv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/listers/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// ActiveDirectoryIdentityProviderInformer provides access to a shared informer and lister for +// ActiveDirectoryIdentityProviders. +type ActiveDirectoryIdentityProviderInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.ActiveDirectoryIdentityProviderLister +} + +type activeDirectoryIdentityProviderInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewActiveDirectoryIdentityProviderInformer constructs a new informer for ActiveDirectoryIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredActiveDirectoryIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredActiveDirectoryIdentityProviderInformer constructs a new informer for ActiveDirectoryIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(context.TODO(), options) + }, + }, + &idpv1alpha1.ActiveDirectoryIdentityProvider{}, + resyncPeriod, + indexers, + ) +} + +func (f *activeDirectoryIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredActiveDirectoryIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *activeDirectoryIdentityProviderInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&idpv1alpha1.ActiveDirectoryIdentityProvider{}, f.defaultInformer) +} + +func (f *activeDirectoryIdentityProviderInformer) Lister() v1alpha1.ActiveDirectoryIdentityProviderLister { + return v1alpha1.NewActiveDirectoryIdentityProviderLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go b/generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go new file mode 100644 index 00000000..5306d381 --- /dev/null +++ b/generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go @@ -0,0 +1,46 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // ActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviderInformer. + ActiveDirectoryIdentityProviders() ActiveDirectoryIdentityProviderInformer + // LDAPIdentityProviders returns a LDAPIdentityProviderInformer. + LDAPIdentityProviders() LDAPIdentityProviderInformer + // OIDCIdentityProviders returns a OIDCIdentityProviderInformer. + OIDCIdentityProviders() OIDCIdentityProviderInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// ActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviderInformer. +func (v *version) ActiveDirectoryIdentityProviders() ActiveDirectoryIdentityProviderInformer { + return &activeDirectoryIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + +// LDAPIdentityProviders returns a LDAPIdentityProviderInformer. +func (v *version) LDAPIdentityProviders() LDAPIdentityProviderInformer { + return &lDAPIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + +// OIDCIdentityProviders returns a OIDCIdentityProviderInformer. +func (v *version) OIDCIdentityProviders() OIDCIdentityProviderInformer { + return &oIDCIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go b/generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go new file mode 100644 index 00000000..07f4a88e --- /dev/null +++ b/generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go @@ -0,0 +1,77 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + idpv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/listers/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// LDAPIdentityProviderInformer provides access to a shared informer and lister for +// LDAPIdentityProviders. +type LDAPIdentityProviderInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.LDAPIdentityProviderLister +} + +type lDAPIdentityProviderInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewLDAPIdentityProviderInformer constructs a new informer for LDAPIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredLDAPIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredLDAPIdentityProviderInformer constructs a new informer for LDAPIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(context.TODO(), options) + }, + }, + &idpv1alpha1.LDAPIdentityProvider{}, + resyncPeriod, + indexers, + ) +} + +func (f *lDAPIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredLDAPIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *lDAPIdentityProviderInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&idpv1alpha1.LDAPIdentityProvider{}, f.defaultInformer) +} + +func (f *lDAPIdentityProviderInformer) Lister() v1alpha1.LDAPIdentityProviderLister { + return v1alpha1.NewLDAPIdentityProviderLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go b/generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go new file mode 100644 index 00000000..15a3cb04 --- /dev/null +++ b/generated/1.22/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go @@ -0,0 +1,77 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + idpv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/listers/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// OIDCIdentityProviderInformer provides access to a shared informer and lister for +// OIDCIdentityProviders. +type OIDCIdentityProviderInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.OIDCIdentityProviderLister +} + +type oIDCIdentityProviderInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewOIDCIdentityProviderInformer constructs a new informer for OIDCIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredOIDCIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredOIDCIdentityProviderInformer constructs a new informer for OIDCIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(context.TODO(), options) + }, + }, + &idpv1alpha1.OIDCIdentityProvider{}, + resyncPeriod, + indexers, + ) +} + +func (f *oIDCIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredOIDCIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *oIDCIdentityProviderInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&idpv1alpha1.OIDCIdentityProvider{}, f.defaultInformer) +} + +func (f *oIDCIdentityProviderInformer) Lister() v1alpha1.OIDCIdentityProviderLister { + return v1alpha1.NewOIDCIdentityProviderLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.22/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.22/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go new file mode 100644 index 00000000..b95ecabf --- /dev/null +++ b/generated/1.22/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package internalinterfaces + +import ( + time "time" + + versioned "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + cache "k8s.io/client-go/tools/cache" +) + +// NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer. +type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer + +// SharedInformerFactory a small interface to allow for adding an informer without an import cycle +type SharedInformerFactory interface { + Start(stopCh <-chan struct{}) + InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer +} + +// TweakListOptionsFunc is a function that transforms a v1.ListOptions. +type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/generated/1.22/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.22/client/supervisor/listers/config/v1alpha1/expansion_generated.go new file mode 100644 index 00000000..d59892c4 --- /dev/null +++ b/generated/1.22/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -0,0 +1,14 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// FederationDomainListerExpansion allows custom methods to be added to +// FederationDomainLister. +type FederationDomainListerExpansion interface{} + +// FederationDomainNamespaceListerExpansion allows custom methods to be added to +// FederationDomainNamespaceLister. +type FederationDomainNamespaceListerExpansion interface{} diff --git a/generated/1.22/client/supervisor/listers/config/v1alpha1/federationdomain.go b/generated/1.22/client/supervisor/listers/config/v1alpha1/federationdomain.go new file mode 100644 index 00000000..3b614c10 --- /dev/null +++ b/generated/1.22/client/supervisor/listers/config/v1alpha1/federationdomain.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/config/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// FederationDomainLister helps list FederationDomains. +// All objects returned here must be treated as read-only. +type FederationDomainLister interface { + // List lists all FederationDomains in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) + // FederationDomains returns an object that can list and get FederationDomains. + FederationDomains(namespace string) FederationDomainNamespaceLister + FederationDomainListerExpansion +} + +// federationDomainLister implements the FederationDomainLister interface. +type federationDomainLister struct { + indexer cache.Indexer +} + +// NewFederationDomainLister returns a new FederationDomainLister. +func NewFederationDomainLister(indexer cache.Indexer) FederationDomainLister { + return &federationDomainLister{indexer: indexer} +} + +// List lists all FederationDomains in the indexer. +func (s *federationDomainLister) List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.FederationDomain)) + }) + return ret, err +} + +// FederationDomains returns an object that can list and get FederationDomains. +func (s *federationDomainLister) FederationDomains(namespace string) FederationDomainNamespaceLister { + return federationDomainNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// FederationDomainNamespaceLister helps list and get FederationDomains. +// All objects returned here must be treated as read-only. +type FederationDomainNamespaceLister interface { + // List lists all FederationDomains in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) + // Get retrieves the FederationDomain from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.FederationDomain, error) + FederationDomainNamespaceListerExpansion +} + +// federationDomainNamespaceLister implements the FederationDomainNamespaceLister +// interface. +type federationDomainNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all FederationDomains in the indexer for a given namespace. +func (s federationDomainNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.FederationDomain)) + }) + return ret, err +} + +// Get retrieves the FederationDomain from the indexer for a given namespace and name. +func (s federationDomainNamespaceLister) Get(name string) (*v1alpha1.FederationDomain, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("federationdomain"), name) + } + return obj.(*v1alpha1.FederationDomain), nil +} diff --git a/generated/1.22/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.22/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go new file mode 100644 index 00000000..25c0f95e --- /dev/null +++ b/generated/1.22/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// ActiveDirectoryIdentityProviderLister helps list ActiveDirectoryIdentityProviders. +// All objects returned here must be treated as read-only. +type ActiveDirectoryIdentityProviderLister interface { + // List lists all ActiveDirectoryIdentityProviders in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) + // ActiveDirectoryIdentityProviders returns an object that can list and get ActiveDirectoryIdentityProviders. + ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderNamespaceLister + ActiveDirectoryIdentityProviderListerExpansion +} + +// activeDirectoryIdentityProviderLister implements the ActiveDirectoryIdentityProviderLister interface. +type activeDirectoryIdentityProviderLister struct { + indexer cache.Indexer +} + +// NewActiveDirectoryIdentityProviderLister returns a new ActiveDirectoryIdentityProviderLister. +func NewActiveDirectoryIdentityProviderLister(indexer cache.Indexer) ActiveDirectoryIdentityProviderLister { + return &activeDirectoryIdentityProviderLister{indexer: indexer} +} + +// List lists all ActiveDirectoryIdentityProviders in the indexer. +func (s *activeDirectoryIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.ActiveDirectoryIdentityProvider)) + }) + return ret, err +} + +// ActiveDirectoryIdentityProviders returns an object that can list and get ActiveDirectoryIdentityProviders. +func (s *activeDirectoryIdentityProviderLister) ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderNamespaceLister { + return activeDirectoryIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// ActiveDirectoryIdentityProviderNamespaceLister helps list and get ActiveDirectoryIdentityProviders. +// All objects returned here must be treated as read-only. +type ActiveDirectoryIdentityProviderNamespaceLister interface { + // List lists all ActiveDirectoryIdentityProviders in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) + // Get retrieves the ActiveDirectoryIdentityProvider from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + ActiveDirectoryIdentityProviderNamespaceListerExpansion +} + +// activeDirectoryIdentityProviderNamespaceLister implements the ActiveDirectoryIdentityProviderNamespaceLister +// interface. +type activeDirectoryIdentityProviderNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all ActiveDirectoryIdentityProviders in the indexer for a given namespace. +func (s activeDirectoryIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.ActiveDirectoryIdentityProvider)) + }) + return ret, err +} + +// Get retrieves the ActiveDirectoryIdentityProvider from the indexer for a given namespace and name. +func (s activeDirectoryIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.ActiveDirectoryIdentityProvider, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("activedirectoryidentityprovider"), name) + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), nil +} diff --git a/generated/1.22/client/supervisor/listers/idp/v1alpha1/expansion_generated.go b/generated/1.22/client/supervisor/listers/idp/v1alpha1/expansion_generated.go new file mode 100644 index 00000000..d79cd0fe --- /dev/null +++ b/generated/1.22/client/supervisor/listers/idp/v1alpha1/expansion_generated.go @@ -0,0 +1,30 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// ActiveDirectoryIdentityProviderListerExpansion allows custom methods to be added to +// ActiveDirectoryIdentityProviderLister. +type ActiveDirectoryIdentityProviderListerExpansion interface{} + +// ActiveDirectoryIdentityProviderNamespaceListerExpansion allows custom methods to be added to +// ActiveDirectoryIdentityProviderNamespaceLister. +type ActiveDirectoryIdentityProviderNamespaceListerExpansion interface{} + +// LDAPIdentityProviderListerExpansion allows custom methods to be added to +// LDAPIdentityProviderLister. +type LDAPIdentityProviderListerExpansion interface{} + +// LDAPIdentityProviderNamespaceListerExpansion allows custom methods to be added to +// LDAPIdentityProviderNamespaceLister. +type LDAPIdentityProviderNamespaceListerExpansion interface{} + +// OIDCIdentityProviderListerExpansion allows custom methods to be added to +// OIDCIdentityProviderLister. +type OIDCIdentityProviderListerExpansion interface{} + +// OIDCIdentityProviderNamespaceListerExpansion allows custom methods to be added to +// OIDCIdentityProviderNamespaceLister. +type OIDCIdentityProviderNamespaceListerExpansion interface{} diff --git a/generated/1.22/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go b/generated/1.22/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go new file mode 100644 index 00000000..86ae1a05 --- /dev/null +++ b/generated/1.22/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// LDAPIdentityProviderLister helps list LDAPIdentityProviders. +// All objects returned here must be treated as read-only. +type LDAPIdentityProviderLister interface { + // List lists all LDAPIdentityProviders in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) + // LDAPIdentityProviders returns an object that can list and get LDAPIdentityProviders. + LDAPIdentityProviders(namespace string) LDAPIdentityProviderNamespaceLister + LDAPIdentityProviderListerExpansion +} + +// lDAPIdentityProviderLister implements the LDAPIdentityProviderLister interface. +type lDAPIdentityProviderLister struct { + indexer cache.Indexer +} + +// NewLDAPIdentityProviderLister returns a new LDAPIdentityProviderLister. +func NewLDAPIdentityProviderLister(indexer cache.Indexer) LDAPIdentityProviderLister { + return &lDAPIdentityProviderLister{indexer: indexer} +} + +// List lists all LDAPIdentityProviders in the indexer. +func (s *lDAPIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.LDAPIdentityProvider)) + }) + return ret, err +} + +// LDAPIdentityProviders returns an object that can list and get LDAPIdentityProviders. +func (s *lDAPIdentityProviderLister) LDAPIdentityProviders(namespace string) LDAPIdentityProviderNamespaceLister { + return lDAPIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// LDAPIdentityProviderNamespaceLister helps list and get LDAPIdentityProviders. +// All objects returned here must be treated as read-only. +type LDAPIdentityProviderNamespaceLister interface { + // List lists all LDAPIdentityProviders in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) + // Get retrieves the LDAPIdentityProvider from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.LDAPIdentityProvider, error) + LDAPIdentityProviderNamespaceListerExpansion +} + +// lDAPIdentityProviderNamespaceLister implements the LDAPIdentityProviderNamespaceLister +// interface. +type lDAPIdentityProviderNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all LDAPIdentityProviders in the indexer for a given namespace. +func (s lDAPIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.LDAPIdentityProvider)) + }) + return ret, err +} + +// Get retrieves the LDAPIdentityProvider from the indexer for a given namespace and name. +func (s lDAPIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.LDAPIdentityProvider, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("ldapidentityprovider"), name) + } + return obj.(*v1alpha1.LDAPIdentityProvider), nil +} diff --git a/generated/1.22/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go b/generated/1.22/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go new file mode 100644 index 00000000..3aa27b63 --- /dev/null +++ b/generated/1.22/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// OIDCIdentityProviderLister helps list OIDCIdentityProviders. +// All objects returned here must be treated as read-only. +type OIDCIdentityProviderLister interface { + // List lists all OIDCIdentityProviders in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) + // OIDCIdentityProviders returns an object that can list and get OIDCIdentityProviders. + OIDCIdentityProviders(namespace string) OIDCIdentityProviderNamespaceLister + OIDCIdentityProviderListerExpansion +} + +// oIDCIdentityProviderLister implements the OIDCIdentityProviderLister interface. +type oIDCIdentityProviderLister struct { + indexer cache.Indexer +} + +// NewOIDCIdentityProviderLister returns a new OIDCIdentityProviderLister. +func NewOIDCIdentityProviderLister(indexer cache.Indexer) OIDCIdentityProviderLister { + return &oIDCIdentityProviderLister{indexer: indexer} +} + +// List lists all OIDCIdentityProviders in the indexer. +func (s *oIDCIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.OIDCIdentityProvider)) + }) + return ret, err +} + +// OIDCIdentityProviders returns an object that can list and get OIDCIdentityProviders. +func (s *oIDCIdentityProviderLister) OIDCIdentityProviders(namespace string) OIDCIdentityProviderNamespaceLister { + return oIDCIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// OIDCIdentityProviderNamespaceLister helps list and get OIDCIdentityProviders. +// All objects returned here must be treated as read-only. +type OIDCIdentityProviderNamespaceLister interface { + // List lists all OIDCIdentityProviders in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) + // Get retrieves the OIDCIdentityProvider from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.OIDCIdentityProvider, error) + OIDCIdentityProviderNamespaceListerExpansion +} + +// oIDCIdentityProviderNamespaceLister implements the OIDCIdentityProviderNamespaceLister +// interface. +type oIDCIdentityProviderNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all OIDCIdentityProviders in the indexer for a given namespace. +func (s oIDCIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.OIDCIdentityProvider)) + }) + return ret, err +} + +// Get retrieves the OIDCIdentityProvider from the indexer for a given namespace and name. +func (s oIDCIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.OIDCIdentityProvider, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("oidcidentityprovider"), name) + } + return obj.(*v1alpha1.OIDCIdentityProvider), nil +} diff --git a/generated/1.22/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.22/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml new file mode 100644 index 00000000..bf656d1f --- /dev/null +++ b/generated/1.22/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -0,0 +1,177 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: jwtauthenticators.authentication.concierge.pinniped.dev +spec: + group: authentication.concierge.pinniped.dev + names: + categories: + - pinniped + - pinniped-authenticator + - pinniped-authenticators + kind: JWTAuthenticator + listKind: JWTAuthenticatorList + plural: jwtauthenticators + singular: jwtauthenticator + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .spec.issuer + name: Issuer + type: string + - jsonPath: .spec.audience + name: Audience + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: "JWTAuthenticator describes the configuration of a JWT authenticator. + \n Upon receiving a signed JWT, a JWTAuthenticator will performs some validation + on it (e.g., valid signature, existence of claims, etc.) and extract the + username and groups from the token." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec for configuring the authenticator. + properties: + audience: + description: Audience is the required value of the "aud" JWT claim. + minLength: 1 + type: string + claims: + description: Claims allows customization of the claims that will be + mapped to user identity for Kubernetes access. + properties: + groups: + description: Groups is the name of the claim which should be read + to extract the user's group membership from the JWT token. When + not specified, it will default to "groups". + type: string + username: + description: Username is the name of the claim which should be + read to extract the username from the JWT token. When not specified, + it will default to "username". + type: string + type: object + issuer: + description: Issuer is the OIDC issuer URL that will be used to discover + public signing keys. Issuer is also used to validate the "iss" JWT + claim. + minLength: 1 + pattern: ^https:// + type: string + tls: + description: TLS configuration for communicating with the OIDC provider. + properties: + certificateAuthorityData: + description: X.509 Certificate Authority (base64-encoded PEM bundle). + If omitted, a default set of system roots will be trusted. + type: string + type: object + required: + - audience + - issuer + type: object + status: + description: Status of the authenticator. + properties: + conditions: + description: Represents the observations of the authenticator's current + state. + items: + description: Condition status of a resource (mirrored from the metav1.Condition + type added in Kubernetes 1.19). In a future API version we can + switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.22/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.22/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml new file mode 100644 index 00000000..10dcc7bd --- /dev/null +++ b/generated/1.22/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -0,0 +1,150 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: webhookauthenticators.authentication.concierge.pinniped.dev +spec: + group: authentication.concierge.pinniped.dev + names: + categories: + - pinniped + - pinniped-authenticator + - pinniped-authenticators + kind: WebhookAuthenticator + listKind: WebhookAuthenticatorList + plural: webhookauthenticators + singular: webhookauthenticator + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .spec.endpoint + name: Endpoint + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: WebhookAuthenticator describes the configuration of a webhook + authenticator. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec for configuring the authenticator. + properties: + endpoint: + description: Webhook server endpoint URL. + minLength: 1 + pattern: ^https:// + type: string + tls: + description: TLS configuration. + properties: + certificateAuthorityData: + description: X.509 Certificate Authority (base64-encoded PEM bundle). + If omitted, a default set of system roots will be trusted. + type: string + type: object + required: + - endpoint + type: object + status: + description: Status of the authenticator. + properties: + conditions: + description: Represents the observations of the authenticator's current + state. + items: + description: Condition status of a resource (mirrored from the metav1.Condition + type added in Kubernetes 1.19). In a future API version we can + switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.22/crds/config.concierge.pinniped.dev_credentialissuers.yaml b/generated/1.22/crds/config.concierge.pinniped.dev_credentialissuers.yaml new file mode 100644 index 00000000..e09709a5 --- /dev/null +++ b/generated/1.22/crds/config.concierge.pinniped.dev_credentialissuers.yaml @@ -0,0 +1,247 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: credentialissuers.config.concierge.pinniped.dev +spec: + group: config.concierge.pinniped.dev + names: + categories: + - pinniped + kind: CredentialIssuer + listKind: CredentialIssuerList + plural: credentialissuers + singular: credentialissuer + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .spec.impersonationProxy.mode + name: ProxyMode + type: string + - jsonPath: .status.strategies[?(@.status == "Success")].type + name: DefaultStrategy + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: CredentialIssuer describes the configuration and status of the + Pinniped Concierge credential issuer. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec describes the intended configuration of the Concierge. + properties: + impersonationProxy: + description: ImpersonationProxy describes the intended configuration + of the Concierge impersonation proxy. + properties: + externalEndpoint: + description: "ExternalEndpoint describes the HTTPS endpoint where + the proxy will be exposed. If not set, the proxy will be served + using the external name of the LoadBalancer service or the cluster + service DNS name. \n This field must be non-empty when spec.impersonationProxy.service.type + is \"None\"." + type: string + mode: + description: 'Mode configures whether the impersonation proxy + should be started: - "disabled" explicitly disables the impersonation + proxy. This is the default. - "enabled" explicitly enables the + impersonation proxy. - "auto" enables or disables the impersonation + proxy based upon the cluster in which it is running.' + enum: + - auto + - enabled + - disabled + type: string + service: + default: + type: LoadBalancer + description: Service describes the configuration of the Service + provisioned to expose the impersonation proxy to clients. + properties: + annotations: + additionalProperties: + type: string + description: Annotations specifies zero or more key/value + pairs to set as annotations on the provisioned Service. + type: object + loadBalancerIP: + description: LoadBalancerIP specifies the IP address to set + in the spec.loadBalancerIP field of the provisioned Service. + This is not supported on all cloud providers. + maxLength: 255 + minLength: 1 + type: string + type: + default: LoadBalancer + description: "Type specifies the type of Service to provision + for the impersonation proxy. \n If the type is \"None\", + then the \"spec.impersonationProxy.externalEndpoint\" field + must be set to a non-empty value so that the Concierge can + properly advertise the endpoint in the CredentialIssuer's + status." + enum: + - LoadBalancer + - ClusterIP + - None + type: string + type: object + required: + - mode + - service + type: object + required: + - impersonationProxy + type: object + status: + description: CredentialIssuerStatus describes the status of the Concierge. + properties: + kubeConfigInfo: + description: Information needed to form a valid Pinniped-based kubeconfig + using this credential issuer. This field is deprecated and will + be removed in a future version. + properties: + certificateAuthorityData: + description: The K8s API server CA bundle. + minLength: 1 + type: string + server: + description: The K8s API server URL. + minLength: 1 + pattern: ^https://|^http:// + type: string + required: + - certificateAuthorityData + - server + type: object + strategies: + description: List of integration strategies that were attempted by + Pinniped. + items: + description: CredentialIssuerStrategy describes the status of an + integration strategy that was attempted by Pinniped. + properties: + frontend: + description: Frontend describes how clients can connect using + this strategy. + properties: + impersonationProxyInfo: + description: ImpersonationProxyInfo describes the parameters + for the impersonation proxy on this Concierge. This field + is only set when Type is "ImpersonationProxy". + properties: + certificateAuthorityData: + description: CertificateAuthorityData is the base64-encoded + PEM CA bundle of the impersonation proxy. + minLength: 1 + type: string + endpoint: + description: Endpoint is the HTTPS endpoint of the impersonation + proxy. + minLength: 1 + pattern: ^https:// + type: string + required: + - certificateAuthorityData + - endpoint + type: object + tokenCredentialRequestInfo: + description: TokenCredentialRequestAPIInfo describes the + parameters for the TokenCredentialRequest API on this + Concierge. This field is only set when Type is "TokenCredentialRequestAPI". + properties: + certificateAuthorityData: + description: CertificateAuthorityData is the base64-encoded + Kubernetes API server CA bundle. + minLength: 1 + type: string + server: + description: Server is the Kubernetes API server URL. + minLength: 1 + pattern: ^https://|^http:// + type: string + required: + - certificateAuthorityData + - server + type: object + type: + description: Type describes which frontend mechanism clients + can use with a strategy. + enum: + - TokenCredentialRequestAPI + - ImpersonationProxy + type: string + required: + - type + type: object + lastUpdateTime: + description: When the status was last checked. + format: date-time + type: string + message: + description: Human-readable description of the current status. + minLength: 1 + type: string + reason: + description: Reason for the current status. + enum: + - Listening + - Pending + - Disabled + - ErrorDuringSetup + - CouldNotFetchKey + - CouldNotGetClusterInfo + - FetchedKey + type: string + status: + description: Status of the attempted integration strategy. + enum: + - Success + - Error + type: string + type: + description: Type of integration attempted. + enum: + - KubeClusterSigningCertificate + - ImpersonationProxy + type: string + required: + - lastUpdateTime + - message + - reason + - status + - type + type: object + type: array + required: + - strategies + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.22/crds/config.supervisor.pinniped.dev_federationdomains.yaml b/generated/1.22/crds/config.supervisor.pinniped.dev_federationdomains.yaml new file mode 100644 index 00000000..5fad1946 --- /dev/null +++ b/generated/1.22/crds/config.supervisor.pinniped.dev_federationdomains.yaml @@ -0,0 +1,170 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: federationdomains.config.supervisor.pinniped.dev +spec: + group: config.supervisor.pinniped.dev + names: + categories: + - pinniped + kind: FederationDomain + listKind: FederationDomainList + plural: federationdomains + singular: federationdomain + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.issuer + name: Issuer + type: string + - jsonPath: .status.status + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: FederationDomain describes the configuration of an OIDC provider. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec of the OIDC provider. + properties: + issuer: + description: "Issuer is the OIDC Provider's issuer, per the OIDC Discovery + Metadata document, as well as the identifier that it will use for + the iss claim in issued JWTs. This field will also be used as the + base URL for any endpoints used by the OIDC Provider (e.g., if your + issuer is https://example.com/foo, then your authorization endpoint + will look like https://example.com/foo/some/path/to/auth/endpoint). + \n See https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 + for more information." + minLength: 1 + type: string + tls: + description: TLS configures how this FederationDomain is served over + Transport Layer Security (TLS). + properties: + secretName: + description: "SecretName is an optional name of a Secret in the + same namespace, of type `kubernetes.io/tls`, which contains + the TLS serving certificate for the HTTPS endpoints served by + this FederationDomain. When provided, the TLS Secret named here + must contain keys named `tls.crt` and `tls.key` that contain + the certificate and private key to use for TLS. \n Server Name + Indication (SNI) is an extension to the Transport Layer Security + (TLS) supported by all major browsers. \n SecretName is required + if you would like to use different TLS certificates for issuers + of different hostnames. SNI requests do not include port numbers, + so all issuers with the same DNS hostname must use the same + SecretName value even if they have different port numbers. \n + SecretName is not required when you would like to use only the + HTTP endpoints (e.g. when terminating TLS at an Ingress). It + is also not required when you would like all requests to this + OIDC Provider's HTTPS endpoints to use the default TLS certificate, + which is configured elsewhere. \n When your Issuer URL's host + is an IP address, then this field is ignored. SNI does not work + for IP addresses." + type: string + type: object + required: + - issuer + type: object + status: + description: Status of the OIDC provider. + properties: + lastUpdateTime: + description: LastUpdateTime holds the time at which the Status was + last updated. It is a pointer to get around some undesirable behavior + with respect to the empty metav1.Time value (see https://github.com/kubernetes/kubernetes/issues/86811). + format: date-time + type: string + message: + description: Message provides human-readable details about the Status. + type: string + secrets: + description: Secrets contains information about this OIDC Provider's + secrets. + properties: + jwks: + description: JWKS holds the name of the corev1.Secret in which + this OIDC Provider's signing/verification keys are stored. If + it is empty, then the signing/verification keys are either unknown + or they don't exist. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + stateEncryptionKey: + description: StateSigningKey holds the name of the corev1.Secret + in which this OIDC Provider's key for encrypting state parameters + is stored. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + stateSigningKey: + description: StateSigningKey holds the name of the corev1.Secret + in which this OIDC Provider's key for signing state parameters + is stored. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + tokenSigningKey: + description: TokenSigningKey holds the name of the corev1.Secret + in which this OIDC Provider's key for signing tokens is stored. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + type: object + status: + description: Status holds an enum that describes the state of this + OIDC Provider. Note that this Status can represent success or failure. + enum: + - Success + - Duplicate + - Invalid + - SameIssuerHostMustUseSameSecret + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.22/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.22/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml new file mode 100644 index 00000000..0ac278fe --- /dev/null +++ b/generated/1.22/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -0,0 +1,305 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: activedirectoryidentityproviders.idp.supervisor.pinniped.dev +spec: + group: idp.supervisor.pinniped.dev + names: + categories: + - pinniped + - pinniped-idp + - pinniped-idps + kind: ActiveDirectoryIdentityProvider + listKind: ActiveDirectoryIdentityProviderList + plural: activedirectoryidentityproviders + singular: activedirectoryidentityprovider + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.host + name: Host + type: string + - jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: ActiveDirectoryIdentityProvider describes the configuration of + an upstream Microsoft Active Directory identity provider. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec for configuring the identity provider. + properties: + bind: + description: Bind contains the configuration for how to provide access + credentials during an initial bind to the ActiveDirectory server + to be allowed to perform searches and binds to validate a user's + credentials during a user's authentication attempt. + properties: + secretName: + description: SecretName contains the name of a namespace-local + Secret object that provides the username and password for an + Active Directory bind user. This account will be used to perform + LDAP searches. The Secret should be of type "kubernetes.io/basic-auth" + which includes "username" and "password" keys. The username + value should be the full dn (distinguished name) of your bind + account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". + The password must be non-empty. + minLength: 1 + type: string + required: + - secretName + type: object + groupSearch: + description: GroupSearch contains the configuration for searching + for a user's group membership in ActiveDirectory. + properties: + attributes: + description: Attributes specifies how the group's information + should be read from each ActiveDirectory entry which was found + as the result of the group search. + properties: + groupName: + description: GroupName specifies the name of the attribute + in the Active Directory entries whose value shall become + a group name in the user's list of groups after a successful + authentication. The value of this field is case-sensitive + and must match the case of the attribute name returned by + the ActiveDirectory server in the user's entry. E.g. "cn" + for common name. Distinguished names can be used by specifying + lower-case "dn". Optional. When not specified, this defaults + to a custom field that looks like "sAMAccountName@domain", + where domain is constructed from the domain components of + the group DN. + type: string + type: object + base: + description: Base is the dn (distinguished name) that should be + used as the search base when searching for groups. E.g. "ou=groups,dc=example,dc=com". + Optional, when not specified it will be based on the result + of a query for the defaultNamingContext (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). + The default behavior searches your entire domain for groups. + It may make sense to specify a subtree as a search base if you + wish to exclude some groups for security reasons or to make + searches faster. + type: string + filter: + description: Filter is the ActiveDirectory search filter which + should be applied when searching for groups for a user. The + pattern "{}" must occur in the filter at least once and will + be dynamically replaced by the dn (distinguished name) of the + user entry found as a result of the user search. E.g. "member={}" + or "&(objectClass=groupOfNames)(member={})". For more information + about ActiveDirectory filters, see https://ldap.com/ldap-filters. + Note that the dn (distinguished name) is not an attribute of + an entry, so "dn={}" cannot be used. Optional. When not specified, + the default will act as if the filter were specified as "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={})". + This searches nested groups by default. Note that nested group + search can be slow for some Active Directory servers. To disable + it, you can set the filter to "(&(objectClass=group)(member={})" + type: string + skipGroupRefresh: + description: "The user's group membership is refreshed as they + interact with the supervisor to obtain new credentials (as their + old credentials expire). This allows group membership changes + to be quickly reflected into Kubernetes clusters. Since group + membership is often used to bind authorization policies, it + is important to keep the groups observed in Kubernetes clusters + in-sync with the identity provider. \n In some environments, + frequent group membership queries may result in a significant + performance impact on the identity provider and/or the supervisor. + The best approach to handle performance impacts is to tweak + the group query to be more performant, for example by disabling + nested group search or by using a more targeted group search + base. \n If the group search query cannot be made performant + and you are willing to have group memberships remain static + for approximately a day, then set skipGroupRefresh to true. + \ This is an insecure configuration as authorization policies + that are bound to group membership will not notice if a user + has been removed from a particular group until their next login. + \n This is an experimental feature that may be removed or significantly + altered in the future. Consumers of this configuration should + carefully read all release notes before upgrading to ensure + that the meaning of this field has not changed." + type: boolean + type: object + host: + description: 'Host is the hostname of this Active Directory identity + provider, i.e., where to connect. For example: ldap.example.com:636.' + minLength: 1 + type: string + tls: + description: TLS contains the connection settings for how to establish + the connection to the Host. + properties: + certificateAuthorityData: + description: X.509 Certificate Authority (base64-encoded PEM bundle). + If omitted, a default set of system roots will be trusted. + type: string + type: object + userSearch: + description: UserSearch contains the configuration for searching for + a user by name in Active Directory. + properties: + attributes: + description: Attributes specifies how the user's information should + be read from the ActiveDirectory entry which was found as the + result of the user search. + properties: + uid: + description: UID specifies the name of the attribute in the + ActiveDirectory entry which whose value shall be used to + uniquely identify the user within this ActiveDirectory provider + after a successful authentication. Optional, when empty + this defaults to "objectGUID". + type: string + username: + description: Username specifies the name of the attribute + in Active Directory entry whose value shall become the username + of the user after a successful authentication. Optional, + when empty this defaults to "userPrincipalName". + type: string + type: object + base: + description: Base is the dn (distinguished name) that should be + used as the search base when searching for users. E.g. "ou=users,dc=example,dc=com". + Optional, when not specified it will be based on the result + of a query for the defaultNamingContext (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). + The default behavior searches your entire domain for users. + It may make sense to specify a subtree as a search base if you + wish to exclude some users or to make searches faster. + type: string + filter: + description: Filter is the search filter which should be applied + when searching for users. The pattern "{}" must occur in the + filter at least once and will be dynamically replaced by the + username for which the search is being run. E.g. "mail={}" or + "&(objectClass=person)(uid={})". For more information about + LDAP filters, see https://ldap.com/ldap-filters. Note that the + dn (distinguished name) is not an attribute of an entry, so + "dn={}" cannot be used. Optional. When not specified, the default + will be '(&(objectClass=person)(!(objectClass=computer))(!(showInAdvancedViewOnly=TRUE))(|(sAMAccountName={}")(mail={})(userPrincipalName={})(sAMAccountType=805306368))' + This means that the user is a person, is not a computer, the + sAMAccountType is for a normal user account, and is not shown + in advanced view only (which would likely mean its a system + created service account with advanced permissions). Also, either + the sAMAccountName, the userPrincipalName, or the mail attribute + matches the input username. + type: string + type: object + required: + - host + type: object + status: + description: Status of the identity provider. + properties: + conditions: + description: Represents the observations of an identity provider's + current state. + items: + description: Condition status of a resource (mirrored from the metav1.Condition + type added in Kubernetes 1.19). In a future API version we can + switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + phase: + default: Pending + description: Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + enum: + - Pending + - Ready + - Error + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.22/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.22/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml new file mode 100644 index 00000000..33f1c954 --- /dev/null +++ b/generated/1.22/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -0,0 +1,302 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: ldapidentityproviders.idp.supervisor.pinniped.dev +spec: + group: idp.supervisor.pinniped.dev + names: + categories: + - pinniped + - pinniped-idp + - pinniped-idps + kind: LDAPIdentityProvider + listKind: LDAPIdentityProviderList + plural: ldapidentityproviders + singular: ldapidentityprovider + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.host + name: Host + type: string + - jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: LDAPIdentityProvider describes the configuration of an upstream + Lightweight Directory Access Protocol (LDAP) identity provider. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec for configuring the identity provider. + properties: + bind: + description: Bind contains the configuration for how to provide access + credentials during an initial bind to the LDAP server to be allowed + to perform searches and binds to validate a user's credentials during + a user's authentication attempt. + properties: + secretName: + description: SecretName contains the name of a namespace-local + Secret object that provides the username and password for an + LDAP bind user. This account will be used to perform LDAP searches. + The Secret should be of type "kubernetes.io/basic-auth" which + includes "username" and "password" keys. The username value + should be the full dn (distinguished name) of your bind account, + e.g. "cn=bind-account,ou=users,dc=example,dc=com". The password + must be non-empty. + minLength: 1 + type: string + required: + - secretName + type: object + groupSearch: + description: GroupSearch contains the configuration for searching + for a user's group membership in the LDAP provider. + properties: + attributes: + description: Attributes specifies how the group's information + should be read from each LDAP entry which was found as the result + of the group search. + properties: + groupName: + description: GroupName specifies the name of the attribute + in the LDAP entries whose value shall become a group name + in the user's list of groups after a successful authentication. + The value of this field is case-sensitive and must match + the case of the attribute name returned by the LDAP server + in the user's entry. E.g. "cn" for common name. Distinguished + names can be used by specifying lower-case "dn". Optional. + When not specified, the default will act as if the GroupName + were specified as "dn" (distinguished name). + type: string + type: object + base: + description: Base is the dn (distinguished name) that should be + used as the search base when searching for groups. E.g. "ou=groups,dc=example,dc=com". + When not specified, no group search will be performed and authenticated + users will not belong to any groups from the LDAP provider. + Also, when not specified, the values of Filter and Attributes + are ignored. + type: string + filter: + description: Filter is the LDAP search filter which should be + applied when searching for groups for a user. The pattern "{}" + must occur in the filter at least once and will be dynamically + replaced by the dn (distinguished name) of the user entry found + as a result of the user search. E.g. "member={}" or "&(objectClass=groupOfNames)(member={})". + For more information about LDAP filters, see https://ldap.com/ldap-filters. + Note that the dn (distinguished name) is not an attribute of + an entry, so "dn={}" cannot be used. Optional. When not specified, + the default will act as if the Filter were specified as "member={}". + type: string + skipGroupRefresh: + description: "The user's group membership is refreshed as they + interact with the supervisor to obtain new credentials (as their + old credentials expire). This allows group membership changes + to be quickly reflected into Kubernetes clusters. Since group + membership is often used to bind authorization policies, it + is important to keep the groups observed in Kubernetes clusters + in-sync with the identity provider. \n In some environments, + frequent group membership queries may result in a significant + performance impact on the identity provider and/or the supervisor. + The best approach to handle performance impacts is to tweak + the group query to be more performant, for example by disabling + nested group search or by using a more targeted group search + base. \n If the group search query cannot be made performant + and you are willing to have group memberships remain static + for approximately a day, then set skipGroupRefresh to true. + \ This is an insecure configuration as authorization policies + that are bound to group membership will not notice if a user + has been removed from a particular group until their next login. + \n This is an experimental feature that may be removed or significantly + altered in the future. Consumers of this configuration should + carefully read all release notes before upgrading to ensure + that the meaning of this field has not changed." + type: boolean + type: object + host: + description: 'Host is the hostname of this LDAP identity provider, + i.e., where to connect. For example: ldap.example.com:636.' + minLength: 1 + type: string + tls: + description: TLS contains the connection settings for how to establish + the connection to the Host. + properties: + certificateAuthorityData: + description: X.509 Certificate Authority (base64-encoded PEM bundle). + If omitted, a default set of system roots will be trusted. + type: string + type: object + userSearch: + description: UserSearch contains the configuration for searching for + a user by name in the LDAP provider. + properties: + attributes: + description: Attributes specifies how the user's information should + be read from the LDAP entry which was found as the result of + the user search. + properties: + uid: + description: UID specifies the name of the attribute in the + LDAP entry which whose value shall be used to uniquely identify + the user within this LDAP provider after a successful authentication. + E.g. "uidNumber" or "objectGUID". The value of this field + is case-sensitive and must match the case of the attribute + name returned by the LDAP server in the user's entry. Distinguished + names can be used by specifying lower-case "dn". + minLength: 1 + type: string + username: + description: Username specifies the name of the attribute + in the LDAP entry whose value shall become the username + of the user after a successful authentication. This would + typically be the same attribute name used in the user search + filter, although it can be different. E.g. "mail" or "uid" + or "userPrincipalName". The value of this field is case-sensitive + and must match the case of the attribute name returned by + the LDAP server in the user's entry. Distinguished names + can be used by specifying lower-case "dn". When this field + is set to "dn" then the LDAPIdentityProviderUserSearch's + Filter field cannot be blank, since the default value of + "dn={}" would not work. + minLength: 1 + type: string + type: object + base: + description: Base is the dn (distinguished name) that should be + used as the search base when searching for users. E.g. "ou=users,dc=example,dc=com". + minLength: 1 + type: string + filter: + description: Filter is the LDAP search filter which should be + applied when searching for users. The pattern "{}" must occur + in the filter at least once and will be dynamically replaced + by the username for which the search is being run. E.g. "mail={}" + or "&(objectClass=person)(uid={})". For more information about + LDAP filters, see https://ldap.com/ldap-filters. Note that the + dn (distinguished name) is not an attribute of an entry, so + "dn={}" cannot be used. Optional. When not specified, the default + will act as if the Filter were specified as the value from Attributes.Username + appended by "={}". When the Attributes.Username is set to "dn" + then the Filter must be explicitly specified, since the default + value of "dn={}" would not work. + type: string + type: object + required: + - host + type: object + status: + description: Status of the identity provider. + properties: + conditions: + description: Represents the observations of an identity provider's + current state. + items: + description: Condition status of a resource (mirrored from the metav1.Condition + type added in Kubernetes 1.19). In a future API version we can + switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + phase: + default: Pending + description: Phase summarizes the overall status of the LDAPIdentityProvider. + enum: + - Pending + - Ready + - Error + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.22/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.22/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml new file mode 100644 index 00000000..8ebd5eb5 --- /dev/null +++ b/generated/1.22/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -0,0 +1,329 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: oidcidentityproviders.idp.supervisor.pinniped.dev +spec: + group: idp.supervisor.pinniped.dev + names: + categories: + - pinniped + - pinniped-idp + - pinniped-idps + kind: OIDCIdentityProvider + listKind: OIDCIdentityProviderList + plural: oidcidentityproviders + singular: oidcidentityprovider + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.issuer + name: Issuer + type: string + - jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: OIDCIdentityProvider describes the configuration of an upstream + OpenID Connect identity provider. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec for configuring the identity provider. + properties: + authorizationConfig: + description: AuthorizationConfig holds information about how to form + the OAuth2 authorization request parameters to be used with this + OIDC identity provider. + properties: + additionalAuthorizeParameters: + description: additionalAuthorizeParameters are extra query parameters + that should be included in the authorize request to your OIDC + provider in the authorization request during an OIDC Authorization + Code Flow. By default, no extra parameters are sent. The standard + parameters that will be sent are "response_type", "scope", "client_id", + "state", "nonce", "code_challenge", "code_challenge_method", + and "redirect_uri". These parameters cannot be included in this + setting. Additionally, the "hd" parameter cannot be included + in this setting at this time. The "hd" parameter is used by + Google's OIDC provider to provide a hint as to which "hosted + domain" the user should use during login. However, Pinniped + does not yet support validating the hosted domain in the resulting + ID token, so it is not yet safe to use this feature of Google's + OIDC provider with Pinniped. This setting does not influence + the parameters sent to the token endpoint in the Resource Owner + Password Credentials Grant. The Pinniped Supervisor requires + that your OIDC provider returns refresh tokens to the Supervisor + from the authorization flows. Some OIDC providers may require + a certain value for the "prompt" parameter in order to properly + request refresh tokens. See the documentation of your OIDC provider's + authorization endpoint for its requirements for what to include + in the request in order to receive a refresh token in the response, + if anything. If your provider requires the prompt parameter + to request a refresh token, then include it here. Also note + that most providers also require a certain scope to be requested + in order to receive refresh tokens. See the additionalScopes + setting for more information about using scopes to request refresh + tokens. + items: + description: Parameter is a key/value pair which represents + a parameter in an HTTP request. + properties: + name: + description: The name of the parameter. Required. + minLength: 1 + type: string + value: + description: The value of the parameter. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + additionalScopes: + description: 'additionalScopes are the additional scopes that + will be requested from your OIDC provider in the authorization + request during an OIDC Authorization Code Flow and in the token + request during a Resource Owner Password Credentials Grant. + Note that the "openid" scope will always be requested regardless + of the value in this setting, since it is always required according + to the OIDC spec. By default, when this field is not set, the + Supervisor will request the following scopes: "openid", "offline_access", + "email", and "profile". See https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims + for a description of the "profile" and "email" scopes. See https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess + for a description of the "offline_access" scope. This default + value may change in future versions of Pinniped as the standard + evolves, or as common patterns used by providers who implement + the standard in the ecosystem evolve. By setting this list to + anything other than an empty list, you are overriding the default + value, so you may wish to include some of "offline_access", + "email", and "profile" in your override list. If you do not + want any of these scopes to be requested, you may set this list + to contain only "openid". Some OIDC providers may also require + a scope to get access to the user''s group membership, in which + case you may wish to include it in this list. Sometimes the + scope to request the user''s group membership is called "groups", + but unfortunately this is not specified in the OIDC standard. + Generally speaking, you should include any scopes required to + cause the appropriate claims to be the returned by your OIDC + provider in the ID token or userinfo endpoint results for those + claims which you would like to use in the oidcClaims settings + to determine the usernames and group memberships of your Kubernetes + users. See your OIDC provider''s documentation for more information + about what scopes are available to request claims. Additionally, + the Pinniped Supervisor requires that your OIDC provider returns + refresh tokens to the Supervisor from these authorization flows. + For most OIDC providers, the scope required to receive refresh + tokens will be "offline_access". See the documentation of your + OIDC provider''s authorization and token endpoints for its requirements + for what to include in the request in order to receive a refresh + token in the response, if anything. Note that it may be safe + to send "offline_access" even to providers which do not require + it, since the provider may ignore scopes that it does not understand + or require (see https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). + In the unusual case that you must avoid sending the "offline_access" + scope, then you must override the default value of this setting. + This is required if your OIDC provider will reject the request + when it includes "offline_access" (e.g. GitLab''s OIDC provider).' + items: + type: string + type: array + allowPasswordGrant: + description: allowPasswordGrant, when true, will allow the use + of OAuth 2.0's Resource Owner Password Credentials Grant (see + https://datatracker.ietf.org/doc/html/rfc6749#section-4.3) to + authenticate to the OIDC provider using a username and password + without a web browser, in addition to the usual browser-based + OIDC Authorization Code Flow. The Resource Owner Password Credentials + Grant is not officially part of the OIDC specification, so it + may not be supported by your OIDC provider. If your OIDC provider + supports returning ID tokens from a Resource Owner Password + Credentials Grant token request, then you can choose to set + this field to true. This will allow end users to choose to present + their username and password to the kubectl CLI (using the Pinniped + plugin) to authenticate to the cluster, without using a web + browser to log in as is customary in OIDC Authorization Code + Flow. This may be convenient for users, especially for identities + from your OIDC provider which are not intended to represent + a human actor, such as service accounts performing actions in + a CI/CD environment. Even if your OIDC provider supports it, + you may wish to disable this behavior by setting this field + to false when you prefer to only allow users of this OIDCIdentityProvider + to log in via the browser-based OIDC Authorization Code Flow. + Using the Resource Owner Password Credentials Grant means that + the Pinniped CLI and Pinniped Supervisor will directly handle + your end users' passwords (similar to LDAPIdentityProvider), + and you will not be able to require multi-factor authentication + or use the other web-based login features of your OIDC provider + during Resource Owner Password Credentials Grant logins. allowPasswordGrant + defaults to false. + type: boolean + type: object + claims: + description: Claims provides the names of token claims that will be + used when inspecting an identity from this OIDC identity provider. + properties: + groups: + description: Groups provides the name of the ID token claim or + userinfo endpoint response claim that will be used to ascertain + the groups to which an identity belongs. By default, the identities + will not include any group memberships when this setting is + not configured. + type: string + username: + description: Username provides the name of the ID token claim + or userinfo endpoint response claim that will be used to ascertain + an identity's username. When not set, the username will be an + automatically constructed unique string which will include the + issuer URL of your OIDC provider along with the value of the + "sub" (subject) claim from the ID token. + type: string + type: object + client: + description: OIDCClient contains OIDC client information to be used + used with this OIDC identity provider. + properties: + secretName: + description: SecretName contains the name of a namespace-local + Secret object that provides the clientID and clientSecret for + an OIDC client. If only the SecretName is specified in an OIDCClient + struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oidc-client" + with keys "clientID" and "clientSecret". + type: string + required: + - secretName + type: object + issuer: + description: Issuer is the issuer URL of this OIDC identity provider, + i.e., where to fetch /.well-known/openid-configuration. + minLength: 1 + pattern: ^https:// + type: string + tls: + description: TLS configuration for discovery/JWKS requests to the + issuer. + properties: + certificateAuthorityData: + description: X.509 Certificate Authority (base64-encoded PEM bundle). + If omitted, a default set of system roots will be trusted. + type: string + type: object + required: + - client + - issuer + type: object + status: + description: Status of the identity provider. + properties: + conditions: + description: Represents the observations of an identity provider's + current state. + items: + description: Condition status of a resource (mirrored from the metav1.Condition + type added in Kubernetes 1.19). In a future API version we can + switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + phase: + default: Pending + description: Phase summarizes the overall status of the OIDCIdentityProvider. + enum: + - Pending + - Ready + - Error + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.23/README.adoc b/generated/1.23/README.adoc new file mode 100644 index 00000000..edfd9037 --- /dev/null +++ b/generated/1.23/README.adoc @@ -0,0 +1,1334 @@ +// Generated documentation. Please do not edit. +:anchor_prefix: k8s-api + +[id="{p}-api-reference"] +== API Reference + +.Packages +- xref:{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1[$$authentication.concierge.pinniped.dev/v1alpha1$$] +- xref:{anchor_prefix}-config-concierge-pinniped-dev-v1alpha1[$$config.concierge.pinniped.dev/v1alpha1$$] +- xref:{anchor_prefix}-config-supervisor-pinniped-dev-v1alpha1[$$config.supervisor.pinniped.dev/v1alpha1$$] +- xref:{anchor_prefix}-identity-concierge-pinniped-dev-identity[$$identity.concierge.pinniped.dev/identity$$] +- xref:{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1[$$identity.concierge.pinniped.dev/v1alpha1$$] +- xref:{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1[$$idp.supervisor.pinniped.dev/v1alpha1$$] +- xref:{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1[$$login.concierge.pinniped.dev/v1alpha1$$] + + +[id="{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1"] +=== authentication.concierge.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-condition"] +==== Condition + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) +| *`status`* __ConditionStatus__ | status of the condition, one of True, False, Unknown. +| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. +| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. +| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. +| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-conditionstatus"] +==== ConditionStatus (string) + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-jwtauthenticator"] +==== JWTAuthenticator + +JWTAuthenticator describes the configuration of a JWT authenticator. + Upon receiving a signed JWT, a JWTAuthenticator will performs some validation on it (e.g., valid signature, existence of claims, etc.) and extract the username and groups from the token. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-jwtauthenticatorlist[$$JWTAuthenticatorList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$]__ | Spec for configuring the authenticator. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus[$$JWTAuthenticatorStatus$$]__ | Status of the authenticator. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec"] +==== JWTAuthenticatorSpec + +Spec for configuring a JWT authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`issuer`* __string__ | Issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is also used to validate the "iss" JWT claim. +| *`audience`* __string__ | Audience is the required value of the "aud" JWT claim. +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-jwttokenclaims[$$JWTTokenClaims$$]__ | Claims allows customization of the claims that will be mapped to user identity for Kubernetes access. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for communicating with the OIDC provider. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-jwtauthenticatorstatus"] +==== JWTAuthenticatorStatus + +Status of a JWT authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-jwtauthenticator[$$JWTAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-jwttokenclaims"] +==== JWTTokenClaims + +JWTTokenClaims allows customization of the claims that will be mapped to user identity for Kubernetes access. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`groups`* __string__ | Groups is the name of the claim which should be read to extract the user's group membership from the JWT token. When not specified, it will default to "groups". +| *`username`* __string__ | Username is the name of the claim which should be read to extract the username from the JWT token. When not specified, it will default to "username". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-tlsspec"] +==== TLSSpec + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-jwtauthenticatorspec[$$JWTAuthenticatorSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-webhookauthenticator"] +==== WebhookAuthenticator + +WebhookAuthenticator describes the configuration of a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] +==== WebhookAuthenticatorSpec + +Spec for configuring a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`endpoint`* __string__ | Webhook server endpoint URL. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] +==== WebhookAuthenticatorStatus + +Status of a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-authentication-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of the authenticator's current state. +|=== + + + +[id="{anchor_prefix}-config-concierge-pinniped-dev-v1alpha1"] +=== config.concierge.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuer"] +==== CredentialIssuer + +CredentialIssuer describes the configuration and status of the Pinniped Concierge credential issuer. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$]__ | Spec describes the intended configuration of the Concierge. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | CredentialIssuerStatus describes the status of the Concierge. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerfrontend"] +==== CredentialIssuerFrontend + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __FrontendType__ | Type describes which frontend mechanism clients can use with a strategy. +| *`tokenCredentialRequestInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo[$$TokenCredentialRequestAPIInfo$$]__ | TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. This field is only set when Type is "TokenCredentialRequestAPI". +| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-impersonationproxyinfo[$$ImpersonationProxyInfo$$]__ | ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. This field is only set when Type is "ImpersonationProxy". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"] +==== CredentialIssuerKubeConfigInfo + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`server`* __string__ | The K8s API server URL. +| *`certificateAuthorityData`* __string__ | The K8s API server CA bundle. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerspec"] +==== CredentialIssuerSpec + +CredentialIssuerSpec describes the intended configuration of the Concierge. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`impersonationProxy`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$]__ | ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerstatus"] +==== CredentialIssuerStatus + +CredentialIssuerStatus describes the status of the Concierge. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. +| *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. This field is deprecated and will be removed in a future version. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerstrategy"] +==== CredentialIssuerStrategy + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __StrategyType__ | Type of integration attempted. +| *`status`* __StrategyStatus__ | Status of the attempted integration strategy. +| *`reason`* __StrategyReason__ | Reason for the current status. +| *`message`* __string__ | Human-readable description of the current status. +| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#time-v1-meta[$$Time$$]__ | When the status was last checked. +| *`frontend`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$]__ | Frontend describes how clients can connect using this strategy. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-impersonationproxyinfo"] +==== ImpersonationProxyInfo + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`endpoint`* __string__ | Endpoint is the HTTPS endpoint of the impersonation proxy. +| *`certificateAuthorityData`* __string__ | CertificateAuthorityData is the base64-encoded PEM CA bundle of the impersonation proxy. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-impersonationproxymode"] +==== ImpersonationProxyMode (string) + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-impersonationproxyservicespec"] +==== ImpersonationProxyServiceSpec + +ImpersonationProxyServiceSpec describes how the Concierge should provision a Service to expose the impersonation proxy. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-impersonationproxyspec[$$ImpersonationProxySpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __ImpersonationProxyServiceType__ | Type specifies the type of Service to provision for the impersonation proxy. + If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. +| *`loadBalancerIP`* __string__ | LoadBalancerIP specifies the IP address to set in the spec.loadBalancerIP field of the provisioned Service. This is not supported on all cloud providers. +| *`annotations`* __object (keys:string, values:string)__ | Annotations specifies zero or more key/value pairs to set as annotations on the provisioned Service. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-impersonationproxyservicetype"] +==== ImpersonationProxyServiceType (string) + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-impersonationproxyspec"] +==== ImpersonationProxySpec + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerspec[$$CredentialIssuerSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`mode`* __ImpersonationProxyMode__ | Mode configures whether the impersonation proxy should be started: - "disabled" explicitly disables the impersonation proxy. This is the default. - "enabled" explicitly enables the impersonation proxy. - "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. +| *`service`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-impersonationproxyservicespec[$$ImpersonationProxyServiceSpec$$]__ | Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. +| *`externalEndpoint`* __string__ | ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will be served using the external name of the LoadBalancer service or the cluster service DNS name. + This field must be non-empty when spec.impersonationProxy.service.type is "None". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-tokencredentialrequestapiinfo"] +==== TokenCredentialRequestAPIInfo + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-config-v1alpha1-credentialissuerfrontend[$$CredentialIssuerFrontend$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`server`* __string__ | Server is the Kubernetes API server URL. +| *`certificateAuthorityData`* __string__ | CertificateAuthorityData is the base64-encoded Kubernetes API server CA bundle. +|=== + + + +[id="{anchor_prefix}-config-supervisor-pinniped-dev-v1alpha1"] +=== config.supervisor.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuration API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-federationdomain"] +==== FederationDomain + +FederationDomain describes the configuration of an OIDC provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-federationdomainlist[$$FederationDomainList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$]__ | Spec of the OIDC provider. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$]__ | Status of the OIDC provider. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-federationdomainsecrets"] +==== FederationDomainSecrets + +FederationDomainSecrets holds information about this OIDC Provider's secrets. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-federationdomainstatus[$$FederationDomainStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`jwks`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are stored. If it is empty, then the signing/verification keys are either unknown or they don't exist. +| *`tokenSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for signing tokens is stored. +| *`stateSigningKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for signing state parameters is stored. +| *`stateEncryptionKey`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for encrypting state parameters is stored. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-federationdomainspec"] +==== FederationDomainSpec + +FederationDomainSpec is a struct that describes an OIDC Provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`issuer`* __string__ | Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the identifier that it will use for the iss claim in issued JWTs. This field will also be used as the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is https://example.com/foo, then your authorization endpoint will look like https://example.com/foo/some/path/to/auth/endpoint). + See https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-federationdomaintlsspec[$$FederationDomainTLSSpec$$]__ | TLS configures how this FederationDomain is served over Transport Layer Security (TLS). +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-federationdomainstatus"] +==== FederationDomainStatus + +FederationDomainStatus is a struct that describes the actual state of an OIDC Provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-federationdomain[$$FederationDomain$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`status`* __FederationDomainStatusCondition__ | Status holds an enum that describes the state of this OIDC Provider. Note that this Status can represent success or failure. +| *`message`* __string__ | Message provides human-readable details about the Status. +| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#time-v1-meta[$$Time$$]__ | LastUpdateTime holds the time at which the Status was last updated. It is a pointer to get around some undesirable behavior with respect to the empty metav1.Time value (see https://github.com/kubernetes/kubernetes/issues/86811). +| *`secrets`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-federationdomainsecrets[$$FederationDomainSecrets$$]__ | Secrets contains information about this OIDC Provider's secrets. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-federationdomaintlsspec"] +==== FederationDomainTLSSpec + +FederationDomainTLSSpec is a struct that describes the TLS configuration for an OIDC Provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-federationdomainspec[$$FederationDomainSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`secretName`* __string__ | SecretName is an optional name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains the TLS serving certificate for the HTTPS endpoints served by this FederationDomain. When provided, the TLS Secret named here must contain keys named `tls.crt` and `tls.key` that contain the certificate and private key to use for TLS. + Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) supported by all major browsers. + SecretName is required if you would like to use different TLS certificates for issuers of different hostnames. SNI requests do not include port numbers, so all issuers with the same DNS hostname must use the same SecretName value even if they have different port numbers. + SecretName is not required when you would like to use only the HTTP endpoints (e.g. when terminating TLS at an Ingress). It is also not required when you would like all requests to this OIDC Provider's HTTPS endpoints to use the default TLS certificate, which is configured elsewhere. + When your Issuer URL's host is an IP address, then this field is ignored. SNI does not work for IP addresses. +|=== + + + +[id="{anchor_prefix}-identity-concierge-pinniped-dev-identity"] +=== identity.concierge.pinniped.dev/identity + +Package identity is the internal version of the Pinniped identity API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-extravalue"] +==== ExtraValue + +ExtraValue masks the value so protobuf can generate + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-userinfo[$$UserInfo$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-kubernetesuserinfo"] +==== KubernetesUserInfo + +KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. Copied from the Kubernetes token review API. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`User`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. +| *`Audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-userinfo"] +==== UserInfo + +UserInfo holds the information about the user needed to implement the user.Info interface. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`Username`* __string__ | The name that uniquely identifies this user among all active users. +| *`UID`* __string__ | A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs. +| *`Groups`* __string array__ | The names of groups this user is a part of. +| *`Extra`* __object (keys:string, values:string array)__ | Any additional information provided by the authenticator. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-whoamirequest"] +==== WhoAmIRequest + +WhoAmIRequest submits a request to echo back the current authenticated user. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-whoamirequestlist[$$WhoAmIRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`ObjectMeta`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | +| *`Spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | +| *`Status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | +|=== + + + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-whoamirequeststatus"] +==== WhoAmIRequestStatus + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-whoamirequest[$$WhoAmIRequest$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`KubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. +|=== + + + +[id="{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1"] +=== identity.concierge.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-v1alpha1-extravalue"] +==== ExtraValue + +ExtraValue masks the value so protobuf can generate + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-v1alpha1-kubernetesuserinfo"] +==== KubernetesUserInfo + +KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. Copied from the Kubernetes token review API. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`user`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-v1alpha1-userinfo[$$UserInfo$$]__ | User is the UserInfo associated with the current user. +| *`audiences`* __string array__ | Audiences are audience identifiers chosen by the authenticator. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-v1alpha1-userinfo"] +==== UserInfo + +UserInfo holds the information about the user needed to implement the user.Info interface. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`username`* __string__ | The name that uniquely identifies this user among all active users. +| *`uid`* __string__ | A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs. +| *`groups`* __string array__ | The names of groups this user is a part of. +| *`extra`* __object (keys:string, values:string array)__ | Any additional information provided by the authenticator. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-v1alpha1-whoamirequest"] +==== WhoAmIRequest + +WhoAmIRequest submits a request to echo back the current authenticated user. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-v1alpha1-whoamirequestlist[$$WhoAmIRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-v1alpha1-whoamirequestspec[$$WhoAmIRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-v1alpha1-whoamirequeststatus[$$WhoAmIRequestStatus$$]__ | +|=== + + + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-v1alpha1-whoamirequeststatus"] +==== WhoAmIRequestStatus + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-v1alpha1-whoamirequest[$$WhoAmIRequest$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`kubernetesUserInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-identity-v1alpha1-kubernetesuserinfo[$$KubernetesUserInfo$$]__ | The current authenticated user, exactly as Kubernetes understands it. +|=== + + + +[id="{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1"] +=== idp.supervisor.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor identity provider (IDP) API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider"] +==== ActiveDirectoryIdentityProvider + +ActiveDirectoryIdentityProvider describes the configuration of an upstream Microsoft Active Directory identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderlist[$$ActiveDirectoryIdentityProviderList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$]__ | Spec for configuring the identity provider. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$]__ | Status of the identity provider. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind"] +==== ActiveDirectoryIdentityProviderBind + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the username and password for an Active Directory bind user. This account will be used to perform LDAP searches. The Secret should be of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". The password must be non-empty. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch"] +==== ActiveDirectoryIdentityProviderGroupSearch + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. "ou=groups,dc=example,dc=com". Optional, when not specified it will be based on the result of a query for the defaultNamingContext (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). The default behavior searches your entire domain for groups. It may make sense to specify a subtree as a search base if you wish to exclude some groups for security reasons or to make searches faster. +| *`filter`* __string__ | Filter is the ActiveDirectory search filter which should be applied when searching for groups for a user. The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the dn (distinguished name) of the user entry found as a result of the user search. E.g. "member={}" or "&(objectClass=groupOfNames)(member={})". For more information about ActiveDirectory filters, see https://ldap.com/ldap-filters. Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. Optional. When not specified, the default will act as if the filter were specified as "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={})". This searches nested groups by default. Note that nested group search can be slow for some Active Directory servers. To disable it, you can set the filter to "(&(objectClass=group)(member={})" +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes[$$ActiveDirectoryIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as the result of the group search. +| *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor to obtain new credentials (as their old credentials expire). This allows group membership changes to be quickly reflected into Kubernetes clusters. Since group membership is often used to bind authorization policies, it is important to keep the groups observed in Kubernetes clusters in-sync with the identity provider. + In some environments, frequent group membership queries may result in a significant performance impact on the identity provider and/or the supervisor. The best approach to handle performance impacts is to tweak the group query to be more performant, for example by disabling nested group search or by using a more targeted group search base. + If the group search query cannot be made performant and you are willing to have group memberships remain static for approximately a day, then set skipGroupRefresh to true. This is an insecure configuration as authorization policies that are bound to group membership will not notice if a user has been removed from a particular group until their next login. + This is an experimental feature that may be removed or significantly altered in the future. Consumers of this configuration should carefully read all release notes before upgrading to ensure that the meaning of this field has not changed. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearchattributes"] +==== ActiveDirectoryIdentityProviderGroupSearchAttributes + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`groupName`* __string__ | GroupName specifies the name of the attribute in the Active Directory entries whose value shall become a group name in the user's list of groups after a successful authentication. The value of this field is case-sensitive and must match the case of the attribute name returned by the ActiveDirectory server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". Optional. When not specified, this defaults to a custom field that looks like "sAMAccountName@domain", where domain is constructed from the domain components of the group DN. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec"] +==== ActiveDirectoryIdentityProviderSpec + +Spec for configuring an ActiveDirectory identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`host`* __string__ | Host is the hostname of this Active Directory identity provider, i.e., where to connect. For example: ldap.example.com:636. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. +| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderbind[$$ActiveDirectoryIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. +| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in Active Directory. +| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovidergroupsearch[$$ActiveDirectoryIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus"] +==== ActiveDirectoryIdentityProviderStatus + +Status of an Active Directory identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityprovider[$$ActiveDirectoryIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`phase`* __ActiveDirectoryIdentityProviderPhase__ | Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch"] +==== ActiveDirectoryIdentityProviderUserSearch + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for users. E.g. "ou=users,dc=example,dc=com". Optional, when not specified it will be based on the result of a query for the defaultNamingContext (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). The default behavior searches your entire domain for users. It may make sense to specify a subtree as a search base if you wish to exclude some users or to make searches faster. +| *`filter`* __string__ | Filter is the search filter which should be applied when searching for users. The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the username for which the search is being run. E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see https://ldap.com/ldap-filters. Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. Optional. When not specified, the default will be '(&(objectClass=person)(!(objectClass=computer))(!(showInAdvancedViewOnly=TRUE))(|(sAMAccountName={}")(mail={})(userPrincipalName={})(sAMAccountType=805306368))' This means that the user is a person, is not a computer, the sAMAccountType is for a normal user account, and is not shown in advanced view only (which would likely mean its a system created service account with advanced permissions). Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes[$$ActiveDirectoryIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as the result of the user search. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearchattributes"] +==== ActiveDirectoryIdentityProviderUserSearchAttributes + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderusersearch[$$ActiveDirectoryIdentityProviderUserSearch$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`username`* __string__ | Username specifies the name of the attribute in Active Directory entry whose value shall become the username of the user after a successful authentication. Optional, when empty this defaults to "userPrincipalName". +| *`uid`* __string__ | UID specifies the name of the attribute in the ActiveDirectory entry which whose value shall be used to uniquely identify the user within this ActiveDirectory provider after a successful authentication. Optional, when empty this defaults to "objectGUID". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-condition"] +==== Condition + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderstatus[$$ActiveDirectoryIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) +| *`status`* __ConditionStatus__ | status of the condition, one of True, False, Unknown. +| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. +| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. +| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. +| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-conditionstatus"] +==== ConditionStatus (string) + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] +**** + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityprovider"] +==== LDAPIdentityProvider + +LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access Protocol (LDAP) identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderlist[$$LDAPIdentityProviderList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$]__ | Spec for configuring the identity provider. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus[$$LDAPIdentityProviderStatus$$]__ | Status of the identity provider. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind"] +==== LDAPIdentityProviderBind + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the username and password for an LDAP bind user. This account will be used to perform LDAP searches. The Secret should be of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". The password must be non-empty. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch"] +==== LDAPIdentityProviderGroupSearch + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. "ou=groups,dc=example,dc=com". When not specified, no group search will be performed and authenticated users will not belong to any groups from the LDAP provider. Also, when not specified, the values of Filter and Attributes are ignored. +| *`filter`* __string__ | Filter is the LDAP search filter which should be applied when searching for groups for a user. The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the dn (distinguished name) of the user entry found as a result of the user search. E.g. "member={}" or "&(objectClass=groupOfNames)(member={})". For more information about LDAP filters, see https://ldap.com/ldap-filters. Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. Optional. When not specified, the default will act as if the Filter were specified as "member={}". +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes[$$LDAPIdentityProviderGroupSearchAttributes$$]__ | Attributes specifies how the group's information should be read from each LDAP entry which was found as the result of the group search. +| *`skipGroupRefresh`* __boolean__ | The user's group membership is refreshed as they interact with the supervisor to obtain new credentials (as their old credentials expire). This allows group membership changes to be quickly reflected into Kubernetes clusters. Since group membership is often used to bind authorization policies, it is important to keep the groups observed in Kubernetes clusters in-sync with the identity provider. + In some environments, frequent group membership queries may result in a significant performance impact on the identity provider and/or the supervisor. The best approach to handle performance impacts is to tweak the group query to be more performant, for example by disabling nested group search or by using a more targeted group search base. + If the group search query cannot be made performant and you are willing to have group memberships remain static for approximately a day, then set skipGroupRefresh to true. This is an insecure configuration as authorization policies that are bound to group membership will not notice if a user has been removed from a particular group until their next login. + This is an experimental feature that may be removed or significantly altered in the future. Consumers of this configuration should carefully read all release notes before upgrading to ensure that the meaning of this field has not changed. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearchattributes"] +==== LDAPIdentityProviderGroupSearchAttributes + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`groupName`* __string__ | GroupName specifies the name of the attribute in the LDAP entries whose value shall become a group name in the user's list of groups after a successful authentication. The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". Optional. When not specified, the default will act as if the GroupName were specified as "dn" (distinguished name). +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec"] +==== LDAPIdentityProviderSpec + +Spec for configuring an LDAP identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`host`* __string__ | Host is the hostname of this LDAP identity provider, i.e., where to connect. For example: ldap.example.com:636. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS contains the connection settings for how to establish the connection to the Host. +| *`bind`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderbind[$$LDAPIdentityProviderBind$$]__ | Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. +| *`userSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$]__ | UserSearch contains the configuration for searching for a user by name in the LDAP provider. +| *`groupSearch`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityprovidergroupsearch[$$LDAPIdentityProviderGroupSearch$$]__ | GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderstatus"] +==== LDAPIdentityProviderStatus + +Status of an LDAP identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityprovider[$$LDAPIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`phase`* __LDAPIdentityProviderPhase__ | Phase summarizes the overall status of the LDAPIdentityProvider. +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch"] +==== LDAPIdentityProviderUserSearch + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`base`* __string__ | Base is the dn (distinguished name) that should be used as the search base when searching for users. E.g. "ou=users,dc=example,dc=com". +| *`filter`* __string__ | Filter is the LDAP search filter which should be applied when searching for users. The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the username for which the search is being run. E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see https://ldap.com/ldap-filters. Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. Optional. When not specified, the default will act as if the Filter were specified as the value from Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be explicitly specified, since the default value of "dn={}" would not work. +| *`attributes`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes[$$LDAPIdentityProviderUserSearchAttributes$$]__ | Attributes specifies how the user's information should be read from the LDAP entry which was found as the result of the user search. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearchattributes"] +==== LDAPIdentityProviderUserSearchAttributes + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderusersearch[$$LDAPIdentityProviderUserSearch$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`username`* __string__ | Username specifies the name of the attribute in the LDAP entry whose value shall become the username of the user after a successful authentication. This would typically be the same attribute name used in the user search filter, although it can be different. E.g. "mail" or "uid" or "userPrincipalName". The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP server in the user's entry. Distinguished names can be used by specifying lower-case "dn". When this field is set to "dn" then the LDAPIdentityProviderUserSearch's Filter field cannot be blank, since the default value of "dn={}" would not work. +| *`uid`* __string__ | UID specifies the name of the attribute in the LDAP entry which whose value shall be used to uniquely identify the user within this LDAP provider after a successful authentication. E.g. "uidNumber" or "objectGUID". The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP server in the user's entry. Distinguished names can be used by specifying lower-case "dn". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig"] +==== OIDCAuthorizationConfig + +OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization request parameters. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`additionalScopes`* __string array__ | additionalScopes are the additional scopes that will be requested from your OIDC provider in the authorization request during an OIDC Authorization Code Flow and in the token request during a Resource Owner Password Credentials Grant. Note that the "openid" scope will always be requested regardless of the value in this setting, since it is always required according to the OIDC spec. By default, when this field is not set, the Supervisor will request the following scopes: "openid", "offline_access", "email", and "profile". See https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims for a description of the "profile" and "email" scopes. See https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess for a description of the "offline_access" scope. This default value may change in future versions of Pinniped as the standard evolves, or as common patterns used by providers who implement the standard in the ecosystem evolve. By setting this list to anything other than an empty list, you are overriding the default value, so you may wish to include some of "offline_access", "email", and "profile" in your override list. If you do not want any of these scopes to be requested, you may set this list to contain only "openid". Some OIDC providers may also require a scope to get access to the user's group membership, in which case you may wish to include it in this list. Sometimes the scope to request the user's group membership is called "groups", but unfortunately this is not specified in the OIDC standard. Generally speaking, you should include any scopes required to cause the appropriate claims to be the returned by your OIDC provider in the ID token or userinfo endpoint results for those claims which you would like to use in the oidcClaims settings to determine the usernames and group memberships of your Kubernetes users. See your OIDC provider's documentation for more information about what scopes are available to request claims. Additionally, the Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the Supervisor from these authorization flows. For most OIDC providers, the scope required to receive refresh tokens will be "offline_access". See the documentation of your OIDC provider's authorization and token endpoints for its requirements for what to include in the request in order to receive a refresh token in the response, if anything. Note that it may be safe to send "offline_access" even to providers which do not require it, since the provider may ignore scopes that it does not understand or require (see https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the "offline_access" scope, then you must override the default value of this setting. This is required if your OIDC provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). +| *`additionalAuthorizeParameters`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-parameter[$$Parameter$$] array__ | additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", "state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be included in this setting. Additionally, the "hd" parameter cannot be included in this setting at this time. The "hd" parameter is used by Google's OIDC provider to provide a hint as to which "hosted domain" the user should use during login. However, Pinniped does not yet support validating the hosted domain in the resulting ID token, so it is not yet safe to use this feature of Google's OIDC provider with Pinniped. This setting does not influence the parameters sent to the token endpoint in the Resource Owner Password Credentials Grant. The Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the Supervisor from the authorization flows. Some OIDC providers may require a certain value for the "prompt" parameter in order to properly request refresh tokens. See the documentation of your OIDC provider's authorization endpoint for its requirements for what to include in the request in order to receive a refresh token in the response, if anything. If your provider requires the prompt parameter to request a refresh token, then include it here. Also note that most providers also require a certain scope to be requested in order to receive refresh tokens. See the additionalScopes setting for more information about using scopes to request refresh tokens. +| *`allowPasswordGrant`* __boolean__ | allowPasswordGrant, when true, will allow the use of OAuth 2.0's Resource Owner Password Credentials Grant (see https://datatracker.ietf.org/doc/html/rfc6749#section-4.3) to authenticate to the OIDC provider using a username and password without a web browser, in addition to the usual browser-based OIDC Authorization Code Flow. The Resource Owner Password Credentials Grant is not officially part of the OIDC specification, so it may not be supported by your OIDC provider. If your OIDC provider supports returning ID tokens from a Resource Owner Password Credentials Grant token request, then you can choose to set this field to true. This will allow end users to choose to present their username and password to the kubectl CLI (using the Pinniped plugin) to authenticate to the cluster, without using a web browser to log in as is customary in OIDC Authorization Code Flow. This may be convenient for users, especially for identities from your OIDC provider which are not intended to represent a human actor, such as service accounts performing actions in a CI/CD environment. Even if your OIDC provider supports it, you may wish to disable this behavior by setting this field to false when you prefer to only allow users of this OIDCIdentityProvider to log in via the browser-based OIDC Authorization Code Flow. Using the Resource Owner Password Credentials Grant means that the Pinniped CLI and Pinniped Supervisor will directly handle your end users' passwords (similar to LDAPIdentityProvider), and you will not be able to require multi-factor authentication or use the other web-based login features of your OIDC provider during Resource Owner Password Credentials Grant logins. allowPasswordGrant defaults to false. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcclaims"] +==== OIDCClaims + +OIDCClaims provides a mapping from upstream claims into identities. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`groups`* __string__ | Groups provides the name of the ID token claim or userinfo endpoint response claim that will be used to ascertain the groups to which an identity belongs. By default, the identities will not include any group memberships when this setting is not configured. +| *`username`* __string__ | Username provides the name of the ID token claim or userinfo endpoint response claim that will be used to ascertain an identity's username. When not set, the username will be an automatically constructed unique string which will include the issuer URL of your OIDC provider along with the value of the "sub" (subject) claim from the ID token. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcclient"] +==== OIDCClient + +OIDCClient contains information about an OIDC client (e.g., client ID and client secret). + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`secretName`* __string__ | SecretName contains the name of a namespace-local Secret object that provides the clientID and clientSecret for an OIDC client. If only the SecretName is specified in an OIDCClient struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oidc-client" with keys "clientID" and "clientSecret". +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcidentityprovider"] +==== OIDCIdentityProvider + +OIDCIdentityProvider describes the configuration of an upstream OpenID Connect identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcidentityproviderlist[$$OIDCIdentityProviderList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$]__ | Spec for configuring the identity provider. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus[$$OIDCIdentityProviderStatus$$]__ | Status of the identity provider. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec"] +==== OIDCIdentityProviderSpec + +OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`issuer`* __string__ | Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch /.well-known/openid-configuration. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration for discovery/JWKS requests to the issuer. +| *`authorizationConfig`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$]__ | AuthorizationConfig holds information about how to form the OAuth2 authorization request parameters to be used with this OIDC identity provider. +| *`claims`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcclaims[$$OIDCClaims$$]__ | Claims provides the names of token claims that will be used when inspecting an identity from this OIDC identity provider. +| *`client`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcclient[$$OIDCClient$$]__ | OIDCClient contains OIDC client information to be used used with this OIDC identity provider. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcidentityproviderstatus"] +==== OIDCIdentityProviderStatus + +OIDCIdentityProviderStatus is the status of an OIDC identity provider. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcidentityprovider[$$OIDCIdentityProvider$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`phase`* __OIDCIdentityProviderPhase__ | Phase summarizes the overall status of the OIDCIdentityProvider. +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-condition[$$Condition$$] array__ | Represents the observations of an identity provider's current state. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-parameter"] +==== Parameter + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcauthorizationconfig[$$OIDCAuthorizationConfig$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`name`* __string__ | The name of the parameter. Required. +| *`value`* __string__ | The value of the parameter. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-tlsspec"] +==== TLSSpec + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-activedirectoryidentityproviderspec[$$ActiveDirectoryIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-ldapidentityproviderspec[$$LDAPIdentityProviderSpec$$] +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-idp-v1alpha1-oidcidentityproviderspec[$$OIDCIdentityProviderSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. +|=== + + + +[id="{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1"] +=== login.concierge.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped login API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-login-v1alpha1-clustercredential"] +==== ClusterCredential + +ClusterCredential is the cluster-specific credential returned on a successful credential request. It contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`expirationTimestamp`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#time-v1-meta[$$Time$$]__ | ExpirationTimestamp indicates a time when the provided credentials expire. +| *`token`* __string__ | Token is a bearer token used by the client for request authentication. +| *`clientCertificateData`* __string__ | PEM-encoded client TLS certificates (including intermediates, if any). +| *`clientKeyData`* __string__ | PEM-encoded private key for the above certificate. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-login-v1alpha1-tokencredentialrequest"] +==== TokenCredentialRequest + +TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-login-v1alpha1-tokencredentialrequestlist[$$TokenCredentialRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-login-v1alpha1-tokencredentialrequestspec[$$TokenCredentialRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-login-v1alpha1-tokencredentialrequeststatus[$$TokenCredentialRequestStatus$$]__ | +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-login-v1alpha1-tokencredentialrequestspec"] +==== TokenCredentialRequestSpec + +TokenCredentialRequestSpec is the specification of a TokenCredentialRequest, expected on requests to the Pinniped API. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`token`* __string__ | Bearer token supplied with the credential request. +| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-login-v1alpha1-tokencredentialrequeststatus"] +==== TokenCredentialRequestStatus + +TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-login-v1alpha1-tokencredentialrequest[$$TokenCredentialRequest$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`credential`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-concierge-login-v1alpha1-clustercredential[$$ClusterCredential$$]__ | A Credential will be returned for a successful credential request. +| *`message`* __string__ | An error message will be returned for an unsuccessful credential request. +|=== + + diff --git a/generated/1.23/apis/concierge/authentication/v1alpha1/doc.go b/generated/1.23/apis/concierge/authentication/v1alpha1/doc.go new file mode 100644 index 00000000..d00d3ba6 --- /dev/null +++ b/generated/1.23/apis/concierge/authentication/v1alpha1/doc.go @@ -0,0 +1,10 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:defaulter-gen=TypeMeta +// +groupName=authentication.concierge.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. +package v1alpha1 diff --git a/generated/1.23/apis/concierge/authentication/v1alpha1/register.go b/generated/1.23/apis/concierge/authentication/v1alpha1/register.go new file mode 100644 index 00000000..f58039e4 --- /dev/null +++ b/generated/1.23/apis/concierge/authentication/v1alpha1/register.go @@ -0,0 +1,45 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "authentication.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &WebhookAuthenticator{}, + &WebhookAuthenticatorList{}, + &JWTAuthenticator{}, + &JWTAuthenticatorList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.23/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/1.23/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go new file mode 100644 index 00000000..a8596b22 --- /dev/null +++ b/generated/1.23/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -0,0 +1,85 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// Status of a JWT authenticator. +type JWTAuthenticatorStatus struct { + // Represents the observations of the authenticator's current state. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} + +// Spec for configuring a JWT authenticator. +type JWTAuthenticatorSpec struct { + // Issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is + // also used to validate the "iss" JWT claim. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://` + Issuer string `json:"issuer"` + + // Audience is the required value of the "aud" JWT claim. + // +kubebuilder:validation:MinLength=1 + Audience string `json:"audience"` + + // Claims allows customization of the claims that will be mapped to user identity + // for Kubernetes access. + // +optional + Claims JWTTokenClaims `json:"claims"` + + // TLS configuration for communicating with the OIDC provider. + // +optional + TLS *TLSSpec `json:"tls,omitempty"` +} + +// JWTTokenClaims allows customization of the claims that will be mapped to user identity +// for Kubernetes access. +type JWTTokenClaims struct { + // Groups is the name of the claim which should be read to extract the user's + // group membership from the JWT token. When not specified, it will default to "groups". + // +optional + Groups string `json:"groups"` + + // Username is the name of the claim which should be read to extract the + // username from the JWT token. When not specified, it will default to "username". + // +optional + Username string `json:"username"` +} + +// JWTAuthenticator describes the configuration of a JWT authenticator. +// +// Upon receiving a signed JWT, a JWTAuthenticator will performs some validation on it (e.g., valid +// signature, existence of claims, etc.) and extract the username and groups from the token. +// +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped;pinniped-authenticator;pinniped-authenticators,scope=Cluster +// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer` +// +kubebuilder:printcolumn:name="Audience",type=string,JSONPath=`.spec.audience` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type JWTAuthenticator struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec for configuring the authenticator. + Spec JWTAuthenticatorSpec `json:"spec"` + + // Status of the authenticator. + Status JWTAuthenticatorStatus `json:"status,omitempty"` +} + +// List of JWTAuthenticator objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type JWTAuthenticatorList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []JWTAuthenticator `json:"items"` +} diff --git a/generated/1.23/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/1.23/apis/concierge/authentication/v1alpha1/types_meta.go new file mode 100644 index 00000000..76a7d547 --- /dev/null +++ b/generated/1.23/apis/concierge/authentication/v1alpha1/types_meta.go @@ -0,0 +1,75 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// ConditionStatus is effectively an enum type for Condition.Status. +type ConditionStatus string + +// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. +// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes +// can't decide if a resource is in the condition or not. In the future, we could add other +// intermediate conditions, e.g. ConditionDegraded. +const ( + ConditionTrue ConditionStatus = "True" + ConditionFalse ConditionStatus = "False" + ConditionUnknown ConditionStatus = "Unknown" +) + +// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API +// version we can switch to using the upstream type. +// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. +type Condition struct { + // type of condition in CamelCase or in foo.example.com/CamelCase. + // --- + // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + // useful (see .node.status.conditions), the ability to deconflict is important. + // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` + // +kubebuilder:validation:MaxLength=316 + Type string `json:"type"` + + // status of the condition, one of True, False, Unknown. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Enum=True;False;Unknown + Status ConditionStatus `json:"status"` + + // observedGeneration represents the .metadata.generation that the condition was set based upon. + // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + // with respect to the current state of the instance. + // +optional + // +kubebuilder:validation:Minimum=0 + ObservedGeneration int64 `json:"observedGeneration,omitempty"` + + // lastTransitionTime is the last time the condition transitioned from one status to another. + // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Type=string + // +kubebuilder:validation:Format=date-time + LastTransitionTime metav1.Time `json:"lastTransitionTime"` + + // reason contains a programmatic identifier indicating the reason for the condition's last transition. + // Producers of specific condition types may define expected values and meanings for this field, + // and whether the values are considered a guaranteed API. + // The value should be a CamelCase string. + // This field may not be empty. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:MaxLength=1024 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` + Reason string `json:"reason"` + + // message is a human readable message indicating details about the transition. + // This may be an empty string. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:MaxLength=32768 + Message string `json:"message"` +} diff --git a/generated/1.23/apis/concierge/authentication/v1alpha1/types_tls.go b/generated/1.23/apis/concierge/authentication/v1alpha1/types_tls.go new file mode 100644 index 00000000..12231665 --- /dev/null +++ b/generated/1.23/apis/concierge/authentication/v1alpha1/types_tls.go @@ -0,0 +1,11 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +// Configuration for configuring TLS on various authenticators. +type TLSSpec struct { + // X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + // +optional + CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` +} diff --git a/generated/1.23/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/1.23/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go new file mode 100644 index 00000000..77b1e045 --- /dev/null +++ b/generated/1.23/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -0,0 +1,56 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// Status of a webhook authenticator. +type WebhookAuthenticatorStatus struct { + // Represents the observations of the authenticator's current state. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} + +// Spec for configuring a webhook authenticator. +type WebhookAuthenticatorSpec struct { + // Webhook server endpoint URL. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://` + Endpoint string `json:"endpoint"` + + // TLS configuration. + // +optional + TLS *TLSSpec `json:"tls,omitempty"` +} + +// WebhookAuthenticator describes the configuration of a webhook authenticator. +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped;pinniped-authenticator;pinniped-authenticators,scope=Cluster +// +kubebuilder:printcolumn:name="Endpoint",type=string,JSONPath=`.spec.endpoint` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type WebhookAuthenticator struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec for configuring the authenticator. + Spec WebhookAuthenticatorSpec `json:"spec"` + + // Status of the authenticator. + Status WebhookAuthenticatorStatus `json:"status,omitempty"` +} + +// List of WebhookAuthenticator objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type WebhookAuthenticatorList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []WebhookAuthenticator `json:"items"` +} diff --git a/generated/1.23/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.23/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..883959bf --- /dev/null +++ b/generated/1.23/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,273 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Condition) DeepCopyInto(out *Condition) { + *out = *in + in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. +func (in *Condition) DeepCopy() *Condition { + if in == nil { + return nil + } + out := new(Condition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWTAuthenticator) DeepCopyInto(out *JWTAuthenticator) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticator. +func (in *JWTAuthenticator) DeepCopy() *JWTAuthenticator { + if in == nil { + return nil + } + out := new(JWTAuthenticator) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *JWTAuthenticator) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWTAuthenticatorList) DeepCopyInto(out *JWTAuthenticatorList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]JWTAuthenticator, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorList. +func (in *JWTAuthenticatorList) DeepCopy() *JWTAuthenticatorList { + if in == nil { + return nil + } + out := new(JWTAuthenticatorList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *JWTAuthenticatorList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWTAuthenticatorSpec) DeepCopyInto(out *JWTAuthenticatorSpec) { + *out = *in + out.Claims = in.Claims + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(TLSSpec) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorSpec. +func (in *JWTAuthenticatorSpec) DeepCopy() *JWTAuthenticatorSpec { + if in == nil { + return nil + } + out := new(JWTAuthenticatorSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWTAuthenticatorStatus) DeepCopyInto(out *JWTAuthenticatorStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorStatus. +func (in *JWTAuthenticatorStatus) DeepCopy() *JWTAuthenticatorStatus { + if in == nil { + return nil + } + out := new(JWTAuthenticatorStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JWTTokenClaims) DeepCopyInto(out *JWTTokenClaims) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTTokenClaims. +func (in *JWTTokenClaims) DeepCopy() *JWTTokenClaims { + if in == nil { + return nil + } + out := new(JWTTokenClaims) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSSpec) DeepCopyInto(out *TLSSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSSpec. +func (in *TLSSpec) DeepCopy() *TLSSpec { + if in == nil { + return nil + } + out := new(TLSSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookAuthenticator) DeepCopyInto(out *WebhookAuthenticator) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticator. +func (in *WebhookAuthenticator) DeepCopy() *WebhookAuthenticator { + if in == nil { + return nil + } + out := new(WebhookAuthenticator) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WebhookAuthenticator) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookAuthenticatorList) DeepCopyInto(out *WebhookAuthenticatorList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]WebhookAuthenticator, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorList. +func (in *WebhookAuthenticatorList) DeepCopy() *WebhookAuthenticatorList { + if in == nil { + return nil + } + out := new(WebhookAuthenticatorList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WebhookAuthenticatorList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookAuthenticatorSpec) DeepCopyInto(out *WebhookAuthenticatorSpec) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(TLSSpec) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorSpec. +func (in *WebhookAuthenticatorSpec) DeepCopy() *WebhookAuthenticatorSpec { + if in == nil { + return nil + } + out := new(WebhookAuthenticatorSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorStatus. +func (in *WebhookAuthenticatorStatus) DeepCopy() *WebhookAuthenticatorStatus { + if in == nil { + return nil + } + out := new(WebhookAuthenticatorStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.23/apis/concierge/config/v1alpha1/doc.go b/generated/1.23/apis/concierge/config/v1alpha1/doc.go new file mode 100644 index 00000000..97b2f212 --- /dev/null +++ b/generated/1.23/apis/concierge/config/v1alpha1/doc.go @@ -0,0 +1,10 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:defaulter-gen=TypeMeta +// +groupName=config.concierge.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration API. +package v1alpha1 diff --git a/generated/1.23/apis/concierge/config/v1alpha1/register.go b/generated/1.23/apis/concierge/config/v1alpha1/register.go new file mode 100644 index 00000000..8d799898 --- /dev/null +++ b/generated/1.23/apis/concierge/config/v1alpha1/register.go @@ -0,0 +1,43 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "config.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &CredentialIssuer{}, + &CredentialIssuerList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.23/apis/concierge/config/v1alpha1/types_credentialissuer.go b/generated/1.23/apis/concierge/config/v1alpha1/types_credentialissuer.go new file mode 100644 index 00000000..d1cb160b --- /dev/null +++ b/generated/1.23/apis/concierge/config/v1alpha1/types_credentialissuer.go @@ -0,0 +1,244 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// StrategyType enumerates a type of "strategy" used to implement credential access on a cluster. +// +kubebuilder:validation:Enum=KubeClusterSigningCertificate;ImpersonationProxy +type StrategyType string + +// FrontendType enumerates a type of "frontend" used to provide access to users of a cluster. +// +kubebuilder:validation:Enum=TokenCredentialRequestAPI;ImpersonationProxy +type FrontendType string + +// StrategyStatus enumerates whether a strategy is working on a cluster. +// +kubebuilder:validation:Enum=Success;Error +type StrategyStatus string + +// StrategyReason enumerates the detailed reason why a strategy is in a particular status. +// +kubebuilder:validation:Enum=Listening;Pending;Disabled;ErrorDuringSetup;CouldNotFetchKey;CouldNotGetClusterInfo;FetchedKey +type StrategyReason string + +const ( + KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate") + ImpersonationProxyStrategyType = StrategyType("ImpersonationProxy") + + TokenCredentialRequestAPIFrontendType = FrontendType("TokenCredentialRequestAPI") + ImpersonationProxyFrontendType = FrontendType("ImpersonationProxy") + + SuccessStrategyStatus = StrategyStatus("Success") + ErrorStrategyStatus = StrategyStatus("Error") + + ListeningStrategyReason = StrategyReason("Listening") + PendingStrategyReason = StrategyReason("Pending") + DisabledStrategyReason = StrategyReason("Disabled") + ErrorDuringSetupStrategyReason = StrategyReason("ErrorDuringSetup") + CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey") + CouldNotGetClusterInfoStrategyReason = StrategyReason("CouldNotGetClusterInfo") + FetchedKeyStrategyReason = StrategyReason("FetchedKey") +) + +// CredentialIssuerSpec describes the intended configuration of the Concierge. +type CredentialIssuerSpec struct { + // ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy. + ImpersonationProxy *ImpersonationProxySpec `json:"impersonationProxy"` +} + +// ImpersonationProxyMode enumerates the configuration modes for the impersonation proxy. +// +// +kubebuilder:validation:Enum=auto;enabled;disabled +type ImpersonationProxyMode string + +const ( + // ImpersonationProxyModeDisabled explicitly disables the impersonation proxy. + ImpersonationProxyModeDisabled = ImpersonationProxyMode("disabled") + + // ImpersonationProxyModeEnabled explicitly enables the impersonation proxy. + ImpersonationProxyModeEnabled = ImpersonationProxyMode("enabled") + + // ImpersonationProxyModeAuto enables or disables the impersonation proxy based upon the cluster in which it is running. + ImpersonationProxyModeAuto = ImpersonationProxyMode("auto") +) + +// ImpersonationProxyServiceType enumerates the types of service that can be provisioned for the impersonation proxy. +// +// +kubebuilder:validation:Enum=LoadBalancer;ClusterIP;None +type ImpersonationProxyServiceType string + +const ( + // ImpersonationProxyServiceTypeLoadBalancer provisions a service of type LoadBalancer. + ImpersonationProxyServiceTypeLoadBalancer = ImpersonationProxyServiceType("LoadBalancer") + + // ImpersonationProxyServiceTypeClusterIP provisions a service of type ClusterIP. + ImpersonationProxyServiceTypeClusterIP = ImpersonationProxyServiceType("ClusterIP") + + // ImpersonationProxyServiceTypeNone does not automatically provision any service. + ImpersonationProxyServiceTypeNone = ImpersonationProxyServiceType("None") +) + +// ImpersonationProxySpec describes the intended configuration of the Concierge impersonation proxy. +type ImpersonationProxySpec struct { + // Mode configures whether the impersonation proxy should be started: + // - "disabled" explicitly disables the impersonation proxy. This is the default. + // - "enabled" explicitly enables the impersonation proxy. + // - "auto" enables or disables the impersonation proxy based upon the cluster in which it is running. + Mode ImpersonationProxyMode `json:"mode"` + + // Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients. + // + // +kubebuilder:default:={"type": "LoadBalancer"} + Service ImpersonationProxyServiceSpec `json:"service"` + + // ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will + // be served using the external name of the LoadBalancer service or the cluster service DNS name. + // + // This field must be non-empty when spec.impersonationProxy.service.type is "None". + // + // +optional + ExternalEndpoint string `json:"externalEndpoint,omitempty"` +} + +// ImpersonationProxyServiceSpec describes how the Concierge should provision a Service to expose the impersonation proxy. +type ImpersonationProxyServiceSpec struct { + // Type specifies the type of Service to provision for the impersonation proxy. + // + // If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty + // value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status. + // + // +kubebuilder:default:="LoadBalancer" + Type ImpersonationProxyServiceType `json:"type,omitempty"` + + // LoadBalancerIP specifies the IP address to set in the spec.loadBalancerIP field of the provisioned Service. + // This is not supported on all cloud providers. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=255 + // +optional + LoadBalancerIP string `json:"loadBalancerIP,omitempty"` + + // Annotations specifies zero or more key/value pairs to set as annotations on the provisioned Service. + // + // +optional + Annotations map[string]string `json:"annotations,omitempty"` +} + +// CredentialIssuerStatus describes the status of the Concierge. +type CredentialIssuerStatus struct { + // List of integration strategies that were attempted by Pinniped. + Strategies []CredentialIssuerStrategy `json:"strategies"` + + // Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. + // This field is deprecated and will be removed in a future version. + // +optional + KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"` +} + +// CredentialIssuerKubeConfigInfo provides the information needed to form a valid Pinniped-based kubeconfig using this credential issuer. +// This type is deprecated and will be removed in a future version. +type CredentialIssuerKubeConfigInfo struct { + // The K8s API server URL. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://|^http://` + Server string `json:"server"` + + // The K8s API server CA bundle. + // +kubebuilder:validation:MinLength=1 + CertificateAuthorityData string `json:"certificateAuthorityData"` +} + +// CredentialIssuerStrategy describes the status of an integration strategy that was attempted by Pinniped. +type CredentialIssuerStrategy struct { + // Type of integration attempted. + Type StrategyType `json:"type"` + + // Status of the attempted integration strategy. + Status StrategyStatus `json:"status"` + + // Reason for the current status. + Reason StrategyReason `json:"reason"` + + // Human-readable description of the current status. + // +kubebuilder:validation:MinLength=1 + Message string `json:"message"` + + // When the status was last checked. + LastUpdateTime metav1.Time `json:"lastUpdateTime"` + + // Frontend describes how clients can connect using this strategy. + Frontend *CredentialIssuerFrontend `json:"frontend,omitempty"` +} + +// CredentialIssuerFrontend describes how to connect using a particular integration strategy. +type CredentialIssuerFrontend struct { + // Type describes which frontend mechanism clients can use with a strategy. + Type FrontendType `json:"type"` + + // TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. + // This field is only set when Type is "TokenCredentialRequestAPI". + TokenCredentialRequestAPIInfo *TokenCredentialRequestAPIInfo `json:"tokenCredentialRequestInfo,omitempty"` + + // ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. + // This field is only set when Type is "ImpersonationProxy". + ImpersonationProxyInfo *ImpersonationProxyInfo `json:"impersonationProxyInfo,omitempty"` +} + +// TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge. +type TokenCredentialRequestAPIInfo struct { + // Server is the Kubernetes API server URL. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://|^http://` + Server string `json:"server"` + + // CertificateAuthorityData is the base64-encoded Kubernetes API server CA bundle. + // +kubebuilder:validation:MinLength=1 + CertificateAuthorityData string `json:"certificateAuthorityData"` +} + +// ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge. +type ImpersonationProxyInfo struct { + // Endpoint is the HTTPS endpoint of the impersonation proxy. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://` + Endpoint string `json:"endpoint"` + + // CertificateAuthorityData is the base64-encoded PEM CA bundle of the impersonation proxy. + // +kubebuilder:validation:MinLength=1 + CertificateAuthorityData string `json:"certificateAuthorityData"` +} + +// CredentialIssuer describes the configuration and status of the Pinniped Concierge credential issuer. +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped,scope=Cluster +// +kubebuilder:printcolumn:name="ProxyMode",type=string,JSONPath=`.spec.impersonationProxy.mode` +// +kubebuilder:printcolumn:name="DefaultStrategy",type=string,JSONPath=`.status.strategies[?(@.status == "Success")].type` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type CredentialIssuer struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec describes the intended configuration of the Concierge. + // + // +optional + Spec CredentialIssuerSpec `json:"spec"` + + // CredentialIssuerStatus describes the status of the Concierge. + // + // +optional + Status CredentialIssuerStatus `json:"status"` +} + +// CredentialIssuerList is a list of CredentialIssuer objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type CredentialIssuerList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []CredentialIssuer `json:"items"` +} diff --git a/generated/1.23/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.23/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..a00b3fc8 --- /dev/null +++ b/generated/1.23/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,259 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuer) DeepCopyInto(out *CredentialIssuer) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuer. +func (in *CredentialIssuer) DeepCopy() *CredentialIssuer { + if in == nil { + return nil + } + out := new(CredentialIssuer) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *CredentialIssuer) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerFrontend) DeepCopyInto(out *CredentialIssuerFrontend) { + *out = *in + if in.TokenCredentialRequestAPIInfo != nil { + in, out := &in.TokenCredentialRequestAPIInfo, &out.TokenCredentialRequestAPIInfo + *out = new(TokenCredentialRequestAPIInfo) + **out = **in + } + if in.ImpersonationProxyInfo != nil { + in, out := &in.ImpersonationProxyInfo, &out.ImpersonationProxyInfo + *out = new(ImpersonationProxyInfo) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerFrontend. +func (in *CredentialIssuerFrontend) DeepCopy() *CredentialIssuerFrontend { + if in == nil { + return nil + } + out := new(CredentialIssuerFrontend) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerKubeConfigInfo. +func (in *CredentialIssuerKubeConfigInfo) DeepCopy() *CredentialIssuerKubeConfigInfo { + if in == nil { + return nil + } + out := new(CredentialIssuerKubeConfigInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerList) DeepCopyInto(out *CredentialIssuerList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]CredentialIssuer, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerList. +func (in *CredentialIssuerList) DeepCopy() *CredentialIssuerList { + if in == nil { + return nil + } + out := new(CredentialIssuerList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *CredentialIssuerList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerSpec) DeepCopyInto(out *CredentialIssuerSpec) { + *out = *in + if in.ImpersonationProxy != nil { + in, out := &in.ImpersonationProxy, &out.ImpersonationProxy + *out = new(ImpersonationProxySpec) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerSpec. +func (in *CredentialIssuerSpec) DeepCopy() *CredentialIssuerSpec { + if in == nil { + return nil + } + out := new(CredentialIssuerSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) { + *out = *in + if in.Strategies != nil { + in, out := &in.Strategies, &out.Strategies + *out = make([]CredentialIssuerStrategy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.KubeConfigInfo != nil { + in, out := &in.KubeConfigInfo, &out.KubeConfigInfo + *out = new(CredentialIssuerKubeConfigInfo) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStatus. +func (in *CredentialIssuerStatus) DeepCopy() *CredentialIssuerStatus { + if in == nil { + return nil + } + out := new(CredentialIssuerStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialIssuerStrategy) DeepCopyInto(out *CredentialIssuerStrategy) { + *out = *in + in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime) + if in.Frontend != nil { + in, out := &in.Frontend, &out.Frontend + *out = new(CredentialIssuerFrontend) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStrategy. +func (in *CredentialIssuerStrategy) DeepCopy() *CredentialIssuerStrategy { + if in == nil { + return nil + } + out := new(CredentialIssuerStrategy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ImpersonationProxyInfo) DeepCopyInto(out *ImpersonationProxyInfo) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxyInfo. +func (in *ImpersonationProxyInfo) DeepCopy() *ImpersonationProxyInfo { + if in == nil { + return nil + } + out := new(ImpersonationProxyInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ImpersonationProxyServiceSpec) DeepCopyInto(out *ImpersonationProxyServiceSpec) { + *out = *in + if in.Annotations != nil { + in, out := &in.Annotations, &out.Annotations + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxyServiceSpec. +func (in *ImpersonationProxyServiceSpec) DeepCopy() *ImpersonationProxyServiceSpec { + if in == nil { + return nil + } + out := new(ImpersonationProxyServiceSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ImpersonationProxySpec) DeepCopyInto(out *ImpersonationProxySpec) { + *out = *in + in.Service.DeepCopyInto(&out.Service) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxySpec. +func (in *ImpersonationProxySpec) DeepCopy() *ImpersonationProxySpec { + if in == nil { + return nil + } + out := new(ImpersonationProxySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestAPIInfo) DeepCopyInto(out *TokenCredentialRequestAPIInfo) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestAPIInfo. +func (in *TokenCredentialRequestAPIInfo) DeepCopy() *TokenCredentialRequestAPIInfo { + if in == nil { + return nil + } + out := new(TokenCredentialRequestAPIInfo) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.23/apis/concierge/identity/doc.go b/generated/1.23/apis/concierge/identity/doc.go new file mode 100644 index 00000000..130e8942 --- /dev/null +++ b/generated/1.23/apis/concierge/identity/doc.go @@ -0,0 +1,8 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:deepcopy-gen=package +// +groupName=identity.concierge.pinniped.dev + +// Package identity is the internal version of the Pinniped identity API. +package identity diff --git a/generated/1.23/apis/concierge/identity/register.go b/generated/1.23/apis/concierge/identity/register.go new file mode 100644 index 00000000..0cefb834 --- /dev/null +++ b/generated/1.23/apis/concierge/identity/register.go @@ -0,0 +1,38 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package identity + +import ( + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "identity.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} + +// Kind takes an unqualified kind and returns back a Group qualified GroupKind. +func Kind(kind string) schema.GroupKind { + return SchemeGroupVersion.WithKind(kind).GroupKind() +} + +// Resource takes an unqualified resource and returns back a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + AddToScheme = SchemeBuilder.AddToScheme +) + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &WhoAmIRequest{}, + &WhoAmIRequestList{}, + ) + return nil +} diff --git a/generated/1.23/apis/concierge/identity/types_userinfo.go b/generated/1.23/apis/concierge/identity/types_userinfo.go new file mode 100644 index 00000000..65eb50cc --- /dev/null +++ b/generated/1.23/apis/concierge/identity/types_userinfo.go @@ -0,0 +1,37 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package identity + +import "fmt" + +// KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. +// Copied from the Kubernetes token review API. +type KubernetesUserInfo struct { + // User is the UserInfo associated with the current user. + User UserInfo + // Audiences are audience identifiers chosen by the authenticator. + Audiences []string +} + +// UserInfo holds the information about the user needed to implement the +// user.Info interface. +type UserInfo struct { + // The name that uniquely identifies this user among all active users. + Username string + // A unique value that identifies this user across time. If this user is + // deleted and another user by the same name is added, they will have + // different UIDs. + UID string + // The names of groups this user is a part of. + Groups []string + // Any additional information provided by the authenticator. + Extra map[string]ExtraValue +} + +// ExtraValue masks the value so protobuf can generate +type ExtraValue []string + +func (t ExtraValue) String() string { + return fmt.Sprintf("%v", []string(t)) +} diff --git a/generated/1.23/apis/concierge/identity/types_whoami.go b/generated/1.23/apis/concierge/identity/types_whoami.go new file mode 100644 index 00000000..4ba30607 --- /dev/null +++ b/generated/1.23/apis/concierge/identity/types_whoami.go @@ -0,0 +1,40 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package identity + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// WhoAmIRequest submits a request to echo back the current authenticated user. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type WhoAmIRequest struct { + metav1.TypeMeta + metav1.ObjectMeta + + Spec WhoAmIRequestSpec + Status WhoAmIRequestStatus +} + +type WhoAmIRequestSpec struct { + // empty for now but we may add some config here in the future + // any such config must be safe in the context of an unauthenticated user +} + +type WhoAmIRequestStatus struct { + // The current authenticated user, exactly as Kubernetes understands it. + KubernetesUserInfo KubernetesUserInfo + + // We may add concierge specific information here in the future. +} + +// WhoAmIRequestList is a list of WhoAmIRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type WhoAmIRequestList struct { + metav1.TypeMeta + metav1.ListMeta + + // Items is a list of WhoAmIRequest + Items []WhoAmIRequest +} diff --git a/generated/1.23/apis/concierge/identity/v1alpha1/conversion.go b/generated/1.23/apis/concierge/identity/v1alpha1/conversion.go new file mode 100644 index 00000000..63ae004e --- /dev/null +++ b/generated/1.23/apis/concierge/identity/v1alpha1/conversion.go @@ -0,0 +1,4 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 diff --git a/generated/1.23/apis/concierge/identity/v1alpha1/defaults.go b/generated/1.23/apis/concierge/identity/v1alpha1/defaults.go new file mode 100644 index 00000000..15c2bec9 --- /dev/null +++ b/generated/1.23/apis/concierge/identity/v1alpha1/defaults.go @@ -0,0 +1,12 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + "k8s.io/apimachinery/pkg/runtime" +) + +func addDefaultingFuncs(scheme *runtime.Scheme) error { + return RegisterDefaults(scheme) +} diff --git a/generated/1.23/apis/concierge/identity/v1alpha1/doc.go b/generated/1.23/apis/concierge/identity/v1alpha1/doc.go new file mode 100644 index 00000000..376ddd7f --- /dev/null +++ b/generated/1.23/apis/concierge/identity/v1alpha1/doc.go @@ -0,0 +1,11 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:conversion-gen=go.pinniped.dev/generated/1.23/apis/concierge/identity +// +k8s:defaulter-gen=TypeMeta +// +groupName=identity.concierge.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped identity API. +package v1alpha1 diff --git a/generated/1.23/apis/concierge/identity/v1alpha1/register.go b/generated/1.23/apis/concierge/identity/v1alpha1/register.go new file mode 100644 index 00000000..0e17d584 --- /dev/null +++ b/generated/1.23/apis/concierge/identity/v1alpha1/register.go @@ -0,0 +1,43 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "identity.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes, addDefaultingFuncs) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &WhoAmIRequest{}, + &WhoAmIRequestList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.23/apis/concierge/identity/v1alpha1/types_userinfo.go b/generated/1.23/apis/concierge/identity/v1alpha1/types_userinfo.go new file mode 100644 index 00000000..4e509fc1 --- /dev/null +++ b/generated/1.23/apis/concierge/identity/v1alpha1/types_userinfo.go @@ -0,0 +1,41 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import "fmt" + +// KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it. +// Copied from the Kubernetes token review API. +type KubernetesUserInfo struct { + // User is the UserInfo associated with the current user. + User UserInfo `json:"user"` + // Audiences are audience identifiers chosen by the authenticator. + // +optional + Audiences []string `json:"audiences,omitempty"` +} + +// UserInfo holds the information about the user needed to implement the +// user.Info interface. +type UserInfo struct { + // The name that uniquely identifies this user among all active users. + Username string `json:"username"` + // A unique value that identifies this user across time. If this user is + // deleted and another user by the same name is added, they will have + // different UIDs. + // +optional + UID string `json:"uid,omitempty"` + // The names of groups this user is a part of. + // +optional + Groups []string `json:"groups,omitempty"` + // Any additional information provided by the authenticator. + // +optional + Extra map[string]ExtraValue `json:"extra,omitempty"` +} + +// ExtraValue masks the value so protobuf can generate +type ExtraValue []string + +func (t ExtraValue) String() string { + return fmt.Sprintf("%v", []string(t)) +} diff --git a/generated/1.23/apis/concierge/identity/v1alpha1/types_whoami.go b/generated/1.23/apis/concierge/identity/v1alpha1/types_whoami.go new file mode 100644 index 00000000..3d884346 --- /dev/null +++ b/generated/1.23/apis/concierge/identity/v1alpha1/types_whoami.go @@ -0,0 +1,43 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// WhoAmIRequest submits a request to echo back the current authenticated user. +// +genclient +// +genclient:nonNamespaced +// +genclient:onlyVerbs=create +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type WhoAmIRequest struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec WhoAmIRequestSpec `json:"spec,omitempty"` + Status WhoAmIRequestStatus `json:"status,omitempty"` +} + +type WhoAmIRequestSpec struct { + // empty for now but we may add some config here in the future + // any such config must be safe in the context of an unauthenticated user +} + +type WhoAmIRequestStatus struct { + // The current authenticated user, exactly as Kubernetes understands it. + KubernetesUserInfo KubernetesUserInfo `json:"kubernetesUserInfo"` + + // We may add concierge specific information here in the future. +} + +// WhoAmIRequestList is a list of WhoAmIRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type WhoAmIRequestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + // Items is a list of WhoAmIRequest + Items []WhoAmIRequest `json:"items"` +} diff --git a/generated/1.23/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/1.23/apis/concierge/identity/v1alpha1/zz_generated.conversion.go new file mode 100644 index 00000000..1b45dddb --- /dev/null +++ b/generated/1.23/apis/concierge/identity/v1alpha1/zz_generated.conversion.go @@ -0,0 +1,235 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by conversion-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + unsafe "unsafe" + + identity "go.pinniped.dev/generated/1.23/apis/concierge/identity" + conversion "k8s.io/apimachinery/pkg/conversion" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +func init() { + localSchemeBuilder.Register(RegisterConversions) +} + +// RegisterConversions adds conversion functions to the given scheme. +// Public to allow building arbitrary schemes. +func RegisterConversions(s *runtime.Scheme) error { + if err := s.AddGeneratedConversionFunc((*KubernetesUserInfo)(nil), (*identity.KubernetesUserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(a.(*KubernetesUserInfo), b.(*identity.KubernetesUserInfo), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.KubernetesUserInfo)(nil), (*KubernetesUserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(a.(*identity.KubernetesUserInfo), b.(*KubernetesUserInfo), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*UserInfo)(nil), (*identity.UserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_UserInfo_To_identity_UserInfo(a.(*UserInfo), b.(*identity.UserInfo), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.UserInfo)(nil), (*UserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_UserInfo_To_v1alpha1_UserInfo(a.(*identity.UserInfo), b.(*UserInfo), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*WhoAmIRequest)(nil), (*identity.WhoAmIRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(a.(*WhoAmIRequest), b.(*identity.WhoAmIRequest), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequest)(nil), (*WhoAmIRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(a.(*identity.WhoAmIRequest), b.(*WhoAmIRequest), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*WhoAmIRequestList)(nil), (*identity.WhoAmIRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(a.(*WhoAmIRequestList), b.(*identity.WhoAmIRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestList)(nil), (*WhoAmIRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(a.(*identity.WhoAmIRequestList), b.(*WhoAmIRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*WhoAmIRequestSpec)(nil), (*identity.WhoAmIRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(a.(*WhoAmIRequestSpec), b.(*identity.WhoAmIRequestSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestSpec)(nil), (*WhoAmIRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(a.(*identity.WhoAmIRequestSpec), b.(*WhoAmIRequestSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*WhoAmIRequestStatus)(nil), (*identity.WhoAmIRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(a.(*WhoAmIRequestStatus), b.(*identity.WhoAmIRequestStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestStatus)(nil), (*WhoAmIRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(a.(*identity.WhoAmIRequestStatus), b.(*WhoAmIRequestStatus), scope) + }); err != nil { + return err + } + return nil +} + +func autoConvert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in *KubernetesUserInfo, out *identity.KubernetesUserInfo, s conversion.Scope) error { + if err := Convert_v1alpha1_UserInfo_To_identity_UserInfo(&in.User, &out.User, s); err != nil { + return err + } + out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences)) + return nil +} + +// Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo is an autogenerated conversion function. +func Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in *KubernetesUserInfo, out *identity.KubernetesUserInfo, s conversion.Scope) error { + return autoConvert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in, out, s) +} + +func autoConvert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in *identity.KubernetesUserInfo, out *KubernetesUserInfo, s conversion.Scope) error { + if err := Convert_identity_UserInfo_To_v1alpha1_UserInfo(&in.User, &out.User, s); err != nil { + return err + } + out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences)) + return nil +} + +// Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo is an autogenerated conversion function. +func Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in *identity.KubernetesUserInfo, out *KubernetesUserInfo, s conversion.Scope) error { + return autoConvert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in, out, s) +} + +func autoConvert_v1alpha1_UserInfo_To_identity_UserInfo(in *UserInfo, out *identity.UserInfo, s conversion.Scope) error { + out.Username = in.Username + out.UID = in.UID + out.Groups = *(*[]string)(unsafe.Pointer(&in.Groups)) + out.Extra = *(*map[string]identity.ExtraValue)(unsafe.Pointer(&in.Extra)) + return nil +} + +// Convert_v1alpha1_UserInfo_To_identity_UserInfo is an autogenerated conversion function. +func Convert_v1alpha1_UserInfo_To_identity_UserInfo(in *UserInfo, out *identity.UserInfo, s conversion.Scope) error { + return autoConvert_v1alpha1_UserInfo_To_identity_UserInfo(in, out, s) +} + +func autoConvert_identity_UserInfo_To_v1alpha1_UserInfo(in *identity.UserInfo, out *UserInfo, s conversion.Scope) error { + out.Username = in.Username + out.UID = in.UID + out.Groups = *(*[]string)(unsafe.Pointer(&in.Groups)) + out.Extra = *(*map[string]ExtraValue)(unsafe.Pointer(&in.Extra)) + return nil +} + +// Convert_identity_UserInfo_To_v1alpha1_UserInfo is an autogenerated conversion function. +func Convert_identity_UserInfo_To_v1alpha1_UserInfo(in *identity.UserInfo, out *UserInfo, s conversion.Scope) error { + return autoConvert_identity_UserInfo_To_v1alpha1_UserInfo(in, out, s) +} + +func autoConvert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in *WhoAmIRequest, out *identity.WhoAmIRequest, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest is an autogenerated conversion function. +func Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in *WhoAmIRequest, out *identity.WhoAmIRequest, s conversion.Scope) error { + return autoConvert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in, out, s) +} + +func autoConvert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in *identity.WhoAmIRequest, out *WhoAmIRequest, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest is an autogenerated conversion function. +func Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in *identity.WhoAmIRequest, out *WhoAmIRequest, s conversion.Scope) error { + return autoConvert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in, out, s) +} + +func autoConvert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in *WhoAmIRequestList, out *identity.WhoAmIRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]identity.WhoAmIRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList is an autogenerated conversion function. +func Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in *WhoAmIRequestList, out *identity.WhoAmIRequestList, s conversion.Scope) error { + return autoConvert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in, out, s) +} + +func autoConvert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in *identity.WhoAmIRequestList, out *WhoAmIRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]WhoAmIRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList is an autogenerated conversion function. +func Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in *identity.WhoAmIRequestList, out *WhoAmIRequestList, s conversion.Scope) error { + return autoConvert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in, out, s) +} + +func autoConvert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in *WhoAmIRequestSpec, out *identity.WhoAmIRequestSpec, s conversion.Scope) error { + return nil +} + +// Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec is an autogenerated conversion function. +func Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in *WhoAmIRequestSpec, out *identity.WhoAmIRequestSpec, s conversion.Scope) error { + return autoConvert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in, out, s) +} + +func autoConvert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in *identity.WhoAmIRequestSpec, out *WhoAmIRequestSpec, s conversion.Scope) error { + return nil +} + +// Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec is an autogenerated conversion function. +func Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in *identity.WhoAmIRequestSpec, out *WhoAmIRequestSpec, s conversion.Scope) error { + return autoConvert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in, out, s) +} + +func autoConvert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in *WhoAmIRequestStatus, out *identity.WhoAmIRequestStatus, s conversion.Scope) error { + if err := Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(&in.KubernetesUserInfo, &out.KubernetesUserInfo, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus is an autogenerated conversion function. +func Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in *WhoAmIRequestStatus, out *identity.WhoAmIRequestStatus, s conversion.Scope) error { + return autoConvert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in, out, s) +} + +func autoConvert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in *identity.WhoAmIRequestStatus, out *WhoAmIRequestStatus, s conversion.Scope) error { + if err := Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(&in.KubernetesUserInfo, &out.KubernetesUserInfo, s); err != nil { + return err + } + return nil +} + +// Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus is an autogenerated conversion function. +func Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in *identity.WhoAmIRequestStatus, out *WhoAmIRequestStatus, s conversion.Scope) error { + return autoConvert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in, out, s) +} diff --git a/generated/1.23/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/1.23/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..8206b6dd --- /dev/null +++ b/generated/1.23/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,185 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in ExtraValue) DeepCopyInto(out *ExtraValue) { + { + in := &in + *out = make(ExtraValue, len(*in)) + copy(*out, *in) + return + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue. +func (in ExtraValue) DeepCopy() ExtraValue { + if in == nil { + return nil + } + out := new(ExtraValue) + in.DeepCopyInto(out) + return *out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubernetesUserInfo) DeepCopyInto(out *KubernetesUserInfo) { + *out = *in + in.User.DeepCopyInto(&out.User) + if in.Audiences != nil { + in, out := &in.Audiences, &out.Audiences + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesUserInfo. +func (in *KubernetesUserInfo) DeepCopy() *KubernetesUserInfo { + if in == nil { + return nil + } + out := new(KubernetesUserInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserInfo) DeepCopyInto(out *UserInfo) { + *out = *in + if in.Groups != nil { + in, out := &in.Groups, &out.Groups + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Extra != nil { + in, out := &in.Extra, &out.Extra + *out = make(map[string]ExtraValue, len(*in)) + for key, val := range *in { + var outVal []string + if val == nil { + (*out)[key] = nil + } else { + in, out := &val, &outVal + *out = make(ExtraValue, len(*in)) + copy(*out, *in) + } + (*out)[key] = outVal + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInfo. +func (in *UserInfo) DeepCopy() *UserInfo { + if in == nil { + return nil + } + out := new(UserInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequest) DeepCopyInto(out *WhoAmIRequest) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequest. +func (in *WhoAmIRequest) DeepCopy() *WhoAmIRequest { + if in == nil { + return nil + } + out := new(WhoAmIRequest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WhoAmIRequest) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestList) DeepCopyInto(out *WhoAmIRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]WhoAmIRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestList. +func (in *WhoAmIRequestList) DeepCopy() *WhoAmIRequestList { + if in == nil { + return nil + } + out := new(WhoAmIRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WhoAmIRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestSpec) DeepCopyInto(out *WhoAmIRequestSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestSpec. +func (in *WhoAmIRequestSpec) DeepCopy() *WhoAmIRequestSpec { + if in == nil { + return nil + } + out := new(WhoAmIRequestSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestStatus) DeepCopyInto(out *WhoAmIRequestStatus) { + *out = *in + in.KubernetesUserInfo.DeepCopyInto(&out.KubernetesUserInfo) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestStatus. +func (in *WhoAmIRequestStatus) DeepCopy() *WhoAmIRequestStatus { + if in == nil { + return nil + } + out := new(WhoAmIRequestStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.23/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/1.23/apis/concierge/identity/v1alpha1/zz_generated.defaults.go new file mode 100644 index 00000000..9097a935 --- /dev/null +++ b/generated/1.23/apis/concierge/identity/v1alpha1/zz_generated.defaults.go @@ -0,0 +1,20 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by defaulter-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// RegisterDefaults adds defaulters functions to the given scheme. +// Public to allow building arbitrary schemes. +// All generated defaulters are covering - they call all nested defaulters. +func RegisterDefaults(scheme *runtime.Scheme) error { + return nil +} diff --git a/generated/1.23/apis/concierge/identity/validation/validation.go b/generated/1.23/apis/concierge/identity/validation/validation.go new file mode 100644 index 00000000..56ce5138 --- /dev/null +++ b/generated/1.23/apis/concierge/identity/validation/validation.go @@ -0,0 +1,14 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package validation + +import ( + "k8s.io/apimachinery/pkg/util/validation/field" + + identityapi "go.pinniped.dev/generated/1.23/apis/concierge/identity" +) + +func ValidateWhoAmIRequest(whoAmIRequest *identityapi.WhoAmIRequest) field.ErrorList { + return nil // add validation for spec here if we expand it +} diff --git a/generated/1.23/apis/concierge/identity/zz_generated.deepcopy.go b/generated/1.23/apis/concierge/identity/zz_generated.deepcopy.go new file mode 100644 index 00000000..4d844ffd --- /dev/null +++ b/generated/1.23/apis/concierge/identity/zz_generated.deepcopy.go @@ -0,0 +1,185 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package identity + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in ExtraValue) DeepCopyInto(out *ExtraValue) { + { + in := &in + *out = make(ExtraValue, len(*in)) + copy(*out, *in) + return + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue. +func (in ExtraValue) DeepCopy() ExtraValue { + if in == nil { + return nil + } + out := new(ExtraValue) + in.DeepCopyInto(out) + return *out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubernetesUserInfo) DeepCopyInto(out *KubernetesUserInfo) { + *out = *in + in.User.DeepCopyInto(&out.User) + if in.Audiences != nil { + in, out := &in.Audiences, &out.Audiences + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesUserInfo. +func (in *KubernetesUserInfo) DeepCopy() *KubernetesUserInfo { + if in == nil { + return nil + } + out := new(KubernetesUserInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserInfo) DeepCopyInto(out *UserInfo) { + *out = *in + if in.Groups != nil { + in, out := &in.Groups, &out.Groups + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Extra != nil { + in, out := &in.Extra, &out.Extra + *out = make(map[string]ExtraValue, len(*in)) + for key, val := range *in { + var outVal []string + if val == nil { + (*out)[key] = nil + } else { + in, out := &val, &outVal + *out = make(ExtraValue, len(*in)) + copy(*out, *in) + } + (*out)[key] = outVal + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInfo. +func (in *UserInfo) DeepCopy() *UserInfo { + if in == nil { + return nil + } + out := new(UserInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequest) DeepCopyInto(out *WhoAmIRequest) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequest. +func (in *WhoAmIRequest) DeepCopy() *WhoAmIRequest { + if in == nil { + return nil + } + out := new(WhoAmIRequest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WhoAmIRequest) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestList) DeepCopyInto(out *WhoAmIRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]WhoAmIRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestList. +func (in *WhoAmIRequestList) DeepCopy() *WhoAmIRequestList { + if in == nil { + return nil + } + out := new(WhoAmIRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *WhoAmIRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestSpec) DeepCopyInto(out *WhoAmIRequestSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestSpec. +func (in *WhoAmIRequestSpec) DeepCopy() *WhoAmIRequestSpec { + if in == nil { + return nil + } + out := new(WhoAmIRequestSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WhoAmIRequestStatus) DeepCopyInto(out *WhoAmIRequestStatus) { + *out = *in + in.KubernetesUserInfo.DeepCopyInto(&out.KubernetesUserInfo) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestStatus. +func (in *WhoAmIRequestStatus) DeepCopy() *WhoAmIRequestStatus { + if in == nil { + return nil + } + out := new(WhoAmIRequestStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.23/apis/concierge/login/doc.go b/generated/1.23/apis/concierge/login/doc.go new file mode 100644 index 00000000..14af63a2 --- /dev/null +++ b/generated/1.23/apis/concierge/login/doc.go @@ -0,0 +1,8 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:deepcopy-gen=package +// +groupName=login.concierge.pinniped.dev + +// Package login is the internal version of the Pinniped login API. +package login diff --git a/generated/1.23/apis/concierge/login/register.go b/generated/1.23/apis/concierge/login/register.go new file mode 100644 index 00000000..1c3ba130 --- /dev/null +++ b/generated/1.23/apis/concierge/login/register.go @@ -0,0 +1,38 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package login + +import ( + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "login.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} + +// Kind takes an unqualified kind and returns back a Group qualified GroupKind. +func Kind(kind string) schema.GroupKind { + return SchemeGroupVersion.WithKind(kind).GroupKind() +} + +// Resource takes an unqualified resource and returns back a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + AddToScheme = SchemeBuilder.AddToScheme +) + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &TokenCredentialRequest{}, + &TokenCredentialRequestList{}, + ) + return nil +} diff --git a/generated/1.23/apis/concierge/login/types_clustercred.go b/generated/1.23/apis/concierge/login/types_clustercred.go new file mode 100644 index 00000000..dd683b81 --- /dev/null +++ b/generated/1.23/apis/concierge/login/types_clustercred.go @@ -0,0 +1,21 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package login + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// ClusterCredential is a credential (token or certificate) which is valid on the Kubernetes cluster. +type ClusterCredential struct { + // ExpirationTimestamp indicates a time when the provided credentials expire. + ExpirationTimestamp metav1.Time + + // Token is a bearer token used by the client for request authentication. + Token string + + // PEM-encoded client TLS certificates (including intermediates, if any). + ClientCertificateData string + + // PEM-encoded private key for the above certificate. + ClientKeyData string +} diff --git a/generated/1.23/apis/concierge/login/types_token.go b/generated/1.23/apis/concierge/login/types_token.go new file mode 100644 index 00000000..e3af529e --- /dev/null +++ b/generated/1.23/apis/concierge/login/types_token.go @@ -0,0 +1,47 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package login + +import ( + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type TokenCredentialRequestSpec struct { + // Bearer token supplied with the credential request. + Token string + + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference +} + +type TokenCredentialRequestStatus struct { + // A ClusterCredential will be returned for a successful credential request. + // +optional + Credential *ClusterCredential + + // An error message will be returned for an unsuccessful credential request. + // +optional + Message *string +} + +// TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type TokenCredentialRequest struct { + metav1.TypeMeta + metav1.ObjectMeta + + Spec TokenCredentialRequestSpec + Status TokenCredentialRequestStatus +} + +// TokenCredentialRequestList is a list of TokenCredentialRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type TokenCredentialRequestList struct { + metav1.TypeMeta + metav1.ListMeta + + // Items is a list of TokenCredentialRequest + Items []TokenCredentialRequest +} diff --git a/generated/1.23/apis/concierge/login/v1alpha1/conversion.go b/generated/1.23/apis/concierge/login/v1alpha1/conversion.go new file mode 100644 index 00000000..dca8bca2 --- /dev/null +++ b/generated/1.23/apis/concierge/login/v1alpha1/conversion.go @@ -0,0 +1,4 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 diff --git a/generated/1.23/apis/concierge/login/v1alpha1/defaults.go b/generated/1.23/apis/concierge/login/v1alpha1/defaults.go new file mode 100644 index 00000000..12f0acd2 --- /dev/null +++ b/generated/1.23/apis/concierge/login/v1alpha1/defaults.go @@ -0,0 +1,12 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + "k8s.io/apimachinery/pkg/runtime" +) + +func addDefaultingFuncs(scheme *runtime.Scheme) error { + return RegisterDefaults(scheme) +} diff --git a/generated/1.23/apis/concierge/login/v1alpha1/doc.go b/generated/1.23/apis/concierge/login/v1alpha1/doc.go new file mode 100644 index 00000000..20083f63 --- /dev/null +++ b/generated/1.23/apis/concierge/login/v1alpha1/doc.go @@ -0,0 +1,11 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:conversion-gen=go.pinniped.dev/generated/1.23/apis/concierge/login +// +k8s:defaulter-gen=TypeMeta +// +groupName=login.concierge.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped login API. +package v1alpha1 diff --git a/generated/1.23/apis/concierge/login/v1alpha1/register.go b/generated/1.23/apis/concierge/login/v1alpha1/register.go new file mode 100644 index 00000000..60efec82 --- /dev/null +++ b/generated/1.23/apis/concierge/login/v1alpha1/register.go @@ -0,0 +1,43 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "login.concierge.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes, addDefaultingFuncs) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &TokenCredentialRequest{}, + &TokenCredentialRequestList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.23/apis/concierge/login/v1alpha1/types_clustercred.go b/generated/1.23/apis/concierge/login/v1alpha1/types_clustercred.go new file mode 100644 index 00000000..eb50c7fe --- /dev/null +++ b/generated/1.23/apis/concierge/login/v1alpha1/types_clustercred.go @@ -0,0 +1,22 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// ClusterCredential is the cluster-specific credential returned on a successful credential request. It +// contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster. +type ClusterCredential struct { + // ExpirationTimestamp indicates a time when the provided credentials expire. + ExpirationTimestamp metav1.Time `json:"expirationTimestamp,omitempty"` + + // Token is a bearer token used by the client for request authentication. + Token string `json:"token,omitempty"` + + // PEM-encoded client TLS certificates (including intermediates, if any). + ClientCertificateData string `json:"clientCertificateData,omitempty"` + + // PEM-encoded private key for the above certificate. + ClientKeyData string `json:"clientKeyData,omitempty"` +} diff --git a/generated/1.23/apis/concierge/login/v1alpha1/types_token.go b/generated/1.23/apis/concierge/login/v1alpha1/types_token.go new file mode 100644 index 00000000..c8f3b66e --- /dev/null +++ b/generated/1.23/apis/concierge/login/v1alpha1/types_token.go @@ -0,0 +1,51 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// TokenCredentialRequestSpec is the specification of a TokenCredentialRequest, expected on requests to the Pinniped API. +type TokenCredentialRequestSpec struct { + // Bearer token supplied with the credential request. + Token string `json:"token,omitempty"` + + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference `json:"authenticator"` +} + +// TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API. +type TokenCredentialRequestStatus struct { + // A Credential will be returned for a successful credential request. + // +optional + Credential *ClusterCredential `json:"credential,omitempty"` + + // An error message will be returned for an unsuccessful credential request. + // +optional + Message *string `json:"message,omitempty"` +} + +// TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential. +// +genclient +// +genclient:nonNamespaced +// +genclient:onlyVerbs=create +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type TokenCredentialRequest struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec TokenCredentialRequestSpec `json:"spec,omitempty"` + Status TokenCredentialRequestStatus `json:"status,omitempty"` +} + +// TokenCredentialRequestList is a list of TokenCredentialRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type TokenCredentialRequestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []TokenCredentialRequest `json:"items"` +} diff --git a/generated/1.23/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.23/apis/concierge/login/v1alpha1/zz_generated.conversion.go new file mode 100644 index 00000000..56a97130 --- /dev/null +++ b/generated/1.23/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -0,0 +1,201 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by conversion-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + unsafe "unsafe" + + login "go.pinniped.dev/generated/1.23/apis/concierge/login" + conversion "k8s.io/apimachinery/pkg/conversion" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +func init() { + localSchemeBuilder.Register(RegisterConversions) +} + +// RegisterConversions adds conversion functions to the given scheme. +// Public to allow building arbitrary schemes. +func RegisterConversions(s *runtime.Scheme) error { + if err := s.AddGeneratedConversionFunc((*ClusterCredential)(nil), (*login.ClusterCredential)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential(a.(*ClusterCredential), b.(*login.ClusterCredential), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*login.ClusterCredential)(nil), (*ClusterCredential)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential(a.(*login.ClusterCredential), b.(*ClusterCredential), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*TokenCredentialRequest)(nil), (*login.TokenCredentialRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(a.(*TokenCredentialRequest), b.(*login.TokenCredentialRequest), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequest)(nil), (*TokenCredentialRequest)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(a.(*login.TokenCredentialRequest), b.(*TokenCredentialRequest), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestList)(nil), (*login.TokenCredentialRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(a.(*TokenCredentialRequestList), b.(*login.TokenCredentialRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestList)(nil), (*TokenCredentialRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(a.(*login.TokenCredentialRequestList), b.(*TokenCredentialRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestSpec)(nil), (*login.TokenCredentialRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(a.(*TokenCredentialRequestSpec), b.(*login.TokenCredentialRequestSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestSpec)(nil), (*TokenCredentialRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(a.(*login.TokenCredentialRequestSpec), b.(*TokenCredentialRequestSpec), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestStatus)(nil), (*login.TokenCredentialRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(a.(*TokenCredentialRequestStatus), b.(*login.TokenCredentialRequestStatus), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestStatus)(nil), (*TokenCredentialRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(a.(*login.TokenCredentialRequestStatus), b.(*TokenCredentialRequestStatus), scope) + }); err != nil { + return err + } + return nil +} + +func autoConvert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in *ClusterCredential, out *login.ClusterCredential, s conversion.Scope) error { + out.ExpirationTimestamp = in.ExpirationTimestamp + out.Token = in.Token + out.ClientCertificateData = in.ClientCertificateData + out.ClientKeyData = in.ClientKeyData + return nil +} + +// Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential is an autogenerated conversion function. +func Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in *ClusterCredential, out *login.ClusterCredential, s conversion.Scope) error { + return autoConvert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in, out, s) +} + +func autoConvert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in *login.ClusterCredential, out *ClusterCredential, s conversion.Scope) error { + out.ExpirationTimestamp = in.ExpirationTimestamp + out.Token = in.Token + out.ClientCertificateData = in.ClientCertificateData + out.ClientKeyData = in.ClientKeyData + return nil +} + +// Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential is an autogenerated conversion function. +func Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in *login.ClusterCredential, out *ClusterCredential, s conversion.Scope) error { + return autoConvert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in, out, s) +} + +func autoConvert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in *TokenCredentialRequest, out *login.TokenCredentialRequest, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest is an autogenerated conversion function. +func Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in *TokenCredentialRequest, out *login.TokenCredentialRequest, s conversion.Scope) error { + return autoConvert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in, out, s) +} + +func autoConvert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in *login.TokenCredentialRequest, out *TokenCredentialRequest, s conversion.Scope) error { + out.ObjectMeta = in.ObjectMeta + if err := Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(&in.Spec, &out.Spec, s); err != nil { + return err + } + if err := Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(&in.Status, &out.Status, s); err != nil { + return err + } + return nil +} + +// Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest is an autogenerated conversion function. +func Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in *login.TokenCredentialRequest, out *TokenCredentialRequest, s conversion.Scope) error { + return autoConvert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in, out, s) +} + +func autoConvert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in *TokenCredentialRequestList, out *login.TokenCredentialRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]login.TokenCredentialRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList is an autogenerated conversion function. +func Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in *TokenCredentialRequestList, out *login.TokenCredentialRequestList, s conversion.Scope) error { + return autoConvert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in, out, s) +} + +func autoConvert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in *login.TokenCredentialRequestList, out *TokenCredentialRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]TokenCredentialRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList is an autogenerated conversion function. +func Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in *login.TokenCredentialRequestList, out *TokenCredentialRequestList, s conversion.Scope) error { + return autoConvert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in, out, s) +} + +func autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error { + out.Token = in.Token + out.Authenticator = in.Authenticator + return nil +} + +// Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec is an autogenerated conversion function. +func Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error { + return autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in, out, s) +} + +func autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error { + out.Token = in.Token + out.Authenticator = in.Authenticator + return nil +} + +// Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec is an autogenerated conversion function. +func Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error { + return autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in, out, s) +} + +func autoConvert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in *TokenCredentialRequestStatus, out *login.TokenCredentialRequestStatus, s conversion.Scope) error { + out.Credential = (*login.ClusterCredential)(unsafe.Pointer(in.Credential)) + out.Message = (*string)(unsafe.Pointer(in.Message)) + return nil +} + +// Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus is an autogenerated conversion function. +func Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in *TokenCredentialRequestStatus, out *login.TokenCredentialRequestStatus, s conversion.Scope) error { + return autoConvert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in, out, s) +} + +func autoConvert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in *login.TokenCredentialRequestStatus, out *TokenCredentialRequestStatus, s conversion.Scope) error { + out.Credential = (*ClusterCredential)(unsafe.Pointer(in.Credential)) + out.Message = (*string)(unsafe.Pointer(in.Message)) + return nil +} + +// Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus is an autogenerated conversion function. +func Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in *login.TokenCredentialRequestStatus, out *TokenCredentialRequestStatus, s conversion.Scope) error { + return autoConvert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in, out, s) +} diff --git a/generated/1.23/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.23/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..6f39cfec --- /dev/null +++ b/generated/1.23/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,134 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterCredential) DeepCopyInto(out *ClusterCredential) { + *out = *in + in.ExpirationTimestamp.DeepCopyInto(&out.ExpirationTimestamp) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCredential. +func (in *ClusterCredential) DeepCopy() *ClusterCredential { + if in == nil { + return nil + } + out := new(ClusterCredential) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequest) DeepCopyInto(out *TokenCredentialRequest) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequest. +func (in *TokenCredentialRequest) DeepCopy() *TokenCredentialRequest { + if in == nil { + return nil + } + out := new(TokenCredentialRequest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TokenCredentialRequest) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestList) DeepCopyInto(out *TokenCredentialRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]TokenCredentialRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestList. +func (in *TokenCredentialRequestList) DeepCopy() *TokenCredentialRequestList { + if in == nil { + return nil + } + out := new(TokenCredentialRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { + *out = *in + in.Authenticator.DeepCopyInto(&out.Authenticator) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestSpec. +func (in *TokenCredentialRequestSpec) DeepCopy() *TokenCredentialRequestSpec { + if in == nil { + return nil + } + out := new(TokenCredentialRequestSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestStatus) DeepCopyInto(out *TokenCredentialRequestStatus) { + *out = *in + if in.Credential != nil { + in, out := &in.Credential, &out.Credential + *out = new(ClusterCredential) + (*in).DeepCopyInto(*out) + } + if in.Message != nil { + in, out := &in.Message, &out.Message + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestStatus. +func (in *TokenCredentialRequestStatus) DeepCopy() *TokenCredentialRequestStatus { + if in == nil { + return nil + } + out := new(TokenCredentialRequestStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.23/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/1.23/apis/concierge/login/v1alpha1/zz_generated.defaults.go new file mode 100644 index 00000000..9097a935 --- /dev/null +++ b/generated/1.23/apis/concierge/login/v1alpha1/zz_generated.defaults.go @@ -0,0 +1,20 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by defaulter-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// RegisterDefaults adds defaulters functions to the given scheme. +// Public to allow building arbitrary schemes. +// All generated defaulters are covering - they call all nested defaulters. +func RegisterDefaults(scheme *runtime.Scheme) error { + return nil +} diff --git a/generated/1.23/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.23/apis/concierge/login/zz_generated.deepcopy.go new file mode 100644 index 00000000..07f4f074 --- /dev/null +++ b/generated/1.23/apis/concierge/login/zz_generated.deepcopy.go @@ -0,0 +1,134 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package login + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterCredential) DeepCopyInto(out *ClusterCredential) { + *out = *in + in.ExpirationTimestamp.DeepCopyInto(&out.ExpirationTimestamp) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCredential. +func (in *ClusterCredential) DeepCopy() *ClusterCredential { + if in == nil { + return nil + } + out := new(ClusterCredential) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequest) DeepCopyInto(out *TokenCredentialRequest) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequest. +func (in *TokenCredentialRequest) DeepCopy() *TokenCredentialRequest { + if in == nil { + return nil + } + out := new(TokenCredentialRequest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TokenCredentialRequest) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestList) DeepCopyInto(out *TokenCredentialRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]TokenCredentialRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestList. +func (in *TokenCredentialRequestList) DeepCopy() *TokenCredentialRequestList { + if in == nil { + return nil + } + out := new(TokenCredentialRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { + *out = *in + in.Authenticator.DeepCopyInto(&out.Authenticator) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestSpec. +func (in *TokenCredentialRequestSpec) DeepCopy() *TokenCredentialRequestSpec { + if in == nil { + return nil + } + out := new(TokenCredentialRequestSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenCredentialRequestStatus) DeepCopyInto(out *TokenCredentialRequestStatus) { + *out = *in + if in.Credential != nil { + in, out := &in.Credential, &out.Credential + *out = new(ClusterCredential) + (*in).DeepCopyInto(*out) + } + if in.Message != nil { + in, out := &in.Message, &out.Message + *out = new(string) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestStatus. +func (in *TokenCredentialRequestStatus) DeepCopy() *TokenCredentialRequestStatus { + if in == nil { + return nil + } + out := new(TokenCredentialRequestStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.23/apis/go.mod b/generated/1.23/apis/go.mod new file mode 100644 index 00000000..b728d3d2 --- /dev/null +++ b/generated/1.23/apis/go.mod @@ -0,0 +1,9 @@ +// This go.mod file is generated by ./hack/codegen.sh. +module go.pinniped.dev/generated/1.23/apis + +go 1.13 + +require ( + k8s.io/api v0.23.3 + k8s.io/apimachinery v0.23.3 +) diff --git a/generated/1.23/apis/go.sum b/generated/1.23/apis/go.sum new file mode 100644 index 00000000..3f0ad86b --- /dev/null +++ b/generated/1.23/apis/go.sum @@ -0,0 +1,241 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= +github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= +github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= +github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= +github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= +github.com/getkin/kin-openapi v0.76.0/go.mod h1:660oXbgy5JFMKreazJaQTw7o+X00qeSyhcnluiMv+Xg= +github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= +github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= +github.com/go-logr/logr v1.2.0 h1:QK40JKJyMdUDz+h+xvCsru/bJhvG0UxvePV0ufL/AcE= +github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= +github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= +github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= +github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97DwqyJO1AENw9kA= +github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= +github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= +github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= +github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= +github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= +github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= +github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= +github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= +github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.0.0-20211209124913-491a49abca63 h1:iocB37TsdFuN6IBRZ+ry36wrkoV51/tl5vOWqkcPGvY= +golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +k8s.io/api v0.23.3 h1:KNrME8KHGr12Ozjf8ytOewKzZh6hl/hHUZeHddT3a38= +k8s.io/api v0.23.3/go.mod h1:w258XdGyvCmnBj/vGzQMj6kzdufJZVUwEM1U2fRJwSQ= +k8s.io/apimachinery v0.23.3 h1:7IW6jxNzrXTsP0c8yXz2E5Yx/WTzVPTsHIx/2Vm0cIk= +k8s.io/apimachinery v0.23.3/go.mod h1:BEuFMMBaIbcOqVIJqNZJXGFTP4W6AycEpb5+m/97hrM= +k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= +k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= +k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= +k8s.io/klog/v2 v2.30.0 h1:bUO6drIvCIsvZ/XFgfxoGFQU/a4Qkh0iAlvUR7vlHJw= +k8s.io/klog/v2 v2.30.0/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65/go.mod h1:sX9MT8g7NVZM5lVL/j8QyCCJe8YSMW30QvGZWaCIDIk= +k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20211116205334-6203023598ed h1:ck1fRPWPJWsMd8ZRFsWc6mh/zHp5fZ/shhbrgPUxDAE= +k8s.io/utils v0.0.0-20211116205334-6203023598ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6 h1:fD1pz4yfdADVNfFmcP2aBEtudwUQ1AlLnRBALr33v3s= +sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6/go.mod h1:p4QtZmO4uMYipTQNzagwnNoseA6OxSUutVw05NhYDRs= +sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= +sigs.k8s.io/structured-merge-diff/v4 v4.2.1 h1:bKCqE9GvQ5tiVHn5rfn1r+yao3aLQEaLzkkmAkf+A6Y= +sigs.k8s.io/structured-merge-diff/v4 v4.2.1/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= +sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= +sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/generated/1.23/apis/supervisor/config/v1alpha1/doc.go b/generated/1.23/apis/supervisor/config/v1alpha1/doc.go new file mode 100644 index 00000000..f45908bf --- /dev/null +++ b/generated/1.23/apis/supervisor/config/v1alpha1/doc.go @@ -0,0 +1,11 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:conversion-gen=go.pinniped.dev/generated/1.23/apis/supervisor/config +// +k8s:defaulter-gen=TypeMeta +// +groupName=config.supervisor.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuration API. +package v1alpha1 diff --git a/generated/1.23/apis/supervisor/config/v1alpha1/register.go b/generated/1.23/apis/supervisor/config/v1alpha1/register.go new file mode 100644 index 00000000..69045298 --- /dev/null +++ b/generated/1.23/apis/supervisor/config/v1alpha1/register.go @@ -0,0 +1,43 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "config.supervisor.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &FederationDomain{}, + &FederationDomainList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.23/apis/supervisor/config/v1alpha1/types_federationdomain.go b/generated/1.23/apis/supervisor/config/v1alpha1/types_federationdomain.go new file mode 100644 index 00000000..e92303a9 --- /dev/null +++ b/generated/1.23/apis/supervisor/config/v1alpha1/types_federationdomain.go @@ -0,0 +1,134 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +kubebuilder:validation:Enum=Success;Duplicate;Invalid;SameIssuerHostMustUseSameSecret +type FederationDomainStatusCondition string + +const ( + SuccessFederationDomainStatusCondition = FederationDomainStatusCondition("Success") + DuplicateFederationDomainStatusCondition = FederationDomainStatusCondition("Duplicate") + SameIssuerHostMustUseSameSecretFederationDomainStatusCondition = FederationDomainStatusCondition("SameIssuerHostMustUseSameSecret") + InvalidFederationDomainStatusCondition = FederationDomainStatusCondition("Invalid") +) + +// FederationDomainTLSSpec is a struct that describes the TLS configuration for an OIDC Provider. +type FederationDomainTLSSpec struct { + // SecretName is an optional name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains + // the TLS serving certificate for the HTTPS endpoints served by this FederationDomain. When provided, the TLS Secret + // named here must contain keys named `tls.crt` and `tls.key` that contain the certificate and private key to use + // for TLS. + // + // Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) supported by all major browsers. + // + // SecretName is required if you would like to use different TLS certificates for issuers of different hostnames. + // SNI requests do not include port numbers, so all issuers with the same DNS hostname must use the same + // SecretName value even if they have different port numbers. + // + // SecretName is not required when you would like to use only the HTTP endpoints (e.g. when terminating TLS at an + // Ingress). It is also not required when you would like all requests to this OIDC Provider's HTTPS endpoints to + // use the default TLS certificate, which is configured elsewhere. + // + // When your Issuer URL's host is an IP address, then this field is ignored. SNI does not work for IP addresses. + // + // +optional + SecretName string `json:"secretName,omitempty"` +} + +// FederationDomainSpec is a struct that describes an OIDC Provider. +type FederationDomainSpec struct { + // Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the + // identifier that it will use for the iss claim in issued JWTs. This field will also be used as + // the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is + // https://example.com/foo, then your authorization endpoint will look like + // https://example.com/foo/some/path/to/auth/endpoint). + // + // See + // https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information. + // +kubebuilder:validation:MinLength=1 + Issuer string `json:"issuer"` + + // TLS configures how this FederationDomain is served over Transport Layer Security (TLS). + // +optional + TLS *FederationDomainTLSSpec `json:"tls,omitempty"` +} + +// FederationDomainSecrets holds information about this OIDC Provider's secrets. +type FederationDomainSecrets struct { + // JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are + // stored. If it is empty, then the signing/verification keys are either unknown or they don't + // exist. + // +optional + JWKS corev1.LocalObjectReference `json:"jwks,omitempty"` + + // TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + // signing tokens is stored. + // +optional + TokenSigningKey corev1.LocalObjectReference `json:"tokenSigningKey,omitempty"` + + // StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + // signing state parameters is stored. + // +optional + StateSigningKey corev1.LocalObjectReference `json:"stateSigningKey,omitempty"` + + // StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for + // encrypting state parameters is stored. + // +optional + StateEncryptionKey corev1.LocalObjectReference `json:"stateEncryptionKey,omitempty"` +} + +// FederationDomainStatus is a struct that describes the actual state of an OIDC Provider. +type FederationDomainStatus struct { + // Status holds an enum that describes the state of this OIDC Provider. Note that this Status can + // represent success or failure. + // +optional + Status FederationDomainStatusCondition `json:"status,omitempty"` + + // Message provides human-readable details about the Status. + // +optional + Message string `json:"message,omitempty"` + + // LastUpdateTime holds the time at which the Status was last updated. It is a pointer to get + // around some undesirable behavior with respect to the empty metav1.Time value (see + // https://github.com/kubernetes/kubernetes/issues/86811). + // +optional + LastUpdateTime *metav1.Time `json:"lastUpdateTime,omitempty"` + + // Secrets contains information about this OIDC Provider's secrets. + // +optional + Secrets FederationDomainSecrets `json:"secrets,omitempty"` +} + +// FederationDomain describes the configuration of an OIDC provider. +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped +// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer` +// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.status` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type FederationDomain struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec of the OIDC provider. + Spec FederationDomainSpec `json:"spec"` + + // Status of the OIDC provider. + Status FederationDomainStatus `json:"status,omitempty"` +} + +// List of FederationDomain objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type FederationDomainList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []FederationDomain `json:"items"` +} diff --git a/generated/1.23/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.23/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..856b8988 --- /dev/null +++ b/generated/1.23/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,152 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomain) DeepCopyInto(out *FederationDomain) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomain. +func (in *FederationDomain) DeepCopy() *FederationDomain { + if in == nil { + return nil + } + out := new(FederationDomain) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *FederationDomain) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomainList) DeepCopyInto(out *FederationDomainList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]FederationDomain, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainList. +func (in *FederationDomainList) DeepCopy() *FederationDomainList { + if in == nil { + return nil + } + out := new(FederationDomainList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *FederationDomainList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomainSecrets) DeepCopyInto(out *FederationDomainSecrets) { + *out = *in + out.JWKS = in.JWKS + out.TokenSigningKey = in.TokenSigningKey + out.StateSigningKey = in.StateSigningKey + out.StateEncryptionKey = in.StateEncryptionKey + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainSecrets. +func (in *FederationDomainSecrets) DeepCopy() *FederationDomainSecrets { + if in == nil { + return nil + } + out := new(FederationDomainSecrets) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomainSpec) DeepCopyInto(out *FederationDomainSpec) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(FederationDomainTLSSpec) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainSpec. +func (in *FederationDomainSpec) DeepCopy() *FederationDomainSpec { + if in == nil { + return nil + } + out := new(FederationDomainSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomainStatus) DeepCopyInto(out *FederationDomainStatus) { + *out = *in + if in.LastUpdateTime != nil { + in, out := &in.LastUpdateTime, &out.LastUpdateTime + *out = (*in).DeepCopy() + } + out.Secrets = in.Secrets + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainStatus. +func (in *FederationDomainStatus) DeepCopy() *FederationDomainStatus { + if in == nil { + return nil + } + out := new(FederationDomainStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederationDomainTLSSpec) DeepCopyInto(out *FederationDomainTLSSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainTLSSpec. +func (in *FederationDomainTLSSpec) DeepCopy() *FederationDomainTLSSpec { + if in == nil { + return nil + } + out := new(FederationDomainTLSSpec) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.23/apis/supervisor/idp/v1alpha1/doc.go b/generated/1.23/apis/supervisor/idp/v1alpha1/doc.go new file mode 100644 index 00000000..a9e91c47 --- /dev/null +++ b/generated/1.23/apis/supervisor/idp/v1alpha1/doc.go @@ -0,0 +1,11 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:defaulter-gen=TypeMeta +// +groupName=idp.supervisor.pinniped.dev +// +groupGoName=IDP + +// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor identity provider (IDP) API. +package v1alpha1 diff --git a/generated/1.23/apis/supervisor/idp/v1alpha1/register.go b/generated/1.23/apis/supervisor/idp/v1alpha1/register.go new file mode 100644 index 00000000..8829a863 --- /dev/null +++ b/generated/1.23/apis/supervisor/idp/v1alpha1/register.go @@ -0,0 +1,47 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "idp.supervisor.pinniped.dev" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes) +} + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &OIDCIdentityProvider{}, + &OIDCIdentityProviderList{}, + &LDAPIdentityProvider{}, + &LDAPIdentityProviderList{}, + &ActiveDirectoryIdentityProvider{}, + &ActiveDirectoryIdentityProviderList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} diff --git a/generated/1.23/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go b/generated/1.23/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go new file mode 100644 index 00000000..18626629 --- /dev/null +++ b/generated/1.23/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go @@ -0,0 +1,207 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type ActiveDirectoryIdentityProviderPhase string + +const ( + // ActiveDirectoryPhasePending is the default phase for newly-created ActiveDirectoryIdentityProvider resources. + ActiveDirectoryPhasePending ActiveDirectoryIdentityProviderPhase = "Pending" + + // ActiveDirectoryPhaseReady is the phase for an ActiveDirectoryIdentityProvider resource in a healthy state. + ActiveDirectoryPhaseReady ActiveDirectoryIdentityProviderPhase = "Ready" + + // ActiveDirectoryPhaseError is the phase for an ActiveDirectoryIdentityProvider in an unhealthy state. + ActiveDirectoryPhaseError ActiveDirectoryIdentityProviderPhase = "Error" +) + +// Status of an Active Directory identity provider. +type ActiveDirectoryIdentityProviderStatus struct { + // Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + // +kubebuilder:default=Pending + // +kubebuilder:validation:Enum=Pending;Ready;Error + Phase ActiveDirectoryIdentityProviderPhase `json:"phase,omitempty"` + + // Represents the observations of an identity provider's current state. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} + +type ActiveDirectoryIdentityProviderBind struct { + // SecretName contains the name of a namespace-local Secret object that provides the username and + // password for an Active Directory bind user. This account will be used to perform LDAP searches. The Secret should be + // of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value + // should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". + // The password must be non-empty. + // +kubebuilder:validation:MinLength=1 + SecretName string `json:"secretName"` +} + +type ActiveDirectoryIdentityProviderUserSearchAttributes struct { + // Username specifies the name of the attribute in Active Directory entry whose value shall become the username + // of the user after a successful authentication. + // Optional, when empty this defaults to "userPrincipalName". + // +optional + Username string `json:"username,omitempty"` + + // UID specifies the name of the attribute in the ActiveDirectory entry which whose value shall be used to uniquely + // identify the user within this ActiveDirectory provider after a successful authentication. + // Optional, when empty this defaults to "objectGUID". + // +optional + UID string `json:"uid,omitempty"` +} + +type ActiveDirectoryIdentityProviderGroupSearchAttributes struct { + // GroupName specifies the name of the attribute in the Active Directory entries whose value shall become a group name + // in the user's list of groups after a successful authentication. + // The value of this field is case-sensitive and must match the case of the attribute name returned by the ActiveDirectory + // server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". + // Optional. When not specified, this defaults to a custom field that looks like "sAMAccountName@domain", + // where domain is constructed from the domain components of the group DN. + // +optional + GroupName string `json:"groupName,omitempty"` +} + +type ActiveDirectoryIdentityProviderUserSearch struct { + // Base is the dn (distinguished name) that should be used as the search base when searching for users. + // E.g. "ou=users,dc=example,dc=com". + // Optional, when not specified it will be based on the result of a query for the defaultNamingContext + // (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). + // The default behavior searches your entire domain for users. + // It may make sense to specify a subtree as a search base if you wish to exclude some users + // or to make searches faster. + // +optional + Base string `json:"base,omitempty"` + + // Filter is the search filter which should be applied when searching for users. The pattern "{}" must occur + // in the filter at least once and will be dynamically replaced by the username for which the search is being run. + // E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see + // https://ldap.com/ldap-filters. + // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + // Optional. When not specified, the default will be + // '(&(objectClass=person)(!(objectClass=computer))(!(showInAdvancedViewOnly=TRUE))(|(sAMAccountName={}")(mail={})(userPrincipalName={})(sAMAccountType=805306368))' + // This means that the user is a person, is not a computer, the sAMAccountType is for a normal user account, + // and is not shown in advanced view only + // (which would likely mean its a system created service account with advanced permissions). + // Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username. + // +optional + Filter string `json:"filter,omitempty"` + + // Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as + // the result of the user search. + // +optional + Attributes ActiveDirectoryIdentityProviderUserSearchAttributes `json:"attributes,omitempty"` +} + +type ActiveDirectoryIdentityProviderGroupSearch struct { + // Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. + // "ou=groups,dc=example,dc=com". + // Optional, when not specified it will be based on the result of a query for the defaultNamingContext + // (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). + // The default behavior searches your entire domain for groups. + // It may make sense to specify a subtree as a search base if you wish to exclude some groups + // for security reasons or to make searches faster. + // +optional + Base string `json:"base,omitempty"` + + // Filter is the ActiveDirectory search filter which should be applied when searching for groups for a user. + // The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the + // dn (distinguished name) of the user entry found as a result of the user search. E.g. "member={}" or + // "&(objectClass=groupOfNames)(member={})". For more information about ActiveDirectory filters, see + // https://ldap.com/ldap-filters. + // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + // Optional. When not specified, the default will act as if the filter were specified as + // "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={})". + // This searches nested groups by default. + // Note that nested group search can be slow for some Active Directory servers. To disable it, + // you can set the filter to + // "(&(objectClass=group)(member={})" + // +optional + Filter string `json:"filter,omitempty"` + + // Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as + // the result of the group search. + // +optional + Attributes ActiveDirectoryIdentityProviderGroupSearchAttributes `json:"attributes,omitempty"` + + // The user's group membership is refreshed as they interact with the supervisor + // to obtain new credentials (as their old credentials expire). This allows group + // membership changes to be quickly reflected into Kubernetes clusters. Since + // group membership is often used to bind authorization policies, it is important + // to keep the groups observed in Kubernetes clusters in-sync with the identity + // provider. + // + // In some environments, frequent group membership queries may result in a + // significant performance impact on the identity provider and/or the supervisor. + // The best approach to handle performance impacts is to tweak the group query + // to be more performant, for example by disabling nested group search or by + // using a more targeted group search base. + // + // If the group search query cannot be made performant and you are willing to + // have group memberships remain static for approximately a day, then set + // skipGroupRefresh to true. This is an insecure configuration as authorization + // policies that are bound to group membership will not notice if a user has + // been removed from a particular group until their next login. + // + // This is an experimental feature that may be removed or significantly altered + // in the future. Consumers of this configuration should carefully read all + // release notes before upgrading to ensure that the meaning of this field has + // not changed. + SkipGroupRefresh bool `json:"skipGroupRefresh,omitempty"` +} + +// Spec for configuring an ActiveDirectory identity provider. +type ActiveDirectoryIdentityProviderSpec struct { + // Host is the hostname of this Active Directory identity provider, i.e., where to connect. For example: ldap.example.com:636. + // +kubebuilder:validation:MinLength=1 + Host string `json:"host"` + + // TLS contains the connection settings for how to establish the connection to the Host. + TLS *TLSSpec `json:"tls,omitempty"` + + // Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server + // to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + Bind ActiveDirectoryIdentityProviderBind `json:"bind,omitempty"` + + // UserSearch contains the configuration for searching for a user by name in Active Directory. + UserSearch ActiveDirectoryIdentityProviderUserSearch `json:"userSearch,omitempty"` + + // GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory. + GroupSearch ActiveDirectoryIdentityProviderGroupSearch `json:"groupSearch,omitempty"` +} + +// ActiveDirectoryIdentityProvider describes the configuration of an upstream Microsoft Active Directory identity provider. +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps +// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=`.spec.host` +// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type ActiveDirectoryIdentityProvider struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec for configuring the identity provider. + Spec ActiveDirectoryIdentityProviderSpec `json:"spec"` + + // Status of the identity provider. + Status ActiveDirectoryIdentityProviderStatus `json:"status,omitempty"` +} + +// List of ActiveDirectoryIdentityProvider objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type ActiveDirectoryIdentityProviderList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []ActiveDirectoryIdentityProvider `json:"items"` +} diff --git a/generated/1.23/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go b/generated/1.23/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go new file mode 100644 index 00000000..09cb843d --- /dev/null +++ b/generated/1.23/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go @@ -0,0 +1,196 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type LDAPIdentityProviderPhase string + +const ( + // LDAPPhasePending is the default phase for newly-created LDAPIdentityProvider resources. + LDAPPhasePending LDAPIdentityProviderPhase = "Pending" + + // LDAPPhaseReady is the phase for an LDAPIdentityProvider resource in a healthy state. + LDAPPhaseReady LDAPIdentityProviderPhase = "Ready" + + // LDAPPhaseError is the phase for an LDAPIdentityProvider in an unhealthy state. + LDAPPhaseError LDAPIdentityProviderPhase = "Error" +) + +// Status of an LDAP identity provider. +type LDAPIdentityProviderStatus struct { + // Phase summarizes the overall status of the LDAPIdentityProvider. + // +kubebuilder:default=Pending + // +kubebuilder:validation:Enum=Pending;Ready;Error + Phase LDAPIdentityProviderPhase `json:"phase,omitempty"` + + // Represents the observations of an identity provider's current state. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} + +type LDAPIdentityProviderBind struct { + // SecretName contains the name of a namespace-local Secret object that provides the username and + // password for an LDAP bind user. This account will be used to perform LDAP searches. The Secret should be + // of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value + // should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". + // The password must be non-empty. + // +kubebuilder:validation:MinLength=1 + SecretName string `json:"secretName"` +} + +type LDAPIdentityProviderUserSearchAttributes struct { + // Username specifies the name of the attribute in the LDAP entry whose value shall become the username + // of the user after a successful authentication. This would typically be the same attribute name used in + // the user search filter, although it can be different. E.g. "mail" or "uid" or "userPrincipalName". + // The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP + // server in the user's entry. Distinguished names can be used by specifying lower-case "dn". When this field + // is set to "dn" then the LDAPIdentityProviderUserSearch's Filter field cannot be blank, since the default + // value of "dn={}" would not work. + // +kubebuilder:validation:MinLength=1 + Username string `json:"username,omitempty"` + + // UID specifies the name of the attribute in the LDAP entry which whose value shall be used to uniquely + // identify the user within this LDAP provider after a successful authentication. E.g. "uidNumber" or "objectGUID". + // The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP + // server in the user's entry. Distinguished names can be used by specifying lower-case "dn". + // +kubebuilder:validation:MinLength=1 + UID string `json:"uid,omitempty"` +} + +type LDAPIdentityProviderGroupSearchAttributes struct { + // GroupName specifies the name of the attribute in the LDAP entries whose value shall become a group name + // in the user's list of groups after a successful authentication. + // The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP + // server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn". + // Optional. When not specified, the default will act as if the GroupName were specified as "dn" (distinguished name). + // +optional + GroupName string `json:"groupName,omitempty"` +} + +type LDAPIdentityProviderUserSearch struct { + // Base is the dn (distinguished name) that should be used as the search base when searching for users. + // E.g. "ou=users,dc=example,dc=com". + // +kubebuilder:validation:MinLength=1 + Base string `json:"base,omitempty"` + + // Filter is the LDAP search filter which should be applied when searching for users. The pattern "{}" must occur + // in the filter at least once and will be dynamically replaced by the username for which the search is being run. + // E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see + // https://ldap.com/ldap-filters. + // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + // Optional. When not specified, the default will act as if the Filter were specified as the value from + // Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be + // explicitly specified, since the default value of "dn={}" would not work. + // +optional + Filter string `json:"filter,omitempty"` + + // Attributes specifies how the user's information should be read from the LDAP entry which was found as + // the result of the user search. + // +optional + Attributes LDAPIdentityProviderUserSearchAttributes `json:"attributes,omitempty"` +} + +type LDAPIdentityProviderGroupSearch struct { + // Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g. + // "ou=groups,dc=example,dc=com". When not specified, no group search will be performed and + // authenticated users will not belong to any groups from the LDAP provider. Also, when not specified, + // the values of Filter and Attributes are ignored. + // +optional + Base string `json:"base,omitempty"` + + // Filter is the LDAP search filter which should be applied when searching for groups for a user. + // The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the + // dn (distinguished name) of the user entry found as a result of the user search. E.g. "member={}" or + // "&(objectClass=groupOfNames)(member={})". For more information about LDAP filters, see + // https://ldap.com/ldap-filters. + // Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used. + // Optional. When not specified, the default will act as if the Filter were specified as "member={}". + // +optional + Filter string `json:"filter,omitempty"` + + // Attributes specifies how the group's information should be read from each LDAP entry which was found as + // the result of the group search. + // +optional + Attributes LDAPIdentityProviderGroupSearchAttributes `json:"attributes,omitempty"` + + // The user's group membership is refreshed as they interact with the supervisor + // to obtain new credentials (as their old credentials expire). This allows group + // membership changes to be quickly reflected into Kubernetes clusters. Since + // group membership is often used to bind authorization policies, it is important + // to keep the groups observed in Kubernetes clusters in-sync with the identity + // provider. + // + // In some environments, frequent group membership queries may result in a + // significant performance impact on the identity provider and/or the supervisor. + // The best approach to handle performance impacts is to tweak the group query + // to be more performant, for example by disabling nested group search or by + // using a more targeted group search base. + // + // If the group search query cannot be made performant and you are willing to + // have group memberships remain static for approximately a day, then set + // skipGroupRefresh to true. This is an insecure configuration as authorization + // policies that are bound to group membership will not notice if a user has + // been removed from a particular group until their next login. + // + // This is an experimental feature that may be removed or significantly altered + // in the future. Consumers of this configuration should carefully read all + // release notes before upgrading to ensure that the meaning of this field has + // not changed. + SkipGroupRefresh bool `json:"skipGroupRefresh,omitempty"` +} + +// Spec for configuring an LDAP identity provider. +type LDAPIdentityProviderSpec struct { + // Host is the hostname of this LDAP identity provider, i.e., where to connect. For example: ldap.example.com:636. + // +kubebuilder:validation:MinLength=1 + Host string `json:"host"` + + // TLS contains the connection settings for how to establish the connection to the Host. + TLS *TLSSpec `json:"tls,omitempty"` + + // Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server + // to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt. + Bind LDAPIdentityProviderBind `json:"bind,omitempty"` + + // UserSearch contains the configuration for searching for a user by name in the LDAP provider. + UserSearch LDAPIdentityProviderUserSearch `json:"userSearch,omitempty"` + + // GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider. + GroupSearch LDAPIdentityProviderGroupSearch `json:"groupSearch,omitempty"` +} + +// LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access +// Protocol (LDAP) identity provider. +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps +// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=`.spec.host` +// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type LDAPIdentityProvider struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec for configuring the identity provider. + Spec LDAPIdentityProviderSpec `json:"spec"` + + // Status of the identity provider. + Status LDAPIdentityProviderStatus `json:"status,omitempty"` +} + +// List of LDAPIdentityProvider objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type LDAPIdentityProviderList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []LDAPIdentityProvider `json:"items"` +} diff --git a/generated/1.23/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/1.23/apis/supervisor/idp/v1alpha1/types_meta.go new file mode 100644 index 00000000..76a7d547 --- /dev/null +++ b/generated/1.23/apis/supervisor/idp/v1alpha1/types_meta.go @@ -0,0 +1,75 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// ConditionStatus is effectively an enum type for Condition.Status. +type ConditionStatus string + +// These are valid condition statuses. "ConditionTrue" means a resource is in the condition. +// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes +// can't decide if a resource is in the condition or not. In the future, we could add other +// intermediate conditions, e.g. ConditionDegraded. +const ( + ConditionTrue ConditionStatus = "True" + ConditionFalse ConditionStatus = "False" + ConditionUnknown ConditionStatus = "Unknown" +) + +// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API +// version we can switch to using the upstream type. +// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. +type Condition struct { + // type of condition in CamelCase or in foo.example.com/CamelCase. + // --- + // Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + // useful (see .node.status.conditions), the ability to deconflict is important. + // The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$` + // +kubebuilder:validation:MaxLength=316 + Type string `json:"type"` + + // status of the condition, one of True, False, Unknown. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Enum=True;False;Unknown + Status ConditionStatus `json:"status"` + + // observedGeneration represents the .metadata.generation that the condition was set based upon. + // For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + // with respect to the current state of the instance. + // +optional + // +kubebuilder:validation:Minimum=0 + ObservedGeneration int64 `json:"observedGeneration,omitempty"` + + // lastTransitionTime is the last time the condition transitioned from one status to another. + // This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:Type=string + // +kubebuilder:validation:Format=date-time + LastTransitionTime metav1.Time `json:"lastTransitionTime"` + + // reason contains a programmatic identifier indicating the reason for the condition's last transition. + // Producers of specific condition types may define expected values and meanings for this field, + // and whether the values are considered a guaranteed API. + // The value should be a CamelCase string. + // This field may not be empty. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:MaxLength=1024 + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$` + Reason string `json:"reason"` + + // message is a human readable message indicating details about the transition. + // This may be an empty string. + // +required + // +kubebuilder:validation:Required + // +kubebuilder:validation:MaxLength=32768 + Message string `json:"message"` +} diff --git a/generated/1.23/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go b/generated/1.23/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go new file mode 100644 index 00000000..798275a9 --- /dev/null +++ b/generated/1.23/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go @@ -0,0 +1,206 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type OIDCIdentityProviderPhase string + +const ( + // PhasePending is the default phase for newly-created OIDCIdentityProvider resources. + PhasePending OIDCIdentityProviderPhase = "Pending" + + // PhaseReady is the phase for an OIDCIdentityProvider resource in a healthy state. + PhaseReady OIDCIdentityProviderPhase = "Ready" + + // PhaseError is the phase for an OIDCIdentityProvider in an unhealthy state. + PhaseError OIDCIdentityProviderPhase = "Error" +) + +// OIDCIdentityProviderStatus is the status of an OIDC identity provider. +type OIDCIdentityProviderStatus struct { + // Phase summarizes the overall status of the OIDCIdentityProvider. + // +kubebuilder:default=Pending + // +kubebuilder:validation:Enum=Pending;Ready;Error + Phase OIDCIdentityProviderPhase `json:"phase,omitempty"` + + // Represents the observations of an identity provider's current state. + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` +} + +// OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization +// request parameters. +type OIDCAuthorizationConfig struct { + // additionalScopes are the additional scopes that will be requested from your OIDC provider in the authorization + // request during an OIDC Authorization Code Flow and in the token request during a Resource Owner Password Credentials + // Grant. Note that the "openid" scope will always be requested regardless of the value in this setting, since it is + // always required according to the OIDC spec. By default, when this field is not set, the Supervisor will request + // the following scopes: "openid", "offline_access", "email", and "profile". See + // https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims for a description of the "profile" and "email" + // scopes. See https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess for a description of the + // "offline_access" scope. This default value may change in future versions of Pinniped as the standard evolves, + // or as common patterns used by providers who implement the standard in the ecosystem evolve. + // By setting this list to anything other than an empty list, you are overriding the + // default value, so you may wish to include some of "offline_access", "email", and "profile" in your override list. + // If you do not want any of these scopes to be requested, you may set this list to contain only "openid". + // Some OIDC providers may also require a scope to get access to the user's group membership, in which case you + // may wish to include it in this list. Sometimes the scope to request the user's group membership is called + // "groups", but unfortunately this is not specified in the OIDC standard. + // Generally speaking, you should include any scopes required to cause the appropriate claims to be the returned by + // your OIDC provider in the ID token or userinfo endpoint results for those claims which you would like to use in + // the oidcClaims settings to determine the usernames and group memberships of your Kubernetes users. See + // your OIDC provider's documentation for more information about what scopes are available to request claims. + // Additionally, the Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the Supervisor + // from these authorization flows. For most OIDC providers, the scope required to receive refresh tokens will be + // "offline_access". See the documentation of your OIDC provider's authorization and token endpoints for its + // requirements for what to include in the request in order to receive a refresh token in the response, if anything. + // Note that it may be safe to send "offline_access" even to providers which do not require it, since the provider + // may ignore scopes that it does not understand or require (see + // https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the + // "offline_access" scope, then you must override the default value of this setting. This is required if your OIDC + // provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider). + // +optional + AdditionalScopes []string `json:"additionalScopes,omitempty"` + + // additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your + // OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra + // parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id", + // "state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be + // included in this setting. Additionally, the "hd" parameter cannot be included in this setting at this time. + // The "hd" parameter is used by Google's OIDC provider to provide a hint as to which "hosted domain" the user + // should use during login. However, Pinniped does not yet support validating the hosted domain in the resulting + // ID token, so it is not yet safe to use this feature of Google's OIDC provider with Pinniped. + // This setting does not influence the parameters sent to the token endpoint in the Resource Owner Password + // Credentials Grant. The Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the + // Supervisor from the authorization flows. Some OIDC providers may require a certain value for the "prompt" + // parameter in order to properly request refresh tokens. See the documentation of your OIDC provider's + // authorization endpoint for its requirements for what to include in the request in order to receive a refresh + // token in the response, if anything. If your provider requires the prompt parameter to request a refresh token, + // then include it here. Also note that most providers also require a certain scope to be requested in order to + // receive refresh tokens. See the additionalScopes setting for more information about using scopes to request + // refresh tokens. + // +optional + // +patchMergeKey=name + // +patchStrategy=merge + // +listType=map + // +listMapKey=name + AdditionalAuthorizeParameters []Parameter `json:"additionalAuthorizeParameters,omitempty"` + + // allowPasswordGrant, when true, will allow the use of OAuth 2.0's Resource Owner Password Credentials Grant + // (see https://datatracker.ietf.org/doc/html/rfc6749#section-4.3) to authenticate to the OIDC provider using a + // username and password without a web browser, in addition to the usual browser-based OIDC Authorization Code Flow. + // The Resource Owner Password Credentials Grant is not officially part of the OIDC specification, so it may not be + // supported by your OIDC provider. If your OIDC provider supports returning ID tokens from a Resource Owner Password + // Credentials Grant token request, then you can choose to set this field to true. This will allow end users to choose + // to present their username and password to the kubectl CLI (using the Pinniped plugin) to authenticate to the + // cluster, without using a web browser to log in as is customary in OIDC Authorization Code Flow. This may be + // convenient for users, especially for identities from your OIDC provider which are not intended to represent a human + // actor, such as service accounts performing actions in a CI/CD environment. Even if your OIDC provider supports it, + // you may wish to disable this behavior by setting this field to false when you prefer to only allow users of this + // OIDCIdentityProvider to log in via the browser-based OIDC Authorization Code Flow. Using the Resource Owner Password + // Credentials Grant means that the Pinniped CLI and Pinniped Supervisor will directly handle your end users' passwords + // (similar to LDAPIdentityProvider), and you will not be able to require multi-factor authentication or use the other + // web-based login features of your OIDC provider during Resource Owner Password Credentials Grant logins. + // allowPasswordGrant defaults to false. + // +optional + AllowPasswordGrant bool `json:"allowPasswordGrant,omitempty"` +} + +// Parameter is a key/value pair which represents a parameter in an HTTP request. +type Parameter struct { + // The name of the parameter. Required. + // +kubebuilder:validation:MinLength=1 + Name string `json:"name"` + + // The value of the parameter. + // +optional + Value string `json:"value,omitempty"` +} + +// OIDCClaims provides a mapping from upstream claims into identities. +type OIDCClaims struct { + // Groups provides the name of the ID token claim or userinfo endpoint response claim that will be used to ascertain + // the groups to which an identity belongs. By default, the identities will not include any group memberships when + // this setting is not configured. + // +optional + Groups string `json:"groups"` + + // Username provides the name of the ID token claim or userinfo endpoint response claim that will be used to + // ascertain an identity's username. When not set, the username will be an automatically constructed unique string + // which will include the issuer URL of your OIDC provider along with the value of the "sub" (subject) claim from + // the ID token. + // +optional + Username string `json:"username"` +} + +// OIDCClient contains information about an OIDC client (e.g., client ID and client +// secret). +type OIDCClient struct { + // SecretName contains the name of a namespace-local Secret object that provides the clientID and + // clientSecret for an OIDC client. If only the SecretName is specified in an OIDCClient + // struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oidc-client" with keys + // "clientID" and "clientSecret". + SecretName string `json:"secretName"` +} + +// OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider. +type OIDCIdentityProviderSpec struct { + // Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch + // /.well-known/openid-configuration. + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Pattern=`^https://` + Issuer string `json:"issuer"` + + // TLS configuration for discovery/JWKS requests to the issuer. + // +optional + TLS *TLSSpec `json:"tls,omitempty"` + + // AuthorizationConfig holds information about how to form the OAuth2 authorization request + // parameters to be used with this OIDC identity provider. + // +optional + AuthorizationConfig OIDCAuthorizationConfig `json:"authorizationConfig,omitempty"` + + // Claims provides the names of token claims that will be used when inspecting an identity from + // this OIDC identity provider. + // +optional + Claims OIDCClaims `json:"claims"` + + // OIDCClient contains OIDC client information to be used used with this OIDC identity + // provider. + Client OIDCClient `json:"client"` +} + +// OIDCIdentityProvider describes the configuration of an upstream OpenID Connect identity provider. +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps +// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer` +// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:subresource:status +type OIDCIdentityProvider struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec for configuring the identity provider. + Spec OIDCIdentityProviderSpec `json:"spec"` + + // Status of the identity provider. + Status OIDCIdentityProviderStatus `json:"status,omitempty"` +} + +// OIDCIdentityProviderList lists OIDCIdentityProvider objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCIdentityProviderList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []OIDCIdentityProvider `json:"items"` +} diff --git a/generated/1.23/apis/supervisor/idp/v1alpha1/types_tls.go b/generated/1.23/apis/supervisor/idp/v1alpha1/types_tls.go new file mode 100644 index 00000000..1413a262 --- /dev/null +++ b/generated/1.23/apis/supervisor/idp/v1alpha1/types_tls.go @@ -0,0 +1,11 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +// Configuration for TLS parameters related to identity provider integration. +type TLSSpec struct { + // X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. + // +optional + CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` +} diff --git a/generated/1.23/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.23/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..5f5be6f3 --- /dev/null +++ b/generated/1.23/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,608 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProvider) DeepCopyInto(out *ActiveDirectoryIdentityProvider) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProvider. +func (in *ActiveDirectoryIdentityProvider) DeepCopy() *ActiveDirectoryIdentityProvider { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProvider) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ActiveDirectoryIdentityProvider) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderBind) DeepCopyInto(out *ActiveDirectoryIdentityProviderBind) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderBind. +func (in *ActiveDirectoryIdentityProviderBind) DeepCopy() *ActiveDirectoryIdentityProviderBind { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderBind) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderGroupSearch) DeepCopyInto(out *ActiveDirectoryIdentityProviderGroupSearch) { + *out = *in + out.Attributes = in.Attributes + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderGroupSearch. +func (in *ActiveDirectoryIdentityProviderGroupSearch) DeepCopy() *ActiveDirectoryIdentityProviderGroupSearch { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderGroupSearch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderGroupSearchAttributes) DeepCopyInto(out *ActiveDirectoryIdentityProviderGroupSearchAttributes) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderGroupSearchAttributes. +func (in *ActiveDirectoryIdentityProviderGroupSearchAttributes) DeepCopy() *ActiveDirectoryIdentityProviderGroupSearchAttributes { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderGroupSearchAttributes) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderList) DeepCopyInto(out *ActiveDirectoryIdentityProviderList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ActiveDirectoryIdentityProvider, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderList. +func (in *ActiveDirectoryIdentityProviderList) DeepCopy() *ActiveDirectoryIdentityProviderList { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ActiveDirectoryIdentityProviderList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderSpec) DeepCopyInto(out *ActiveDirectoryIdentityProviderSpec) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(TLSSpec) + **out = **in + } + out.Bind = in.Bind + out.UserSearch = in.UserSearch + out.GroupSearch = in.GroupSearch + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderSpec. +func (in *ActiveDirectoryIdentityProviderSpec) DeepCopy() *ActiveDirectoryIdentityProviderSpec { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderStatus) DeepCopyInto(out *ActiveDirectoryIdentityProviderStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderStatus. +func (in *ActiveDirectoryIdentityProviderStatus) DeepCopy() *ActiveDirectoryIdentityProviderStatus { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderUserSearch) DeepCopyInto(out *ActiveDirectoryIdentityProviderUserSearch) { + *out = *in + out.Attributes = in.Attributes + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderUserSearch. +func (in *ActiveDirectoryIdentityProviderUserSearch) DeepCopy() *ActiveDirectoryIdentityProviderUserSearch { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderUserSearch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopyInto(out *ActiveDirectoryIdentityProviderUserSearchAttributes) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderUserSearchAttributes. +func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopy() *ActiveDirectoryIdentityProviderUserSearchAttributes { + if in == nil { + return nil + } + out := new(ActiveDirectoryIdentityProviderUserSearchAttributes) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Condition) DeepCopyInto(out *Condition) { + *out = *in + in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition. +func (in *Condition) DeepCopy() *Condition { + if in == nil { + return nil + } + out := new(Condition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProvider) DeepCopyInto(out *LDAPIdentityProvider) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProvider. +func (in *LDAPIdentityProvider) DeepCopy() *LDAPIdentityProvider { + if in == nil { + return nil + } + out := new(LDAPIdentityProvider) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *LDAPIdentityProvider) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderBind) DeepCopyInto(out *LDAPIdentityProviderBind) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderBind. +func (in *LDAPIdentityProviderBind) DeepCopy() *LDAPIdentityProviderBind { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderBind) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderGroupSearch) DeepCopyInto(out *LDAPIdentityProviderGroupSearch) { + *out = *in + out.Attributes = in.Attributes + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderGroupSearch. +func (in *LDAPIdentityProviderGroupSearch) DeepCopy() *LDAPIdentityProviderGroupSearch { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderGroupSearch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderGroupSearchAttributes) DeepCopyInto(out *LDAPIdentityProviderGroupSearchAttributes) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderGroupSearchAttributes. +func (in *LDAPIdentityProviderGroupSearchAttributes) DeepCopy() *LDAPIdentityProviderGroupSearchAttributes { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderGroupSearchAttributes) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderList) DeepCopyInto(out *LDAPIdentityProviderList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]LDAPIdentityProvider, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderList. +func (in *LDAPIdentityProviderList) DeepCopy() *LDAPIdentityProviderList { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *LDAPIdentityProviderList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderSpec) DeepCopyInto(out *LDAPIdentityProviderSpec) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(TLSSpec) + **out = **in + } + out.Bind = in.Bind + out.UserSearch = in.UserSearch + out.GroupSearch = in.GroupSearch + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderSpec. +func (in *LDAPIdentityProviderSpec) DeepCopy() *LDAPIdentityProviderSpec { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderStatus) DeepCopyInto(out *LDAPIdentityProviderStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderStatus. +func (in *LDAPIdentityProviderStatus) DeepCopy() *LDAPIdentityProviderStatus { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderUserSearch) DeepCopyInto(out *LDAPIdentityProviderUserSearch) { + *out = *in + out.Attributes = in.Attributes + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderUserSearch. +func (in *LDAPIdentityProviderUserSearch) DeepCopy() *LDAPIdentityProviderUserSearch { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderUserSearch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LDAPIdentityProviderUserSearchAttributes) DeepCopyInto(out *LDAPIdentityProviderUserSearchAttributes) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderUserSearchAttributes. +func (in *LDAPIdentityProviderUserSearchAttributes) DeepCopy() *LDAPIdentityProviderUserSearchAttributes { + if in == nil { + return nil + } + out := new(LDAPIdentityProviderUserSearchAttributes) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCAuthorizationConfig) DeepCopyInto(out *OIDCAuthorizationConfig) { + *out = *in + if in.AdditionalScopes != nil { + in, out := &in.AdditionalScopes, &out.AdditionalScopes + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AdditionalAuthorizeParameters != nil { + in, out := &in.AdditionalAuthorizeParameters, &out.AdditionalAuthorizeParameters + *out = make([]Parameter, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCAuthorizationConfig. +func (in *OIDCAuthorizationConfig) DeepCopy() *OIDCAuthorizationConfig { + if in == nil { + return nil + } + out := new(OIDCAuthorizationConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClaims) DeepCopyInto(out *OIDCClaims) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClaims. +func (in *OIDCClaims) DeepCopy() *OIDCClaims { + if in == nil { + return nil + } + out := new(OIDCClaims) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. +func (in *OIDCClient) DeepCopy() *OIDCClient { + if in == nil { + return nil + } + out := new(OIDCClient) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCIdentityProvider) DeepCopyInto(out *OIDCIdentityProvider) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProvider. +func (in *OIDCIdentityProvider) DeepCopy() *OIDCIdentityProvider { + if in == nil { + return nil + } + out := new(OIDCIdentityProvider) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCIdentityProvider) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCIdentityProviderList) DeepCopyInto(out *OIDCIdentityProviderList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCIdentityProvider, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderList. +func (in *OIDCIdentityProviderList) DeepCopy() *OIDCIdentityProviderList { + if in == nil { + return nil + } + out := new(OIDCIdentityProviderList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCIdentityProviderList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCIdentityProviderSpec) DeepCopyInto(out *OIDCIdentityProviderSpec) { + *out = *in + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(TLSSpec) + **out = **in + } + in.AuthorizationConfig.DeepCopyInto(&out.AuthorizationConfig) + out.Claims = in.Claims + out.Client = in.Client + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderSpec. +func (in *OIDCIdentityProviderSpec) DeepCopy() *OIDCIdentityProviderSpec { + if in == nil { + return nil + } + out := new(OIDCIdentityProviderSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCIdentityProviderStatus) DeepCopyInto(out *OIDCIdentityProviderStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderStatus. +func (in *OIDCIdentityProviderStatus) DeepCopy() *OIDCIdentityProviderStatus { + if in == nil { + return nil + } + out := new(OIDCIdentityProviderStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Parameter) DeepCopyInto(out *Parameter) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Parameter. +func (in *Parameter) DeepCopy() *Parameter { + if in == nil { + return nil + } + out := new(Parameter) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSSpec) DeepCopyInto(out *TLSSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSSpec. +func (in *TLSSpec) DeepCopy() *TLSSpec { + if in == nil { + return nil + } + out := new(TLSSpec) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.23/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go b/generated/1.23/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go new file mode 100644 index 00000000..ea055090 --- /dev/null +++ b/generated/1.23/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go @@ -0,0 +1,66 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package v1alpha1 + +// IDPType are the strings that can be returned by the Supervisor identity provider discovery endpoint +// as the "type" of each returned identity provider. +type IDPType string + +// IDPFlow are the strings that can be returned by the Supervisor identity provider discovery endpoint +// in the array of allowed client "flows" for each returned identity provider. +type IDPFlow string + +const ( + IDPTypeOIDC IDPType = "oidc" + IDPTypeLDAP IDPType = "ldap" + IDPTypeActiveDirectory IDPType = "activedirectory" + + IDPFlowCLIPassword IDPFlow = "cli_password" + IDPFlowBrowserAuthcode IDPFlow = "browser_authcode" +) + +// Equals is a convenience function for comparing an IDPType to a string. +func (r IDPType) Equals(s string) bool { + return string(r) == s +} + +// String is a convenience function to convert an IDPType to a string. +func (r IDPType) String() string { + return string(r) +} + +// Equals is a convenience function for comparing an IDPFlow to a string. +func (r IDPFlow) Equals(s string) bool { + return string(r) == s +} + +// String is a convenience function to convert an IDPFlow to a string. +func (r IDPFlow) String() string { + return string(r) +} + +// OIDCDiscoveryResponse is part of the response from a FederationDomain's OpenID Provider Configuration +// Document returned by the .well-known/openid-configuration endpoint. It ignores all the standard OpenID Provider +// configuration metadata and only picks out the portion related to Supervisor identity provider discovery. +type OIDCDiscoveryResponse struct { + SupervisorDiscovery OIDCDiscoveryResponseIDPEndpoint `json:"discovery.supervisor.pinniped.dev/v1alpha1"` +} + +// OIDCDiscoveryResponseIDPEndpoint contains the URL for the identity provider discovery endpoint. +type OIDCDiscoveryResponseIDPEndpoint struct { + PinnipedIDPsEndpoint string `json:"pinniped_identity_providers_endpoint"` +} + +// IDPDiscoveryResponse is the response of a FederationDomain's identity provider discovery endpoint. +type IDPDiscoveryResponse struct { + PinnipedIDPs []PinnipedIDP `json:"pinniped_identity_providers"` +} + +// PinnipedIDP describes a single identity provider as included in the response of a FederationDomain's +// identity provider discovery endpoint. +type PinnipedIDP struct { + Name string `json:"name"` + Type IDPType `json:"type"` + Flows []IDPFlow `json:"flows,omitempty"` +} diff --git a/generated/1.23/apis/supervisor/oidc/types_supervisor_oidc.go b/generated/1.23/apis/supervisor/oidc/types_supervisor_oidc.go new file mode 100644 index 00000000..b35aafcb --- /dev/null +++ b/generated/1.23/apis/supervisor/oidc/types_supervisor_oidc.go @@ -0,0 +1,25 @@ +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +package oidc + +// Constants related to the Supervisor FederationDomain's authorization and token endpoints. +const ( + // AuthorizeUsernameHeaderName is the name of the HTTP header which can be used to transmit a username + // to the authorize endpoint when using a password flow, for example an OIDCIdentityProvider with a password grant + // or an LDAPIdentityProvider. + AuthorizeUsernameHeaderName = "Pinniped-Username" + + // AuthorizePasswordHeaderName is the name of the HTTP header which can be used to transmit a password + // to the authorize endpoint when using a password flow, for example an OIDCIdentityProvider with a password grant + // or an LDAPIdentityProvider. + AuthorizePasswordHeaderName = "Pinniped-Password" //nolint:gosec // this is not a credential + + // AuthorizeUpstreamIDPNameParamName is the name of the HTTP request parameter which can be used to help select which + // identity provider should be used for authentication by sending the name of the desired identity provider. + AuthorizeUpstreamIDPNameParamName = "pinniped_idp_name" + + // AuthorizeUpstreamIDPTypeParamName is the name of the HTTP request parameter which can be used to help select which + // identity provider should be used for authentication by sending the type of the desired identity provider. + AuthorizeUpstreamIDPTypeParamName = "pinniped_idp_type" +) diff --git a/generated/1.23/client/concierge/clientset/versioned/clientset.go b/generated/1.23/client/concierge/clientset/versioned/clientset.go new file mode 100644 index 00000000..ba3cb60b --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/clientset.go @@ -0,0 +1,143 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package versioned + +import ( + "fmt" + "net/http" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" +) + +type Interface interface { + Discovery() discovery.DiscoveryInterface + AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface + ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface + IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface + LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface +} + +// Clientset contains the clients for groups. Each group has exactly one +// version included in a Clientset. +type Clientset struct { + *discovery.DiscoveryClient + authenticationV1alpha1 *authenticationv1alpha1.AuthenticationV1alpha1Client + configV1alpha1 *configv1alpha1.ConfigV1alpha1Client + identityV1alpha1 *identityv1alpha1.IdentityV1alpha1Client + loginV1alpha1 *loginv1alpha1.LoginV1alpha1Client +} + +// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client +func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { + return c.authenticationV1alpha1 +} + +// ConfigV1alpha1 retrieves the ConfigV1alpha1Client +func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { + return c.configV1alpha1 +} + +// IdentityV1alpha1 retrieves the IdentityV1alpha1Client +func (c *Clientset) IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface { + return c.identityV1alpha1 +} + +// LoginV1alpha1 retrieves the LoginV1alpha1Client +func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface { + return c.loginV1alpha1 +} + +// Discovery retrieves the DiscoveryClient +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + if c == nil { + return nil + } + return c.DiscoveryClient +} + +// NewForConfig creates a new Clientset for the given config. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfig will generate a rate-limiter in configShallowCopy. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). +func NewForConfig(c *rest.Config) (*Clientset, error) { + configShallowCopy := *c + + // share the transport between all clients + httpClient, err := rest.HTTPClientFor(&configShallowCopy) + if err != nil { + return nil, err + } + + return NewForConfigAndClient(&configShallowCopy, httpClient) +} + +// NewForConfigAndClient creates a new Clientset for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfigAndClient will generate a rate-limiter in configShallowCopy. +func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, error) { + configShallowCopy := *c + if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { + if configShallowCopy.Burst <= 0 { + return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") + } + configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) + } + + var cs Clientset + var err error + cs.authenticationV1alpha1, err = authenticationv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + cs.configV1alpha1, err = configv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + cs.identityV1alpha1, err = identityv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + cs.loginV1alpha1, err = loginv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + return &cs, nil +} + +// NewForConfigOrDie creates a new Clientset for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *Clientset { + cs, err := NewForConfig(c) + if err != nil { + panic(err) + } + return cs +} + +// New creates a new Clientset for the given RESTClient. +func New(c rest.Interface) *Clientset { + var cs Clientset + cs.authenticationV1alpha1 = authenticationv1alpha1.New(c) + cs.configV1alpha1 = configv1alpha1.New(c) + cs.identityV1alpha1 = identityv1alpha1.New(c) + cs.loginV1alpha1 = loginv1alpha1.New(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClient(c) + return &cs +} diff --git a/generated/1.23/client/concierge/clientset/versioned/doc.go b/generated/1.23/client/concierge/clientset/versioned/doc.go new file mode 100644 index 00000000..5dc02e6e --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated clientset. +package versioned diff --git a/generated/1.23/client/concierge/clientset/versioned/fake/clientset_generated.go b/generated/1.23/client/concierge/clientset/versioned/fake/clientset_generated.go new file mode 100644 index 00000000..3e765928 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/fake/clientset_generated.go @@ -0,0 +1,93 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + clientset "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned" + authenticationv1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + fakeauthenticationv1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake" + configv1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1" + fakeconfigv1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/fake" + identityv1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1" + fakeidentityv1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake" + loginv1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1" + fakeloginv1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/fake" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/discovery" + fakediscovery "k8s.io/client-go/discovery/fake" + "k8s.io/client-go/testing" +) + +// NewSimpleClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +func NewSimpleClientset(objects ...runtime.Object) *Clientset { + o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{tracker: o} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +// Clientset implements clientset.Interface. Meant to be embedded into a +// struct to get a default implementation. This makes faking out just the method +// you want to test easier. +type Clientset struct { + testing.Fake + discovery *fakediscovery.FakeDiscovery + tracker testing.ObjectTracker +} + +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + return c.discovery +} + +func (c *Clientset) Tracker() testing.ObjectTracker { + return c.tracker +} + +var ( + _ clientset.Interface = &Clientset{} + _ testing.FakeClient = &Clientset{} +) + +// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client +func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { + return &fakeauthenticationv1alpha1.FakeAuthenticationV1alpha1{Fake: &c.Fake} +} + +// ConfigV1alpha1 retrieves the ConfigV1alpha1Client +func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { + return &fakeconfigv1alpha1.FakeConfigV1alpha1{Fake: &c.Fake} +} + +// IdentityV1alpha1 retrieves the IdentityV1alpha1Client +func (c *Clientset) IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface { + return &fakeidentityv1alpha1.FakeIdentityV1alpha1{Fake: &c.Fake} +} + +// LoginV1alpha1 retrieves the LoginV1alpha1Client +func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface { + return &fakeloginv1alpha1.FakeLoginV1alpha1{Fake: &c.Fake} +} diff --git a/generated/1.23/client/concierge/clientset/versioned/fake/doc.go b/generated/1.23/client/concierge/clientset/versioned/fake/doc.go new file mode 100644 index 00000000..7c9538fd --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated fake clientset. +package fake diff --git a/generated/1.23/client/concierge/clientset/versioned/fake/register.go b/generated/1.23/client/concierge/clientset/versioned/fake/register.go new file mode 100644 index 00000000..c4a8329d --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/fake/register.go @@ -0,0 +1,49 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/login/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var scheme = runtime.NewScheme() +var codecs = serializer.NewCodecFactory(scheme) + +var localSchemeBuilder = runtime.SchemeBuilder{ + authenticationv1alpha1.AddToScheme, + configv1alpha1.AddToScheme, + identityv1alpha1.AddToScheme, + loginv1alpha1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(scheme)) +} diff --git a/generated/1.23/client/concierge/clientset/versioned/scheme/doc.go b/generated/1.23/client/concierge/clientset/versioned/scheme/doc.go new file mode 100644 index 00000000..cc02f1d3 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/scheme/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package contains the scheme of the automatically generated clientset. +package scheme diff --git a/generated/1.23/client/concierge/clientset/versioned/scheme/register.go b/generated/1.23/client/concierge/clientset/versioned/scheme/register.go new file mode 100644 index 00000000..a7c9601d --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/scheme/register.go @@ -0,0 +1,49 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package scheme + +import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/config/v1alpha1" + identityv1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/identity/v1alpha1" + loginv1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/login/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var Scheme = runtime.NewScheme() +var Codecs = serializer.NewCodecFactory(Scheme) +var ParameterCodec = runtime.NewParameterCodec(Scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + authenticationv1alpha1.AddToScheme, + configv1alpha1.AddToScheme, + identityv1alpha1.AddToScheme, + loginv1alpha1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(Scheme)) +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go new file mode 100644 index 00000000..b5e34811 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go @@ -0,0 +1,99 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "net/http" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/authentication/v1alpha1" + "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type AuthenticationV1alpha1Interface interface { + RESTClient() rest.Interface + JWTAuthenticatorsGetter + WebhookAuthenticatorsGetter +} + +// AuthenticationV1alpha1Client is used to interact with features provided by the authentication.concierge.pinniped.dev group. +type AuthenticationV1alpha1Client struct { + restClient rest.Interface +} + +func (c *AuthenticationV1alpha1Client) JWTAuthenticators() JWTAuthenticatorInterface { + return newJWTAuthenticators(c) +} + +func (c *AuthenticationV1alpha1Client) WebhookAuthenticators() WebhookAuthenticatorInterface { + return newWebhookAuthenticators(c) +} + +// NewForConfig creates a new AuthenticationV1alpha1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). +func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new AuthenticationV1alpha1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AuthenticationV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) + if err != nil { + return nil, err + } + return &AuthenticationV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new AuthenticationV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *AuthenticationV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new AuthenticationV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *AuthenticationV1alpha1Client { + return &AuthenticationV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *AuthenticationV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go new file mode 100644 index 00000000..2d518e91 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go @@ -0,0 +1,31 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeAuthenticationV1alpha1 struct { + *testing.Fake +} + +func (c *FakeAuthenticationV1alpha1) JWTAuthenticators() v1alpha1.JWTAuthenticatorInterface { + return &FakeJWTAuthenticators{c} +} + +func (c *FakeAuthenticationV1alpha1) WebhookAuthenticators() v1alpha1.WebhookAuthenticatorInterface { + return &FakeWebhookAuthenticators{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeAuthenticationV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go new file mode 100644 index 00000000..8f385aa6 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go @@ -0,0 +1,120 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeJWTAuthenticators implements JWTAuthenticatorInterface +type FakeJWTAuthenticators struct { + Fake *FakeAuthenticationV1alpha1 +} + +var jwtauthenticatorsResource = schema.GroupVersionResource{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Resource: "jwtauthenticators"} + +var jwtauthenticatorsKind = schema.GroupVersionKind{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Kind: "JWTAuthenticator"} + +// Get takes name of the jWTAuthenticator, and returns the corresponding jWTAuthenticator object, and an error if there is any. +func (c *FakeJWTAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.JWTAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(jwtauthenticatorsResource, name), &v1alpha1.JWTAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.JWTAuthenticator), err +} + +// List takes label and field selectors, and returns the list of JWTAuthenticators that match those selectors. +func (c *FakeJWTAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.JWTAuthenticatorList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(jwtauthenticatorsResource, jwtauthenticatorsKind, opts), &v1alpha1.JWTAuthenticatorList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.JWTAuthenticatorList{ListMeta: obj.(*v1alpha1.JWTAuthenticatorList).ListMeta} + for _, item := range obj.(*v1alpha1.JWTAuthenticatorList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested jWTAuthenticators. +func (c *FakeJWTAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(jwtauthenticatorsResource, opts)) +} + +// Create takes the representation of a jWTAuthenticator and creates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. +func (c *FakeJWTAuthenticators) Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (result *v1alpha1.JWTAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(jwtauthenticatorsResource, jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.JWTAuthenticator), err +} + +// Update takes the representation of a jWTAuthenticator and updates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. +func (c *FakeJWTAuthenticators) Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(jwtauthenticatorsResource, jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.JWTAuthenticator), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeJWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(jwtauthenticatorsResource, "status", jWTAuthenticator), &v1alpha1.JWTAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.JWTAuthenticator), err +} + +// Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. +func (c *FakeJWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteActionWithOptions(jwtauthenticatorsResource, name, opts), &v1alpha1.JWTAuthenticator{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeJWTAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(jwtauthenticatorsResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.JWTAuthenticatorList{}) + return err +} + +// Patch applies the patch and returns the patched jWTAuthenticator. +func (c *FakeJWTAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(jwtauthenticatorsResource, name, pt, data, subresources...), &v1alpha1.JWTAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.JWTAuthenticator), err +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go new file mode 100644 index 00000000..b483658b --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go @@ -0,0 +1,120 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeWebhookAuthenticators implements WebhookAuthenticatorInterface +type FakeWebhookAuthenticators struct { + Fake *FakeAuthenticationV1alpha1 +} + +var webhookauthenticatorsResource = schema.GroupVersionResource{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Resource: "webhookauthenticators"} + +var webhookauthenticatorsKind = schema.GroupVersionKind{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Kind: "WebhookAuthenticator"} + +// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. +func (c *FakeWebhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(webhookauthenticatorsResource, name), &v1alpha1.WebhookAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. +func (c *FakeWebhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(webhookauthenticatorsResource, webhookauthenticatorsKind, opts), &v1alpha1.WebhookAuthenticatorList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.WebhookAuthenticatorList{ListMeta: obj.(*v1alpha1.WebhookAuthenticatorList).ListMeta} + for _, item := range obj.(*v1alpha1.WebhookAuthenticatorList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested webhookAuthenticators. +func (c *FakeWebhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(webhookauthenticatorsResource, opts)) +} + +// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *FakeWebhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(webhookauthenticatorsResource, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *FakeWebhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(webhookauthenticatorsResource, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeWebhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(webhookauthenticatorsResource, "status", webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. +func (c *FakeWebhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteActionWithOptions(webhookauthenticatorsResource, name, opts), &v1alpha1.WebhookAuthenticator{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeWebhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(webhookauthenticatorsResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.WebhookAuthenticatorList{}) + return err +} + +// Patch applies the patch and returns the patched webhookAuthenticator. +func (c *FakeWebhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(webhookauthenticatorsResource, name, pt, data, subresources...), &v1alpha1.WebhookAuthenticator{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..03757746 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go @@ -0,0 +1,10 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type JWTAuthenticatorExpansion interface{} + +type WebhookAuthenticatorExpansion interface{} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go new file mode 100644 index 00000000..b7ccf0ab --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go @@ -0,0 +1,171 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// JWTAuthenticatorsGetter has a method to return a JWTAuthenticatorInterface. +// A group's client should implement this interface. +type JWTAuthenticatorsGetter interface { + JWTAuthenticators() JWTAuthenticatorInterface +} + +// JWTAuthenticatorInterface has methods to work with JWTAuthenticator resources. +type JWTAuthenticatorInterface interface { + Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (*v1alpha1.JWTAuthenticator, error) + Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) + UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (*v1alpha1.JWTAuthenticator, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.JWTAuthenticator, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.JWTAuthenticatorList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) + JWTAuthenticatorExpansion +} + +// jWTAuthenticators implements JWTAuthenticatorInterface +type jWTAuthenticators struct { + client rest.Interface +} + +// newJWTAuthenticators returns a JWTAuthenticators +func newJWTAuthenticators(c *AuthenticationV1alpha1Client) *jWTAuthenticators { + return &jWTAuthenticators{ + client: c.RESTClient(), + } +} + +// Get takes name of the jWTAuthenticator, and returns the corresponding jWTAuthenticator object, and an error if there is any. +func (c *jWTAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.JWTAuthenticator, err error) { + result = &v1alpha1.JWTAuthenticator{} + err = c.client.Get(). + Resource("jwtauthenticators"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of JWTAuthenticators that match those selectors. +func (c *jWTAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.JWTAuthenticatorList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.JWTAuthenticatorList{} + err = c.client.Get(). + Resource("jwtauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested jWTAuthenticators. +func (c *jWTAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("jwtauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a jWTAuthenticator and creates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. +func (c *jWTAuthenticators) Create(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.CreateOptions) (result *v1alpha1.JWTAuthenticator, err error) { + result = &v1alpha1.JWTAuthenticator{} + err = c.client.Post(). + Resource("jwtauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(jWTAuthenticator). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a jWTAuthenticator and updates it. Returns the server's representation of the jWTAuthenticator, and an error, if there is any. +func (c *jWTAuthenticators) Update(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { + result = &v1alpha1.JWTAuthenticator{} + err = c.client.Put(). + Resource("jwtauthenticators"). + Name(jWTAuthenticator.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(jWTAuthenticator). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *jWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticator *v1alpha1.JWTAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.JWTAuthenticator, err error) { + result = &v1alpha1.JWTAuthenticator{} + err = c.client.Put(). + Resource("jwtauthenticators"). + Name(jWTAuthenticator.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(jWTAuthenticator). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. +func (c *jWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("jwtauthenticators"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *jWTAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("jwtauthenticators"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched jWTAuthenticator. +func (c *jWTAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.JWTAuthenticator, err error) { + result = &v1alpha1.JWTAuthenticator{} + err = c.client.Patch(pt). + Resource("jwtauthenticators"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 00000000..302914b1 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,171 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// WebhookAuthenticatorsGetter has a method to return a WebhookAuthenticatorInterface. +// A group's client should implement this interface. +type WebhookAuthenticatorsGetter interface { + WebhookAuthenticators() WebhookAuthenticatorInterface +} + +// WebhookAuthenticatorInterface has methods to work with WebhookAuthenticator resources. +type WebhookAuthenticatorInterface interface { + Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (*v1alpha1.WebhookAuthenticator, error) + Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) + UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.WebhookAuthenticator, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.WebhookAuthenticatorList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) + WebhookAuthenticatorExpansion +} + +// webhookAuthenticators implements WebhookAuthenticatorInterface +type webhookAuthenticators struct { + client rest.Interface +} + +// newWebhookAuthenticators returns a WebhookAuthenticators +func newWebhookAuthenticators(c *AuthenticationV1alpha1Client) *webhookAuthenticators { + return &webhookAuthenticators{ + client: c.RESTClient(), + } +} + +// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. +func (c *webhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Get(). + Resource("webhookauthenticators"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. +func (c *webhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.WebhookAuthenticatorList{} + err = c.client.Get(). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested webhookAuthenticators. +func (c *webhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *webhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Post(). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(webhookAuthenticator). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *webhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Put(). + Resource("webhookauthenticators"). + Name(webhookAuthenticator.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(webhookAuthenticator). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *webhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Put(). + Resource("webhookauthenticators"). + Name(webhookAuthenticator.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(webhookAuthenticator). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. +func (c *webhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("webhookauthenticators"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *webhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("webhookauthenticators"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched webhookAuthenticator. +func (c *webhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Patch(pt). + Resource("webhookauthenticators"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go new file mode 100644 index 00000000..e3d11127 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -0,0 +1,94 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "net/http" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/config/v1alpha1" + "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type ConfigV1alpha1Interface interface { + RESTClient() rest.Interface + CredentialIssuersGetter +} + +// ConfigV1alpha1Client is used to interact with features provided by the config.concierge.pinniped.dev group. +type ConfigV1alpha1Client struct { + restClient rest.Interface +} + +func (c *ConfigV1alpha1Client) CredentialIssuers() CredentialIssuerInterface { + return newCredentialIssuers(c) +} + +// NewForConfig creates a new ConfigV1alpha1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). +func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new ConfigV1alpha1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ConfigV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) + if err != nil { + return nil, err + } + return &ConfigV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new ConfigV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *ConfigV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new ConfigV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *ConfigV1alpha1Client { + return &ConfigV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *ConfigV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go b/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go new file mode 100644 index 00000000..7630d036 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go @@ -0,0 +1,171 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// CredentialIssuersGetter has a method to return a CredentialIssuerInterface. +// A group's client should implement this interface. +type CredentialIssuersGetter interface { + CredentialIssuers() CredentialIssuerInterface +} + +// CredentialIssuerInterface has methods to work with CredentialIssuer resources. +type CredentialIssuerInterface interface { + Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (*v1alpha1.CredentialIssuer, error) + Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) + UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuer, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) + CredentialIssuerExpansion +} + +// credentialIssuers implements CredentialIssuerInterface +type credentialIssuers struct { + client rest.Interface +} + +// newCredentialIssuers returns a CredentialIssuers +func newCredentialIssuers(c *ConfigV1alpha1Client) *credentialIssuers { + return &credentialIssuers{ + client: c.RESTClient(), + } +} + +// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any. +func (c *credentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) { + result = &v1alpha1.CredentialIssuer{} + err = c.client.Get(). + Resource("credentialissuers"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors. +func (c *credentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.CredentialIssuerList{} + err = c.client.Get(). + Resource("credentialissuers"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested credentialIssuers. +func (c *credentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("credentialissuers"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. +func (c *credentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) { + result = &v1alpha1.CredentialIssuer{} + err = c.client.Post(). + Resource("credentialissuers"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(credentialIssuer). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. +func (c *credentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { + result = &v1alpha1.CredentialIssuer{} + err = c.client.Put(). + Resource("credentialissuers"). + Name(credentialIssuer.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(credentialIssuer). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *credentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { + result = &v1alpha1.CredentialIssuer{} + err = c.client.Put(). + Resource("credentialissuers"). + Name(credentialIssuer.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(credentialIssuer). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. +func (c *credentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("credentialissuers"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *credentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("credentialissuers"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched credentialIssuer. +func (c *credentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) { + result = &v1alpha1.CredentialIssuer{} + err = c.client.Patch(pt). + Resource("credentialissuers"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go new file mode 100644 index 00000000..f4a4f40d --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeConfigV1alpha1 struct { + *testing.Fake +} + +func (c *FakeConfigV1alpha1) CredentialIssuers() v1alpha1.CredentialIssuerInterface { + return &FakeCredentialIssuers{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go b/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go new file mode 100644 index 00000000..535ec773 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go @@ -0,0 +1,120 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/config/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeCredentialIssuers implements CredentialIssuerInterface +type FakeCredentialIssuers struct { + Fake *FakeConfigV1alpha1 +} + +var credentialissuersResource = schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuers"} + +var credentialissuersKind = schema.GroupVersionKind{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuer"} + +// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any. +func (c *FakeCredentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(credentialissuersResource, name), &v1alpha1.CredentialIssuer{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CredentialIssuer), err +} + +// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors. +func (c *FakeCredentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(credentialissuersResource, credentialissuersKind, opts), &v1alpha1.CredentialIssuerList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.CredentialIssuerList{ListMeta: obj.(*v1alpha1.CredentialIssuerList).ListMeta} + for _, item := range obj.(*v1alpha1.CredentialIssuerList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested credentialIssuers. +func (c *FakeCredentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(credentialissuersResource, opts)) +} + +// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. +func (c *FakeCredentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(credentialissuersResource, credentialIssuer), &v1alpha1.CredentialIssuer{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CredentialIssuer), err +} + +// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any. +func (c *FakeCredentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(credentialissuersResource, credentialIssuer), &v1alpha1.CredentialIssuer{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CredentialIssuer), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeCredentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(credentialissuersResource, "status", credentialIssuer), &v1alpha1.CredentialIssuer{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CredentialIssuer), err +} + +// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. +func (c *FakeCredentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteActionWithOptions(credentialissuersResource, name, opts), &v1alpha1.CredentialIssuer{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeCredentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(credentialissuersResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerList{}) + return err +} + +// Patch applies the patch and returns the patched credentialIssuer. +func (c *FakeCredentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(credentialissuersResource, name, pt, data, subresources...), &v1alpha1.CredentialIssuer{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CredentialIssuer), err +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..294cd402 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -0,0 +1,8 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type CredentialIssuerExpansion interface{} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go b/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go b/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go b/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go new file mode 100644 index 00000000..efdef570 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeIdentityV1alpha1 struct { + *testing.Fake +} + +func (c *FakeIdentityV1alpha1) WhoAmIRequests() v1alpha1.WhoAmIRequestInterface { + return &FakeWhoAmIRequests{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeIdentityV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go b/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go new file mode 100644 index 00000000..1fd3d4b0 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go @@ -0,0 +1,34 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/identity/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + testing "k8s.io/client-go/testing" +) + +// FakeWhoAmIRequests implements WhoAmIRequestInterface +type FakeWhoAmIRequests struct { + Fake *FakeIdentityV1alpha1 +} + +var whoamirequestsResource = schema.GroupVersionResource{Group: "identity.concierge.pinniped.dev", Version: "v1alpha1", Resource: "whoamirequests"} + +var whoamirequestsKind = schema.GroupVersionKind{Group: "identity.concierge.pinniped.dev", Version: "v1alpha1", Kind: "WhoAmIRequest"} + +// Create takes the representation of a whoAmIRequest and creates it. Returns the server's representation of the whoAmIRequest, and an error, if there is any. +func (c *FakeWhoAmIRequests) Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (result *v1alpha1.WhoAmIRequest, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(whoamirequestsResource, whoAmIRequest), &v1alpha1.WhoAmIRequest{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WhoAmIRequest), err +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go b/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..925d9ca3 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go @@ -0,0 +1,8 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type WhoAmIRequestExpansion interface{} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go b/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go new file mode 100644 index 00000000..d18a2430 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go @@ -0,0 +1,94 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "net/http" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/identity/v1alpha1" + "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type IdentityV1alpha1Interface interface { + RESTClient() rest.Interface + WhoAmIRequestsGetter +} + +// IdentityV1alpha1Client is used to interact with features provided by the identity.concierge.pinniped.dev group. +type IdentityV1alpha1Client struct { + restClient rest.Interface +} + +func (c *IdentityV1alpha1Client) WhoAmIRequests() WhoAmIRequestInterface { + return newWhoAmIRequests(c) +} + +// NewForConfig creates a new IdentityV1alpha1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). +func NewForConfig(c *rest.Config) (*IdentityV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new IdentityV1alpha1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*IdentityV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) + if err != nil { + return nil, err + } + return &IdentityV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new IdentityV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *IdentityV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new IdentityV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *IdentityV1alpha1Client { + return &IdentityV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *IdentityV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go b/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go new file mode 100644 index 00000000..7a068a5f --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go @@ -0,0 +1,51 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/identity/v1alpha1" + scheme "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + rest "k8s.io/client-go/rest" +) + +// WhoAmIRequestsGetter has a method to return a WhoAmIRequestInterface. +// A group's client should implement this interface. +type WhoAmIRequestsGetter interface { + WhoAmIRequests() WhoAmIRequestInterface +} + +// WhoAmIRequestInterface has methods to work with WhoAmIRequest resources. +type WhoAmIRequestInterface interface { + Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (*v1alpha1.WhoAmIRequest, error) + WhoAmIRequestExpansion +} + +// whoAmIRequests implements WhoAmIRequestInterface +type whoAmIRequests struct { + client rest.Interface +} + +// newWhoAmIRequests returns a WhoAmIRequests +func newWhoAmIRequests(c *IdentityV1alpha1Client) *whoAmIRequests { + return &whoAmIRequests{ + client: c.RESTClient(), + } +} + +// Create takes the representation of a whoAmIRequest and creates it. Returns the server's representation of the whoAmIRequest, and an error, if there is any. +func (c *whoAmIRequests) Create(ctx context.Context, whoAmIRequest *v1alpha1.WhoAmIRequest, opts v1.CreateOptions) (result *v1alpha1.WhoAmIRequest, err error) { + result = &v1alpha1.WhoAmIRequest{} + err = c.client.Post(). + Resource("whoamirequests"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(whoAmIRequest). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go b/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go b/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go b/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go new file mode 100644 index 00000000..f1baa31c --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeLoginV1alpha1 struct { + *testing.Fake +} + +func (c *FakeLoginV1alpha1) TokenCredentialRequests() v1alpha1.TokenCredentialRequestInterface { + return &FakeTokenCredentialRequests{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeLoginV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go b/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go new file mode 100644 index 00000000..19f22778 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go @@ -0,0 +1,34 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/login/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + testing "k8s.io/client-go/testing" +) + +// FakeTokenCredentialRequests implements TokenCredentialRequestInterface +type FakeTokenCredentialRequests struct { + Fake *FakeLoginV1alpha1 +} + +var tokencredentialrequestsResource = schema.GroupVersionResource{Group: "login.concierge.pinniped.dev", Version: "v1alpha1", Resource: "tokencredentialrequests"} + +var tokencredentialrequestsKind = schema.GroupVersionKind{Group: "login.concierge.pinniped.dev", Version: "v1alpha1", Kind: "TokenCredentialRequest"} + +// Create takes the representation of a tokenCredentialRequest and creates it. Returns the server's representation of the tokenCredentialRequest, and an error, if there is any. +func (c *FakeTokenCredentialRequests) Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (result *v1alpha1.TokenCredentialRequest, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(tokencredentialrequestsResource, tokenCredentialRequest), &v1alpha1.TokenCredentialRequest{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.TokenCredentialRequest), err +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go b/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..7ed35ca8 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go @@ -0,0 +1,8 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type TokenCredentialRequestExpansion interface{} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go b/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go new file mode 100644 index 00000000..aabac959 --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go @@ -0,0 +1,94 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "net/http" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/login/v1alpha1" + "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type LoginV1alpha1Interface interface { + RESTClient() rest.Interface + TokenCredentialRequestsGetter +} + +// LoginV1alpha1Client is used to interact with features provided by the login.concierge.pinniped.dev group. +type LoginV1alpha1Client struct { + restClient rest.Interface +} + +func (c *LoginV1alpha1Client) TokenCredentialRequests() TokenCredentialRequestInterface { + return newTokenCredentialRequests(c) +} + +// NewForConfig creates a new LoginV1alpha1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). +func NewForConfig(c *rest.Config) (*LoginV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new LoginV1alpha1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*LoginV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) + if err != nil { + return nil, err + } + return &LoginV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new LoginV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *LoginV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new LoginV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *LoginV1alpha1Client { + return &LoginV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *LoginV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go b/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go new file mode 100644 index 00000000..de2a995a --- /dev/null +++ b/generated/1.23/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go @@ -0,0 +1,51 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/login/v1alpha1" + scheme "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + rest "k8s.io/client-go/rest" +) + +// TokenCredentialRequestsGetter has a method to return a TokenCredentialRequestInterface. +// A group's client should implement this interface. +type TokenCredentialRequestsGetter interface { + TokenCredentialRequests() TokenCredentialRequestInterface +} + +// TokenCredentialRequestInterface has methods to work with TokenCredentialRequest resources. +type TokenCredentialRequestInterface interface { + Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (*v1alpha1.TokenCredentialRequest, error) + TokenCredentialRequestExpansion +} + +// tokenCredentialRequests implements TokenCredentialRequestInterface +type tokenCredentialRequests struct { + client rest.Interface +} + +// newTokenCredentialRequests returns a TokenCredentialRequests +func newTokenCredentialRequests(c *LoginV1alpha1Client) *tokenCredentialRequests { + return &tokenCredentialRequests{ + client: c.RESTClient(), + } +} + +// Create takes the representation of a tokenCredentialRequest and creates it. Returns the server's representation of the tokenCredentialRequest, and an error, if there is any. +func (c *tokenCredentialRequests) Create(ctx context.Context, tokenCredentialRequest *v1alpha1.TokenCredentialRequest, opts v1.CreateOptions) (result *v1alpha1.TokenCredentialRequest, err error) { + result = &v1alpha1.TokenCredentialRequest{} + err = c.client.Post(). + Resource("tokencredentialrequests"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(tokenCredentialRequest). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.23/client/concierge/informers/externalversions/authentication/interface.go b/generated/1.23/client/concierge/informers/externalversions/authentication/interface.go new file mode 100644 index 00000000..0ac6491b --- /dev/null +++ b/generated/1.23/client/concierge/informers/externalversions/authentication/interface.go @@ -0,0 +1,33 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package authentication + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/informers/externalversions/authentication/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.23/client/concierge/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/generated/1.23/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go b/generated/1.23/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go new file mode 100644 index 00000000..27777666 --- /dev/null +++ b/generated/1.23/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go @@ -0,0 +1,39 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "go.pinniped.dev/generated/1.23/client/concierge/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // JWTAuthenticators returns a JWTAuthenticatorInformer. + JWTAuthenticators() JWTAuthenticatorInformer + // WebhookAuthenticators returns a WebhookAuthenticatorInformer. + WebhookAuthenticators() WebhookAuthenticatorInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// JWTAuthenticators returns a JWTAuthenticatorInformer. +func (v *version) JWTAuthenticators() JWTAuthenticatorInformer { + return &jWTAuthenticatorInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} + +// WebhookAuthenticators returns a WebhookAuthenticatorInformer. +func (v *version) WebhookAuthenticators() WebhookAuthenticatorInformer { + return &webhookAuthenticatorInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.23/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go b/generated/1.23/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go new file mode 100644 index 00000000..e0c9992e --- /dev/null +++ b/generated/1.23/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/authentication/v1alpha1" + versioned "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.23/client/concierge/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/listers/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// JWTAuthenticatorInformer provides access to a shared informer and lister for +// JWTAuthenticators. +type JWTAuthenticatorInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.JWTAuthenticatorLister +} + +type jWTAuthenticatorInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewJWTAuthenticatorInformer constructs a new informer for JWTAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredJWTAuthenticatorInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredJWTAuthenticatorInformer constructs a new informer for JWTAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredJWTAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().JWTAuthenticators().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().JWTAuthenticators().Watch(context.TODO(), options) + }, + }, + &authenticationv1alpha1.JWTAuthenticator{}, + resyncPeriod, + indexers, + ) +} + +func (f *jWTAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredJWTAuthenticatorInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *jWTAuthenticatorInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&authenticationv1alpha1.JWTAuthenticator{}, f.defaultInformer) +} + +func (f *jWTAuthenticatorInformer) Lister() v1alpha1.JWTAuthenticatorLister { + return v1alpha1.NewJWTAuthenticatorLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.23/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/1.23/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 00000000..eda4b854 --- /dev/null +++ b/generated/1.23/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/authentication/v1alpha1" + versioned "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.23/client/concierge/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/listers/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// WebhookAuthenticatorInformer provides access to a shared informer and lister for +// WebhookAuthenticators. +type WebhookAuthenticatorInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.WebhookAuthenticatorLister +} + +type webhookAuthenticatorInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredWebhookAuthenticatorInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredWebhookAuthenticatorInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators().Watch(context.TODO(), options) + }, + }, + &authenticationv1alpha1.WebhookAuthenticator{}, + resyncPeriod, + indexers, + ) +} + +func (f *webhookAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredWebhookAuthenticatorInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *webhookAuthenticatorInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&authenticationv1alpha1.WebhookAuthenticator{}, f.defaultInformer) +} + +func (f *webhookAuthenticatorInformer) Lister() v1alpha1.WebhookAuthenticatorLister { + return v1alpha1.NewWebhookAuthenticatorLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.23/client/concierge/informers/externalversions/config/interface.go b/generated/1.23/client/concierge/informers/externalversions/config/interface.go new file mode 100644 index 00000000..69dcc3fd --- /dev/null +++ b/generated/1.23/client/concierge/informers/externalversions/config/interface.go @@ -0,0 +1,33 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package config + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/informers/externalversions/config/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.23/client/concierge/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/generated/1.23/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go b/generated/1.23/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go new file mode 100644 index 00000000..9288bc5d --- /dev/null +++ b/generated/1.23/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go @@ -0,0 +1,76 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + configv1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/config/v1alpha1" + versioned "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.23/client/concierge/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.23/client/concierge/listers/config/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// CredentialIssuerInformer provides access to a shared informer and lister for +// CredentialIssuers. +type CredentialIssuerInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.CredentialIssuerLister +} + +type credentialIssuerInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewCredentialIssuerInformer constructs a new informer for CredentialIssuer type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredCredentialIssuerInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredCredentialIssuerInformer constructs a new informer for CredentialIssuer type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredCredentialIssuerInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().CredentialIssuers().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().CredentialIssuers().Watch(context.TODO(), options) + }, + }, + &configv1alpha1.CredentialIssuer{}, + resyncPeriod, + indexers, + ) +} + +func (f *credentialIssuerInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredCredentialIssuerInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *credentialIssuerInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&configv1alpha1.CredentialIssuer{}, f.defaultInformer) +} + +func (f *credentialIssuerInformer) Lister() v1alpha1.CredentialIssuerLister { + return v1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.23/client/concierge/informers/externalversions/config/v1alpha1/interface.go b/generated/1.23/client/concierge/informers/externalversions/config/v1alpha1/interface.go new file mode 100644 index 00000000..bd6b17ce --- /dev/null +++ b/generated/1.23/client/concierge/informers/externalversions/config/v1alpha1/interface.go @@ -0,0 +1,32 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "go.pinniped.dev/generated/1.23/client/concierge/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // CredentialIssuers returns a CredentialIssuerInformer. + CredentialIssuers() CredentialIssuerInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// CredentialIssuers returns a CredentialIssuerInformer. +func (v *version) CredentialIssuers() CredentialIssuerInformer { + return &credentialIssuerInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.23/client/concierge/informers/externalversions/factory.go b/generated/1.23/client/concierge/informers/externalversions/factory.go new file mode 100644 index 00000000..37f29333 --- /dev/null +++ b/generated/1.23/client/concierge/informers/externalversions/factory.go @@ -0,0 +1,173 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + reflect "reflect" + sync "sync" + time "time" + + versioned "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned" + authentication "go.pinniped.dev/generated/1.23/client/concierge/informers/externalversions/authentication" + config "go.pinniped.dev/generated/1.23/client/concierge/informers/externalversions/config" + internalinterfaces "go.pinniped.dev/generated/1.23/client/concierge/informers/externalversions/internalinterfaces" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// SharedInformerOption defines the functional option type for SharedInformerFactory. +type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory + +type sharedInformerFactory struct { + client versioned.Interface + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc + lock sync.Mutex + defaultResync time.Duration + customResync map[reflect.Type]time.Duration + + informers map[reflect.Type]cache.SharedIndexInformer + // startedInformers is used for tracking which informers have been started. + // This allows Start() to be called multiple times safely. + startedInformers map[reflect.Type]bool +} + +// WithCustomResyncConfig sets a custom resync period for the specified informer types. +func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + for k, v := range resyncConfig { + factory.customResync[reflect.TypeOf(k)] = v + } + return factory + } +} + +// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. +func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.tweakListOptions = tweakListOptions + return factory + } +} + +// WithNamespace limits the SharedInformerFactory to the specified namespace. +func WithNamespace(namespace string) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.namespace = namespace + return factory + } +} + +// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. +func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync) +} + +// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. +// Listers obtained via this SharedInformerFactory will be subject to the same filters +// as specified here. +// Deprecated: Please use NewSharedInformerFactoryWithOptions instead +func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) +} + +// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. +func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { + factory := &sharedInformerFactory{ + client: client, + namespace: v1.NamespaceAll, + defaultResync: defaultResync, + informers: make(map[reflect.Type]cache.SharedIndexInformer), + startedInformers: make(map[reflect.Type]bool), + customResync: make(map[reflect.Type]time.Duration), + } + + // Apply all options + for _, opt := range options { + factory = opt(factory) + } + + return factory +} + +// Start initializes all requested informers. +func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.lock.Lock() + defer f.lock.Unlock() + + for informerType, informer := range f.informers { + if !f.startedInformers[informerType] { + go informer.Run(stopCh) + f.startedInformers[informerType] = true + } + } +} + +// WaitForCacheSync waits for all started informers' cache were synced. +func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + informers := func() map[reflect.Type]cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informers := map[reflect.Type]cache.SharedIndexInformer{} + for informerType, informer := range f.informers { + if f.startedInformers[informerType] { + informers[informerType] = informer + } + } + return informers + }() + + res := map[reflect.Type]bool{} + for informType, informer := range informers { + res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + } + return res +} + +// InternalInformerFor returns the SharedIndexInformer for obj using an internal +// client. +func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informerType := reflect.TypeOf(obj) + informer, exists := f.informers[informerType] + if exists { + return informer + } + + resyncPeriod, exists := f.customResync[informerType] + if !exists { + resyncPeriod = f.defaultResync + } + + informer = newFunc(f.client, resyncPeriod) + f.informers[informerType] = informer + + return informer +} + +// SharedInformerFactory provides shared informers for resources in all known +// API group versions. +type SharedInformerFactory interface { + internalinterfaces.SharedInformerFactory + ForResource(resource schema.GroupVersionResource) (GenericInformer, error) + WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + + Authentication() authentication.Interface + Config() config.Interface +} + +func (f *sharedInformerFactory) Authentication() authentication.Interface { + return authentication.New(f, f.namespace, f.tweakListOptions) +} + +func (f *sharedInformerFactory) Config() config.Interface { + return config.New(f, f.namespace, f.tweakListOptions) +} diff --git a/generated/1.23/client/concierge/informers/externalversions/generic.go b/generated/1.23/client/concierge/informers/externalversions/generic.go new file mode 100644 index 00000000..336d7304 --- /dev/null +++ b/generated/1.23/client/concierge/informers/externalversions/generic.go @@ -0,0 +1,56 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + "fmt" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/config/v1alpha1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// GenericInformer is type of SharedIndexInformer which will locate and delegate to other +// sharedInformers based on type +type GenericInformer interface { + Informer() cache.SharedIndexInformer + Lister() cache.GenericLister +} + +type genericInformer struct { + informer cache.SharedIndexInformer + resource schema.GroupResource +} + +// Informer returns the SharedIndexInformer. +func (f *genericInformer) Informer() cache.SharedIndexInformer { + return f.informer +} + +// Lister returns the GenericLister. +func (f *genericInformer) Lister() cache.GenericLister { + return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) +} + +// ForResource gives generic access to a shared informer of the matching type +// TODO extend this to unknown resources with a client pool +func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { + switch resource { + // Group=authentication.concierge.pinniped.dev, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithResource("jwtauthenticators"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().JWTAuthenticators().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("webhookauthenticators"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil + + // Group=config.concierge.pinniped.dev, Version=v1alpha1 + case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuers"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuers().Informer()}, nil + + } + + return nil, fmt.Errorf("no informer found for %v", resource) +} diff --git a/generated/1.23/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.23/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go new file mode 100644 index 00000000..52855fa4 --- /dev/null +++ b/generated/1.23/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package internalinterfaces + +import ( + time "time" + + versioned "go.pinniped.dev/generated/1.23/client/concierge/clientset/versioned" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + cache "k8s.io/client-go/tools/cache" +) + +// NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer. +type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer + +// SharedInformerFactory a small interface to allow for adding an informer without an import cycle +type SharedInformerFactory interface { + Start(stopCh <-chan struct{}) + InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer +} + +// TweakListOptionsFunc is a function that transforms a v1.ListOptions. +type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/generated/1.23/client/concierge/listers/authentication/v1alpha1/expansion_generated.go b/generated/1.23/client/concierge/listers/authentication/v1alpha1/expansion_generated.go new file mode 100644 index 00000000..665b978e --- /dev/null +++ b/generated/1.23/client/concierge/listers/authentication/v1alpha1/expansion_generated.go @@ -0,0 +1,14 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// JWTAuthenticatorListerExpansion allows custom methods to be added to +// JWTAuthenticatorLister. +type JWTAuthenticatorListerExpansion interface{} + +// WebhookAuthenticatorListerExpansion allows custom methods to be added to +// WebhookAuthenticatorLister. +type WebhookAuthenticatorListerExpansion interface{} diff --git a/generated/1.23/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go b/generated/1.23/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go new file mode 100644 index 00000000..a62b15fd --- /dev/null +++ b/generated/1.23/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go @@ -0,0 +1,55 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/authentication/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// JWTAuthenticatorLister helps list JWTAuthenticators. +// All objects returned here must be treated as read-only. +type JWTAuthenticatorLister interface { + // List lists all JWTAuthenticators in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.JWTAuthenticator, err error) + // Get retrieves the JWTAuthenticator from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.JWTAuthenticator, error) + JWTAuthenticatorListerExpansion +} + +// jWTAuthenticatorLister implements the JWTAuthenticatorLister interface. +type jWTAuthenticatorLister struct { + indexer cache.Indexer +} + +// NewJWTAuthenticatorLister returns a new JWTAuthenticatorLister. +func NewJWTAuthenticatorLister(indexer cache.Indexer) JWTAuthenticatorLister { + return &jWTAuthenticatorLister{indexer: indexer} +} + +// List lists all JWTAuthenticators in the indexer. +func (s *jWTAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.JWTAuthenticator, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.JWTAuthenticator)) + }) + return ret, err +} + +// Get retrieves the JWTAuthenticator from the index for a given name. +func (s *jWTAuthenticatorLister) Get(name string) (*v1alpha1.JWTAuthenticator, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("jwtauthenticator"), name) + } + return obj.(*v1alpha1.JWTAuthenticator), nil +} diff --git a/generated/1.23/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.23/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 00000000..467d5577 --- /dev/null +++ b/generated/1.23/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,55 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/authentication/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// WebhookAuthenticatorLister helps list WebhookAuthenticators. +// All objects returned here must be treated as read-only. +type WebhookAuthenticatorLister interface { + // List lists all WebhookAuthenticators in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) + // Get retrieves the WebhookAuthenticator from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.WebhookAuthenticator, error) + WebhookAuthenticatorListerExpansion +} + +// webhookAuthenticatorLister implements the WebhookAuthenticatorLister interface. +type webhookAuthenticatorLister struct { + indexer cache.Indexer +} + +// NewWebhookAuthenticatorLister returns a new WebhookAuthenticatorLister. +func NewWebhookAuthenticatorLister(indexer cache.Indexer) WebhookAuthenticatorLister { + return &webhookAuthenticatorLister{indexer: indexer} +} + +// List lists all WebhookAuthenticators in the indexer. +func (s *webhookAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.WebhookAuthenticator)) + }) + return ret, err +} + +// Get retrieves the WebhookAuthenticator from the index for a given name. +func (s *webhookAuthenticatorLister) Get(name string) (*v1alpha1.WebhookAuthenticator, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("webhookauthenticator"), name) + } + return obj.(*v1alpha1.WebhookAuthenticator), nil +} diff --git a/generated/1.23/client/concierge/listers/config/v1alpha1/credentialissuer.go b/generated/1.23/client/concierge/listers/config/v1alpha1/credentialissuer.go new file mode 100644 index 00000000..fcf88371 --- /dev/null +++ b/generated/1.23/client/concierge/listers/config/v1alpha1/credentialissuer.go @@ -0,0 +1,55 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/apis/concierge/config/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// CredentialIssuerLister helps list CredentialIssuers. +// All objects returned here must be treated as read-only. +type CredentialIssuerLister interface { + // List lists all CredentialIssuers in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) + // Get retrieves the CredentialIssuer from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.CredentialIssuer, error) + CredentialIssuerListerExpansion +} + +// credentialIssuerLister implements the CredentialIssuerLister interface. +type credentialIssuerLister struct { + indexer cache.Indexer +} + +// NewCredentialIssuerLister returns a new CredentialIssuerLister. +func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister { + return &credentialIssuerLister{indexer: indexer} +} + +// List lists all CredentialIssuers in the indexer. +func (s *credentialIssuerLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.CredentialIssuer)) + }) + return ret, err +} + +// Get retrieves the CredentialIssuer from the index for a given name. +func (s *credentialIssuerLister) Get(name string) (*v1alpha1.CredentialIssuer, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuer"), name) + } + return obj.(*v1alpha1.CredentialIssuer), nil +} diff --git a/generated/1.23/client/concierge/listers/config/v1alpha1/expansion_generated.go b/generated/1.23/client/concierge/listers/config/v1alpha1/expansion_generated.go new file mode 100644 index 00000000..7212c891 --- /dev/null +++ b/generated/1.23/client/concierge/listers/config/v1alpha1/expansion_generated.go @@ -0,0 +1,10 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// CredentialIssuerListerExpansion allows custom methods to be added to +// CredentialIssuerLister. +type CredentialIssuerListerExpansion interface{} diff --git a/generated/1.23/client/go.mod b/generated/1.23/client/go.mod new file mode 100644 index 00000000..408cef03 --- /dev/null +++ b/generated/1.23/client/go.mod @@ -0,0 +1,12 @@ +// This go.mod file is generated by ./hack/codegen.sh. +module go.pinniped.dev/generated/1.23/client + +go 1.13 + +require ( + go.pinniped.dev/generated/1.23/apis v0.0.0 + k8s.io/apimachinery v0.23.3 + k8s.io/client-go v0.23.3 +) + +replace go.pinniped.dev/generated/1.23/apis => ../apis diff --git a/generated/1.23/client/go.sum b/generated/1.23/client/go.sum new file mode 100644 index 00000000..ab2c1158 --- /dev/null +++ b/generated/1.23/client/go.sum @@ -0,0 +1,621 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= +cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= +cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= +cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= +cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= +cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= +cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4= +cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M= +cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc= +cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk= +cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= +cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= +cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= +cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= +cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= +cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= +cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= +cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= +cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= +cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= +cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= +cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= +cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= +cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= +cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= +cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= +cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= +cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= +cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= +cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU= +cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= +cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos= +cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= +cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= +cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= +dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= +github.com/Azure/go-autorest/autorest v0.11.18/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA= +github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= +github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= +github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= +github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= +github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= +github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= +github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= +github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= +github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= +github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= +github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= +github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= +github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= +github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4= +github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= +github.com/getkin/kin-openapi v0.76.0/go.mod h1:660oXbgy5JFMKreazJaQTw7o+X00qeSyhcnluiMv+Xg= +github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= +github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= +github.com/go-logr/logr v1.2.0 h1:QK40JKJyMdUDz+h+xvCsru/bJhvG0UxvePV0ufL/AcE= +github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= +github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= +github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= +github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= +github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= +github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= +github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= +github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= +github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= +github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= +github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= +github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y= +github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= +github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= +github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= +github.com/googleapis/gnostic v0.5.5 h1:9fHAtK0uDfpveeqqo1hkEZJcFvYXAiCN3UutL8F9xHw= +github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97DwqyJO1AENw9kA= +github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= +github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= +github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= +github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= +github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= +github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= +github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78= +github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= +github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= +github.com/onsi/ginkgo v1.14.0 h1:2mOpI4JVVPBN+WQRa0WKH2eXR+Ey+uK4n7Zj0aYpIQA= +github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= +github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= +github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= +github.com/onsi/gomega v1.10.1 h1:o0+MgICZLuZ7xjH7Vx6zS/zcu93/BEp1VwkIW1mEXCE= +github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= +github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= +go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= +go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= +go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= +go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= +golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= +golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= +golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= +golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= +golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= +golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= +golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= +golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= +golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= +golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= +golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= +golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= +golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.0.0-20211209124913-491a49abca63 h1:iocB37TsdFuN6IBRZ+ry36wrkoV51/tl5vOWqkcPGvY= +golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f h1:Qmd2pbz05z7z6lm0DrgQVVPuBm92jqujBKMHMOlOQEw= +golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e h1:XMgFehsDnnLGtjvjOfqWSUzt0alpTR1RSEuznObga2c= +golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b h1:9zKuko04nR4gjZ4+DNjHqRlAJqbJETHwiNKDqTfOjfE= +golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac h1:7zkz7BUtwNFFqcowJ+RIgu2MaV/MapERkDIy+mwPyjs= +golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= +golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= +golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= +golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= +google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= +google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= +google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= +google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= +google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= +google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= +google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= +google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= +google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= +google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= +google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= +google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= +google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= +google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= +google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= +google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= +google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= +google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= +google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60= +google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= +google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= +google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= +google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= +google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.27.1 h1:SnqbnDw1V7RiZcXPx5MEeqPv2s79L9i7BJUlG/+RurQ= +google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= +honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= +k8s.io/api v0.23.3 h1:KNrME8KHGr12Ozjf8ytOewKzZh6hl/hHUZeHddT3a38= +k8s.io/api v0.23.3/go.mod h1:w258XdGyvCmnBj/vGzQMj6kzdufJZVUwEM1U2fRJwSQ= +k8s.io/apimachinery v0.23.3 h1:7IW6jxNzrXTsP0c8yXz2E5Yx/WTzVPTsHIx/2Vm0cIk= +k8s.io/apimachinery v0.23.3/go.mod h1:BEuFMMBaIbcOqVIJqNZJXGFTP4W6AycEpb5+m/97hrM= +k8s.io/client-go v0.23.3 h1:23QYUmCQ/W6hW78xIwm3XqZrrKZM+LWDqW2zfo+szJs= +k8s.io/client-go v0.23.3/go.mod h1:47oMd+YvAOqZM7pcQ6neJtBiFH7alOyfunYN48VsmwE= +k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= +k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= +k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= +k8s.io/klog/v2 v2.30.0 h1:bUO6drIvCIsvZ/XFgfxoGFQU/a4Qkh0iAlvUR7vlHJw= +k8s.io/klog/v2 v2.30.0/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65 h1:E3J9oCLlaobFUqsjG9DfKbP2BmgwBL2p7pn0A3dG9W4= +k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65/go.mod h1:sX9MT8g7NVZM5lVL/j8QyCCJe8YSMW30QvGZWaCIDIk= +k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20211116205334-6203023598ed h1:ck1fRPWPJWsMd8ZRFsWc6mh/zHp5fZ/shhbrgPUxDAE= +k8s.io/utils v0.0.0-20211116205334-6203023598ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= +rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= +rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= +sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6 h1:fD1pz4yfdADVNfFmcP2aBEtudwUQ1AlLnRBALr33v3s= +sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6/go.mod h1:p4QtZmO4uMYipTQNzagwnNoseA6OxSUutVw05NhYDRs= +sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= +sigs.k8s.io/structured-merge-diff/v4 v4.2.1 h1:bKCqE9GvQ5tiVHn5rfn1r+yao3aLQEaLzkkmAkf+A6Y= +sigs.k8s.io/structured-merge-diff/v4 v4.2.1/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= +sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= +sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/generated/1.23/client/supervisor/clientset/versioned/clientset.go b/generated/1.23/client/supervisor/clientset/versioned/clientset.go new file mode 100644 index 00000000..b36adb5b --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/clientset.go @@ -0,0 +1,117 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package versioned + +import ( + "fmt" + "net/http" + + configv1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" +) + +type Interface interface { + Discovery() discovery.DiscoveryInterface + ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface + IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface +} + +// Clientset contains the clients for groups. Each group has exactly one +// version included in a Clientset. +type Clientset struct { + *discovery.DiscoveryClient + configV1alpha1 *configv1alpha1.ConfigV1alpha1Client + iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client +} + +// ConfigV1alpha1 retrieves the ConfigV1alpha1Client +func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { + return c.configV1alpha1 +} + +// IDPV1alpha1 retrieves the IDPV1alpha1Client +func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { + return c.iDPV1alpha1 +} + +// Discovery retrieves the DiscoveryClient +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + if c == nil { + return nil + } + return c.DiscoveryClient +} + +// NewForConfig creates a new Clientset for the given config. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfig will generate a rate-limiter in configShallowCopy. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). +func NewForConfig(c *rest.Config) (*Clientset, error) { + configShallowCopy := *c + + // share the transport between all clients + httpClient, err := rest.HTTPClientFor(&configShallowCopy) + if err != nil { + return nil, err + } + + return NewForConfigAndClient(&configShallowCopy, httpClient) +} + +// NewForConfigAndClient creates a new Clientset for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfigAndClient will generate a rate-limiter in configShallowCopy. +func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, error) { + configShallowCopy := *c + if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { + if configShallowCopy.Burst <= 0 { + return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") + } + configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) + } + + var cs Clientset + var err error + cs.configV1alpha1, err = configv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + cs.iDPV1alpha1, err = idpv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + return &cs, nil +} + +// NewForConfigOrDie creates a new Clientset for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *Clientset { + cs, err := NewForConfig(c) + if err != nil { + panic(err) + } + return cs +} + +// New creates a new Clientset for the given RESTClient. +func New(c rest.Interface) *Clientset { + var cs Clientset + cs.configV1alpha1 = configv1alpha1.New(c) + cs.iDPV1alpha1 = idpv1alpha1.New(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClient(c) + return &cs +} diff --git a/generated/1.23/client/supervisor/clientset/versioned/doc.go b/generated/1.23/client/supervisor/clientset/versioned/doc.go new file mode 100644 index 00000000..5dc02e6e --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated clientset. +package versioned diff --git a/generated/1.23/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.23/client/supervisor/clientset/versioned/fake/clientset_generated.go new file mode 100644 index 00000000..0c53ef8d --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -0,0 +1,79 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + clientset "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned" + configv1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1" + fakeconfigv1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" + idpv1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + fakeidpv1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/discovery" + fakediscovery "k8s.io/client-go/discovery/fake" + "k8s.io/client-go/testing" +) + +// NewSimpleClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +func NewSimpleClientset(objects ...runtime.Object) *Clientset { + o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{tracker: o} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +// Clientset implements clientset.Interface. Meant to be embedded into a +// struct to get a default implementation. This makes faking out just the method +// you want to test easier. +type Clientset struct { + testing.Fake + discovery *fakediscovery.FakeDiscovery + tracker testing.ObjectTracker +} + +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + return c.discovery +} + +func (c *Clientset) Tracker() testing.ObjectTracker { + return c.tracker +} + +var ( + _ clientset.Interface = &Clientset{} + _ testing.FakeClient = &Clientset{} +) + +// ConfigV1alpha1 retrieves the ConfigV1alpha1Client +func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { + return &fakeconfigv1alpha1.FakeConfigV1alpha1{Fake: &c.Fake} +} + +// IDPV1alpha1 retrieves the IDPV1alpha1Client +func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { + return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} +} diff --git a/generated/1.23/client/supervisor/clientset/versioned/fake/doc.go b/generated/1.23/client/supervisor/clientset/versioned/fake/doc.go new file mode 100644 index 00000000..7c9538fd --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated fake clientset. +package fake diff --git a/generated/1.23/client/supervisor/clientset/versioned/fake/register.go b/generated/1.23/client/supervisor/clientset/versioned/fake/register.go new file mode 100644 index 00000000..f46c7432 --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/fake/register.go @@ -0,0 +1,45 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + configv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var scheme = runtime.NewScheme() +var codecs = serializer.NewCodecFactory(scheme) + +var localSchemeBuilder = runtime.SchemeBuilder{ + configv1alpha1.AddToScheme, + idpv1alpha1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(scheme)) +} diff --git a/generated/1.23/client/supervisor/clientset/versioned/scheme/doc.go b/generated/1.23/client/supervisor/clientset/versioned/scheme/doc.go new file mode 100644 index 00000000..cc02f1d3 --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/scheme/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package contains the scheme of the automatically generated clientset. +package scheme diff --git a/generated/1.23/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.23/client/supervisor/clientset/versioned/scheme/register.go new file mode 100644 index 00000000..b251a20d --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/scheme/register.go @@ -0,0 +1,45 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package scheme + +import ( + configv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var Scheme = runtime.NewScheme() +var Codecs = serializer.NewCodecFactory(Scheme) +var ParameterCodec = runtime.NewParameterCodec(Scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + configv1alpha1.AddToScheme, + idpv1alpha1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(Scheme)) +} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go new file mode 100644 index 00000000..8327d19b --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -0,0 +1,94 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "net/http" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/config/v1alpha1" + "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type ConfigV1alpha1Interface interface { + RESTClient() rest.Interface + FederationDomainsGetter +} + +// ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. +type ConfigV1alpha1Client struct { + restClient rest.Interface +} + +func (c *ConfigV1alpha1Client) FederationDomains(namespace string) FederationDomainInterface { + return newFederationDomains(c, namespace) +} + +// NewForConfig creates a new ConfigV1alpha1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). +func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new ConfigV1alpha1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ConfigV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) + if err != nil { + return nil, err + } + return &ConfigV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new ConfigV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *ConfigV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new ConfigV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *ConfigV1alpha1Client { + return &ConfigV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *ConfigV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go new file mode 100644 index 00000000..fd1c886c --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeConfigV1alpha1 struct { + *testing.Fake +} + +func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.FederationDomainInterface { + return &FakeFederationDomains{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go new file mode 100644 index 00000000..7d5ea45c --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go @@ -0,0 +1,129 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/config/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeFederationDomains implements FederationDomainInterface +type FakeFederationDomains struct { + Fake *FakeConfigV1alpha1 + ns string +} + +var federationdomainsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "federationdomains"} + +var federationdomainsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "FederationDomain"} + +// Get takes name of the federationDomain, and returns the corresponding federationDomain object, and an error if there is any. +func (c *FakeFederationDomains) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.FederationDomain, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(federationdomainsResource, c.ns, name), &v1alpha1.FederationDomain{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.FederationDomain), err +} + +// List takes label and field selectors, and returns the list of FederationDomains that match those selectors. +func (c *FakeFederationDomains) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.FederationDomainList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(federationdomainsResource, federationdomainsKind, c.ns, opts), &v1alpha1.FederationDomainList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.FederationDomainList{ListMeta: obj.(*v1alpha1.FederationDomainList).ListMeta} + for _, item := range obj.(*v1alpha1.FederationDomainList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested federationDomains. +func (c *FakeFederationDomains) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(federationdomainsResource, c.ns, opts)) + +} + +// Create takes the representation of a federationDomain and creates it. Returns the server's representation of the federationDomain, and an error, if there is any. +func (c *FakeFederationDomains) Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (result *v1alpha1.FederationDomain, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(federationdomainsResource, c.ns, federationDomain), &v1alpha1.FederationDomain{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.FederationDomain), err +} + +// Update takes the representation of a federationDomain and updates it. Returns the server's representation of the federationDomain, and an error, if there is any. +func (c *FakeFederationDomains) Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(federationdomainsResource, c.ns, federationDomain), &v1alpha1.FederationDomain{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.FederationDomain), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeFederationDomains) UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(federationdomainsResource, "status", c.ns, federationDomain), &v1alpha1.FederationDomain{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.FederationDomain), err +} + +// Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. +func (c *FakeFederationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteActionWithOptions(federationdomainsResource, c.ns, name, opts), &v1alpha1.FederationDomain{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeFederationDomains) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(federationdomainsResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.FederationDomainList{}) + return err +} + +// Patch applies the patch and returns the patched federationDomain. +func (c *FakeFederationDomains) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(federationdomainsResource, c.ns, name, pt, data, subresources...), &v1alpha1.FederationDomain{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.FederationDomain), err +} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go new file mode 100644 index 00000000..f20c2a97 --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go @@ -0,0 +1,182 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/config/v1alpha1" + scheme "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// FederationDomainsGetter has a method to return a FederationDomainInterface. +// A group's client should implement this interface. +type FederationDomainsGetter interface { + FederationDomains(namespace string) FederationDomainInterface +} + +// FederationDomainInterface has methods to work with FederationDomain resources. +type FederationDomainInterface interface { + Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (*v1alpha1.FederationDomain, error) + Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) + UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (*v1alpha1.FederationDomain, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.FederationDomain, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.FederationDomainList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) + FederationDomainExpansion +} + +// federationDomains implements FederationDomainInterface +type federationDomains struct { + client rest.Interface + ns string +} + +// newFederationDomains returns a FederationDomains +func newFederationDomains(c *ConfigV1alpha1Client, namespace string) *federationDomains { + return &federationDomains{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the federationDomain, and returns the corresponding federationDomain object, and an error if there is any. +func (c *federationDomains) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.FederationDomain, err error) { + result = &v1alpha1.FederationDomain{} + err = c.client.Get(). + Namespace(c.ns). + Resource("federationdomains"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of FederationDomains that match those selectors. +func (c *federationDomains) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.FederationDomainList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.FederationDomainList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("federationdomains"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested federationDomains. +func (c *federationDomains) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("federationdomains"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a federationDomain and creates it. Returns the server's representation of the federationDomain, and an error, if there is any. +func (c *federationDomains) Create(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.CreateOptions) (result *v1alpha1.FederationDomain, err error) { + result = &v1alpha1.FederationDomain{} + err = c.client.Post(). + Namespace(c.ns). + Resource("federationdomains"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(federationDomain). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a federationDomain and updates it. Returns the server's representation of the federationDomain, and an error, if there is any. +func (c *federationDomains) Update(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { + result = &v1alpha1.FederationDomain{} + err = c.client.Put(). + Namespace(c.ns). + Resource("federationdomains"). + Name(federationDomain.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(federationDomain). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *federationDomains) UpdateStatus(ctx context.Context, federationDomain *v1alpha1.FederationDomain, opts v1.UpdateOptions) (result *v1alpha1.FederationDomain, err error) { + result = &v1alpha1.FederationDomain{} + err = c.client.Put(). + Namespace(c.ns). + Resource("federationdomains"). + Name(federationDomain.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(federationDomain). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. +func (c *federationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("federationdomains"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *federationDomains) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("federationdomains"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched federationDomain. +func (c *federationDomains) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.FederationDomain, err error) { + result = &v1alpha1.FederationDomain{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("federationdomains"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..ba9c9173 --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -0,0 +1,8 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type FederationDomainExpansion interface{} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go new file mode 100644 index 00000000..a05ca037 --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go @@ -0,0 +1,182 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// ActiveDirectoryIdentityProvidersGetter has a method to return a ActiveDirectoryIdentityProviderInterface. +// A group's client should implement this interface. +type ActiveDirectoryIdentityProvidersGetter interface { + ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderInterface +} + +// ActiveDirectoryIdentityProviderInterface has methods to work with ActiveDirectoryIdentityProvider resources. +type ActiveDirectoryIdentityProviderInterface interface { + Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ActiveDirectoryIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) + ActiveDirectoryIdentityProviderExpansion +} + +// activeDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface +type activeDirectoryIdentityProviders struct { + client rest.Interface + ns string +} + +// newActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviders +func newActiveDirectoryIdentityProviders(c *IDPV1alpha1Client, namespace string) *activeDirectoryIdentityProviders { + return &activeDirectoryIdentityProviders{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the activeDirectoryIdentityProvider, and returns the corresponding activeDirectoryIdentityProvider object, and an error if there is any. +func (c *activeDirectoryIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + result = &v1alpha1.ActiveDirectoryIdentityProvider{} + err = c.client.Get(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of ActiveDirectoryIdentityProviders that match those selectors. +func (c *activeDirectoryIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ActiveDirectoryIdentityProviderList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.ActiveDirectoryIdentityProviderList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested activeDirectoryIdentityProviders. +func (c *activeDirectoryIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a activeDirectoryIdentityProvider and creates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. +func (c *activeDirectoryIdentityProviders) Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + result = &v1alpha1.ActiveDirectoryIdentityProvider{} + err = c.client.Post(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(activeDirectoryIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a activeDirectoryIdentityProvider and updates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. +func (c *activeDirectoryIdentityProviders) Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + result = &v1alpha1.ActiveDirectoryIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + Name(activeDirectoryIdentityProvider.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(activeDirectoryIdentityProvider). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *activeDirectoryIdentityProviders) UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + result = &v1alpha1.ActiveDirectoryIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + Name(activeDirectoryIdentityProvider.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(activeDirectoryIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. +func (c *activeDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *activeDirectoryIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched activeDirectoryIdentityProvider. +func (c *activeDirectoryIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + result = &v1alpha1.ActiveDirectoryIdentityProvider{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("activedirectoryidentityproviders"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go new file mode 100644 index 00000000..e7a470b6 --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go new file mode 100644 index 00000000..7906901b --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go @@ -0,0 +1,7 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go new file mode 100644 index 00000000..e53e9ba2 --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go @@ -0,0 +1,129 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeActiveDirectoryIdentityProviders implements ActiveDirectoryIdentityProviderInterface +type FakeActiveDirectoryIdentityProviders struct { + Fake *FakeIDPV1alpha1 + ns string +} + +var activedirectoryidentityprovidersResource = schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "activedirectoryidentityproviders"} + +var activedirectoryidentityprovidersKind = schema.GroupVersionKind{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "ActiveDirectoryIdentityProvider"} + +// Get takes name of the activeDirectoryIdentityProvider, and returns the corresponding activeDirectoryIdentityProvider object, and an error if there is any. +func (c *FakeActiveDirectoryIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(activedirectoryidentityprovidersResource, c.ns, name), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err +} + +// List takes label and field selectors, and returns the list of ActiveDirectoryIdentityProviders that match those selectors. +func (c *FakeActiveDirectoryIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ActiveDirectoryIdentityProviderList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(activedirectoryidentityprovidersResource, activedirectoryidentityprovidersKind, c.ns, opts), &v1alpha1.ActiveDirectoryIdentityProviderList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.ActiveDirectoryIdentityProviderList{ListMeta: obj.(*v1alpha1.ActiveDirectoryIdentityProviderList).ListMeta} + for _, item := range obj.(*v1alpha1.ActiveDirectoryIdentityProviderList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested activeDirectoryIdentityProviders. +func (c *FakeActiveDirectoryIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(activedirectoryidentityprovidersResource, c.ns, opts)) + +} + +// Create takes the representation of a activeDirectoryIdentityProvider and creates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. +func (c *FakeActiveDirectoryIdentityProviders) Create(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(activedirectoryidentityprovidersResource, c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err +} + +// Update takes the representation of a activeDirectoryIdentityProvider and updates it. Returns the server's representation of the activeDirectoryIdentityProvider, and an error, if there is any. +func (c *FakeActiveDirectoryIdentityProviders) Update(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(activedirectoryidentityprovidersResource, c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeActiveDirectoryIdentityProviders) UpdateStatus(ctx context.Context, activeDirectoryIdentityProvider *v1alpha1.ActiveDirectoryIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.ActiveDirectoryIdentityProvider, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(activedirectoryidentityprovidersResource, "status", c.ns, activeDirectoryIdentityProvider), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err +} + +// Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. +func (c *FakeActiveDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteActionWithOptions(activedirectoryidentityprovidersResource, c.ns, name, opts), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeActiveDirectoryIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(activedirectoryidentityprovidersResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.ActiveDirectoryIdentityProviderList{}) + return err +} + +// Patch applies the patch and returns the patched activeDirectoryIdentityProvider. +func (c *FakeActiveDirectoryIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ActiveDirectoryIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(activedirectoryidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.ActiveDirectoryIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), err +} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go new file mode 100644 index 00000000..a64b421a --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go @@ -0,0 +1,35 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeIDPV1alpha1 struct { + *testing.Fake +} + +func (c *FakeIDPV1alpha1) ActiveDirectoryIdentityProviders(namespace string) v1alpha1.ActiveDirectoryIdentityProviderInterface { + return &FakeActiveDirectoryIdentityProviders{c, namespace} +} + +func (c *FakeIDPV1alpha1) LDAPIdentityProviders(namespace string) v1alpha1.LDAPIdentityProviderInterface { + return &FakeLDAPIdentityProviders{c, namespace} +} + +func (c *FakeIDPV1alpha1) OIDCIdentityProviders(namespace string) v1alpha1.OIDCIdentityProviderInterface { + return &FakeOIDCIdentityProviders{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeIDPV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go new file mode 100644 index 00000000..13d7f7c2 --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go @@ -0,0 +1,129 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeLDAPIdentityProviders implements LDAPIdentityProviderInterface +type FakeLDAPIdentityProviders struct { + Fake *FakeIDPV1alpha1 + ns string +} + +var ldapidentityprovidersResource = schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "ldapidentityproviders"} + +var ldapidentityprovidersKind = schema.GroupVersionKind{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "LDAPIdentityProvider"} + +// Get takes name of the lDAPIdentityProvider, and returns the corresponding lDAPIdentityProvider object, and an error if there is any. +func (c *FakeLDAPIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(ldapidentityprovidersResource, c.ns, name), &v1alpha1.LDAPIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.LDAPIdentityProvider), err +} + +// List takes label and field selectors, and returns the list of LDAPIdentityProviders that match those selectors. +func (c *FakeLDAPIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.LDAPIdentityProviderList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(ldapidentityprovidersResource, ldapidentityprovidersKind, c.ns, opts), &v1alpha1.LDAPIdentityProviderList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.LDAPIdentityProviderList{ListMeta: obj.(*v1alpha1.LDAPIdentityProviderList).ListMeta} + for _, item := range obj.(*v1alpha1.LDAPIdentityProviderList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested lDAPIdentityProviders. +func (c *FakeLDAPIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(ldapidentityprovidersResource, c.ns, opts)) + +} + +// Create takes the representation of a lDAPIdentityProvider and creates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. +func (c *FakeLDAPIdentityProviders) Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(ldapidentityprovidersResource, c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.LDAPIdentityProvider), err +} + +// Update takes the representation of a lDAPIdentityProvider and updates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. +func (c *FakeLDAPIdentityProviders) Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(ldapidentityprovidersResource, c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.LDAPIdentityProvider), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeLDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(ldapidentityprovidersResource, "status", c.ns, lDAPIdentityProvider), &v1alpha1.LDAPIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.LDAPIdentityProvider), err +} + +// Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. +func (c *FakeLDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteActionWithOptions(ldapidentityprovidersResource, c.ns, name, opts), &v1alpha1.LDAPIdentityProvider{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeLDAPIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(ldapidentityprovidersResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.LDAPIdentityProviderList{}) + return err +} + +// Patch applies the patch and returns the patched lDAPIdentityProvider. +func (c *FakeLDAPIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(ldapidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.LDAPIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.LDAPIdentityProvider), err +} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go new file mode 100644 index 00000000..e16eded8 --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go @@ -0,0 +1,129 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeOIDCIdentityProviders implements OIDCIdentityProviderInterface +type FakeOIDCIdentityProviders struct { + Fake *FakeIDPV1alpha1 + ns string +} + +var oidcidentityprovidersResource = schema.GroupVersionResource{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcidentityproviders"} + +var oidcidentityprovidersKind = schema.GroupVersionKind{Group: "idp.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCIdentityProvider"} + +// Get takes name of the oIDCIdentityProvider, and returns the corresponding oIDCIdentityProvider object, and an error if there is any. +func (c *FakeOIDCIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(oidcidentityprovidersResource, c.ns, name), &v1alpha1.OIDCIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCIdentityProvider), err +} + +// List takes label and field selectors, and returns the list of OIDCIdentityProviders that match those selectors. +func (c *FakeOIDCIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCIdentityProviderList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(oidcidentityprovidersResource, oidcidentityprovidersKind, c.ns, opts), &v1alpha1.OIDCIdentityProviderList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.OIDCIdentityProviderList{ListMeta: obj.(*v1alpha1.OIDCIdentityProviderList).ListMeta} + for _, item := range obj.(*v1alpha1.OIDCIdentityProviderList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested oIDCIdentityProviders. +func (c *FakeOIDCIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(oidcidentityprovidersResource, c.ns, opts)) + +} + +// Create takes the representation of a oIDCIdentityProvider and creates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. +func (c *FakeOIDCIdentityProviders) Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(oidcidentityprovidersResource, c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCIdentityProvider), err +} + +// Update takes the representation of a oIDCIdentityProvider and updates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. +func (c *FakeOIDCIdentityProviders) Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(oidcidentityprovidersResource, c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCIdentityProvider), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeOIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(oidcidentityprovidersResource, "status", c.ns, oIDCIdentityProvider), &v1alpha1.OIDCIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCIdentityProvider), err +} + +// Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. +func (c *FakeOIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteActionWithOptions(oidcidentityprovidersResource, c.ns, name, opts), &v1alpha1.OIDCIdentityProvider{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeOIDCIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(oidcidentityprovidersResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.OIDCIdentityProviderList{}) + return err +} + +// Patch applies the patch and returns the patched oIDCIdentityProvider. +func (c *FakeOIDCIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(oidcidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCIdentityProvider{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCIdentityProvider), err +} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go new file mode 100644 index 00000000..cbefaca4 --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go @@ -0,0 +1,12 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type ActiveDirectoryIdentityProviderExpansion interface{} + +type LDAPIdentityProviderExpansion interface{} + +type OIDCIdentityProviderExpansion interface{} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go new file mode 100644 index 00000000..72534e95 --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go @@ -0,0 +1,104 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "net/http" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" + "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type IDPV1alpha1Interface interface { + RESTClient() rest.Interface + ActiveDirectoryIdentityProvidersGetter + LDAPIdentityProvidersGetter + OIDCIdentityProvidersGetter +} + +// IDPV1alpha1Client is used to interact with features provided by the idp.supervisor.pinniped.dev group. +type IDPV1alpha1Client struct { + restClient rest.Interface +} + +func (c *IDPV1alpha1Client) ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderInterface { + return newActiveDirectoryIdentityProviders(c, namespace) +} + +func (c *IDPV1alpha1Client) LDAPIdentityProviders(namespace string) LDAPIdentityProviderInterface { + return newLDAPIdentityProviders(c, namespace) +} + +func (c *IDPV1alpha1Client) OIDCIdentityProviders(namespace string) OIDCIdentityProviderInterface { + return newOIDCIdentityProviders(c, namespace) +} + +// NewForConfig creates a new IDPV1alpha1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). +func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new IDPV1alpha1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*IDPV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) + if err != nil { + return nil, err + } + return &IDPV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new IDPV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *IDPV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new IDPV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *IDPV1alpha1Client { + return &IDPV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *IDPV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go new file mode 100644 index 00000000..a3658751 --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go @@ -0,0 +1,182 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// LDAPIdentityProvidersGetter has a method to return a LDAPIdentityProviderInterface. +// A group's client should implement this interface. +type LDAPIdentityProvidersGetter interface { + LDAPIdentityProviders(namespace string) LDAPIdentityProviderInterface +} + +// LDAPIdentityProviderInterface has methods to work with LDAPIdentityProvider resources. +type LDAPIdentityProviderInterface interface { + Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (*v1alpha1.LDAPIdentityProvider, error) + Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) + UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.LDAPIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.LDAPIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.LDAPIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) + LDAPIdentityProviderExpansion +} + +// lDAPIdentityProviders implements LDAPIdentityProviderInterface +type lDAPIdentityProviders struct { + client rest.Interface + ns string +} + +// newLDAPIdentityProviders returns a LDAPIdentityProviders +func newLDAPIdentityProviders(c *IDPV1alpha1Client, namespace string) *lDAPIdentityProviders { + return &lDAPIdentityProviders{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the lDAPIdentityProvider, and returns the corresponding lDAPIdentityProvider object, and an error if there is any. +func (c *lDAPIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + result = &v1alpha1.LDAPIdentityProvider{} + err = c.client.Get(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of LDAPIdentityProviders that match those selectors. +func (c *lDAPIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.LDAPIdentityProviderList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.LDAPIdentityProviderList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested lDAPIdentityProviders. +func (c *lDAPIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a lDAPIdentityProvider and creates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. +func (c *lDAPIdentityProviders) Create(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + result = &v1alpha1.LDAPIdentityProvider{} + err = c.client.Post(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(lDAPIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a lDAPIdentityProvider and updates it. Returns the server's representation of the lDAPIdentityProvider, and an error, if there is any. +func (c *lDAPIdentityProviders) Update(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + result = &v1alpha1.LDAPIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + Name(lDAPIdentityProvider.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(lDAPIdentityProvider). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *lDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdentityProvider *v1alpha1.LDAPIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.LDAPIdentityProvider, err error) { + result = &v1alpha1.LDAPIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + Name(lDAPIdentityProvider.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(lDAPIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. +func (c *lDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *lDAPIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("ldapidentityproviders"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched lDAPIdentityProvider. +func (c *lDAPIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.LDAPIdentityProvider, err error) { + result = &v1alpha1.LDAPIdentityProvider{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("ldapidentityproviders"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go new file mode 100644 index 00000000..00e1a8e4 --- /dev/null +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go @@ -0,0 +1,182 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" + scheme "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// OIDCIdentityProvidersGetter has a method to return a OIDCIdentityProviderInterface. +// A group's client should implement this interface. +type OIDCIdentityProvidersGetter interface { + OIDCIdentityProviders(namespace string) OIDCIdentityProviderInterface +} + +// OIDCIdentityProviderInterface has methods to work with OIDCIdentityProvider resources. +type OIDCIdentityProviderInterface interface { + Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (*v1alpha1.OIDCIdentityProvider, error) + Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) + UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCIdentityProvider, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCIdentityProvider, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCIdentityProviderList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) + OIDCIdentityProviderExpansion +} + +// oIDCIdentityProviders implements OIDCIdentityProviderInterface +type oIDCIdentityProviders struct { + client rest.Interface + ns string +} + +// newOIDCIdentityProviders returns a OIDCIdentityProviders +func newOIDCIdentityProviders(c *IDPV1alpha1Client, namespace string) *oIDCIdentityProviders { + return &oIDCIdentityProviders{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the oIDCIdentityProvider, and returns the corresponding oIDCIdentityProvider object, and an error if there is any. +func (c *oIDCIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + result = &v1alpha1.OIDCIdentityProvider{} + err = c.client.Get(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of OIDCIdentityProviders that match those selectors. +func (c *oIDCIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCIdentityProviderList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.OIDCIdentityProviderList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested oIDCIdentityProviders. +func (c *oIDCIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a oIDCIdentityProvider and creates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. +func (c *oIDCIdentityProviders) Create(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + result = &v1alpha1.OIDCIdentityProvider{} + err = c.client.Post(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(oIDCIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a oIDCIdentityProvider and updates it. Returns the server's representation of the oIDCIdentityProvider, and an error, if there is any. +func (c *oIDCIdentityProviders) Update(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + result = &v1alpha1.OIDCIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + Name(oIDCIdentityProvider.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(oIDCIdentityProvider). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *oIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdentityProvider *v1alpha1.OIDCIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCIdentityProvider, err error) { + result = &v1alpha1.OIDCIdentityProvider{} + err = c.client.Put(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + Name(oIDCIdentityProvider.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(oIDCIdentityProvider). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. +func (c *oIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *oIDCIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("oidcidentityproviders"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched oIDCIdentityProvider. +func (c *oIDCIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCIdentityProvider, err error) { + result = &v1alpha1.OIDCIdentityProvider{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("oidcidentityproviders"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.23/client/supervisor/informers/externalversions/config/interface.go b/generated/1.23/client/supervisor/informers/externalversions/config/interface.go new file mode 100644 index 00000000..b2db71c8 --- /dev/null +++ b/generated/1.23/client/supervisor/informers/externalversions/config/interface.go @@ -0,0 +1,33 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package config + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/config/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/generated/1.23/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go b/generated/1.23/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go new file mode 100644 index 00000000..217b9228 --- /dev/null +++ b/generated/1.23/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go @@ -0,0 +1,77 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + configv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/config/v1alpha1" + versioned "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/listers/config/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// FederationDomainInformer provides access to a shared informer and lister for +// FederationDomains. +type FederationDomainInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.FederationDomainLister +} + +type federationDomainInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewFederationDomainInformer constructs a new informer for FederationDomain type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredFederationDomainInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredFederationDomainInformer constructs a new informer for FederationDomain type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredFederationDomainInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().FederationDomains(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.ConfigV1alpha1().FederationDomains(namespace).Watch(context.TODO(), options) + }, + }, + &configv1alpha1.FederationDomain{}, + resyncPeriod, + indexers, + ) +} + +func (f *federationDomainInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredFederationDomainInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *federationDomainInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&configv1alpha1.FederationDomain{}, f.defaultInformer) +} + +func (f *federationDomainInformer) Lister() v1alpha1.FederationDomainLister { + return v1alpha1.NewFederationDomainLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.23/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.23/client/supervisor/informers/externalversions/config/v1alpha1/interface.go new file mode 100644 index 00000000..c2a3fb35 --- /dev/null +++ b/generated/1.23/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -0,0 +1,32 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // FederationDomains returns a FederationDomainInformer. + FederationDomains() FederationDomainInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// FederationDomains returns a FederationDomainInformer. +func (v *version) FederationDomains() FederationDomainInformer { + return &federationDomainInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.23/client/supervisor/informers/externalversions/factory.go b/generated/1.23/client/supervisor/informers/externalversions/factory.go new file mode 100644 index 00000000..25a2ea38 --- /dev/null +++ b/generated/1.23/client/supervisor/informers/externalversions/factory.go @@ -0,0 +1,173 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + reflect "reflect" + sync "sync" + time "time" + + versioned "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned" + config "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/config" + idp "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/idp" + internalinterfaces "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/internalinterfaces" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// SharedInformerOption defines the functional option type for SharedInformerFactory. +type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory + +type sharedInformerFactory struct { + client versioned.Interface + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc + lock sync.Mutex + defaultResync time.Duration + customResync map[reflect.Type]time.Duration + + informers map[reflect.Type]cache.SharedIndexInformer + // startedInformers is used for tracking which informers have been started. + // This allows Start() to be called multiple times safely. + startedInformers map[reflect.Type]bool +} + +// WithCustomResyncConfig sets a custom resync period for the specified informer types. +func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + for k, v := range resyncConfig { + factory.customResync[reflect.TypeOf(k)] = v + } + return factory + } +} + +// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. +func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.tweakListOptions = tweakListOptions + return factory + } +} + +// WithNamespace limits the SharedInformerFactory to the specified namespace. +func WithNamespace(namespace string) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.namespace = namespace + return factory + } +} + +// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. +func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync) +} + +// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. +// Listers obtained via this SharedInformerFactory will be subject to the same filters +// as specified here. +// Deprecated: Please use NewSharedInformerFactoryWithOptions instead +func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) +} + +// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. +func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { + factory := &sharedInformerFactory{ + client: client, + namespace: v1.NamespaceAll, + defaultResync: defaultResync, + informers: make(map[reflect.Type]cache.SharedIndexInformer), + startedInformers: make(map[reflect.Type]bool), + customResync: make(map[reflect.Type]time.Duration), + } + + // Apply all options + for _, opt := range options { + factory = opt(factory) + } + + return factory +} + +// Start initializes all requested informers. +func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.lock.Lock() + defer f.lock.Unlock() + + for informerType, informer := range f.informers { + if !f.startedInformers[informerType] { + go informer.Run(stopCh) + f.startedInformers[informerType] = true + } + } +} + +// WaitForCacheSync waits for all started informers' cache were synced. +func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + informers := func() map[reflect.Type]cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informers := map[reflect.Type]cache.SharedIndexInformer{} + for informerType, informer := range f.informers { + if f.startedInformers[informerType] { + informers[informerType] = informer + } + } + return informers + }() + + res := map[reflect.Type]bool{} + for informType, informer := range informers { + res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + } + return res +} + +// InternalInformerFor returns the SharedIndexInformer for obj using an internal +// client. +func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informerType := reflect.TypeOf(obj) + informer, exists := f.informers[informerType] + if exists { + return informer + } + + resyncPeriod, exists := f.customResync[informerType] + if !exists { + resyncPeriod = f.defaultResync + } + + informer = newFunc(f.client, resyncPeriod) + f.informers[informerType] = informer + + return informer +} + +// SharedInformerFactory provides shared informers for resources in all known +// API group versions. +type SharedInformerFactory interface { + internalinterfaces.SharedInformerFactory + ForResource(resource schema.GroupVersionResource) (GenericInformer, error) + WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + + Config() config.Interface + IDP() idp.Interface +} + +func (f *sharedInformerFactory) Config() config.Interface { + return config.New(f, f.namespace, f.tweakListOptions) +} + +func (f *sharedInformerFactory) IDP() idp.Interface { + return idp.New(f, f.namespace, f.tweakListOptions) +} diff --git a/generated/1.23/client/supervisor/informers/externalversions/generic.go b/generated/1.23/client/supervisor/informers/externalversions/generic.go new file mode 100644 index 00000000..efeda809 --- /dev/null +++ b/generated/1.23/client/supervisor/informers/externalversions/generic.go @@ -0,0 +1,58 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + "fmt" + + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// GenericInformer is type of SharedIndexInformer which will locate and delegate to other +// sharedInformers based on type +type GenericInformer interface { + Informer() cache.SharedIndexInformer + Lister() cache.GenericLister +} + +type genericInformer struct { + informer cache.SharedIndexInformer + resource schema.GroupResource +} + +// Informer returns the SharedIndexInformer. +func (f *genericInformer) Informer() cache.SharedIndexInformer { + return f.informer +} + +// Lister returns the GenericLister. +func (f *genericInformer) Lister() cache.GenericLister { + return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) +} + +// ForResource gives generic access to a shared informer of the matching type +// TODO extend this to unknown resources with a client pool +func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { + switch resource { + // Group=config.supervisor.pinniped.dev, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithResource("federationdomains"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().FederationDomains().Informer()}, nil + + // Group=idp.supervisor.pinniped.dev, Version=v1alpha1 + case idpv1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"): + return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().ActiveDirectoryIdentityProviders().Informer()}, nil + case idpv1alpha1.SchemeGroupVersion.WithResource("ldapidentityproviders"): + return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().LDAPIdentityProviders().Informer()}, nil + case idpv1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"): + return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().OIDCIdentityProviders().Informer()}, nil + + } + + return nil, fmt.Errorf("no informer found for %v", resource) +} diff --git a/generated/1.23/client/supervisor/informers/externalversions/idp/interface.go b/generated/1.23/client/supervisor/informers/externalversions/idp/interface.go new file mode 100644 index 00000000..6ac00922 --- /dev/null +++ b/generated/1.23/client/supervisor/informers/externalversions/idp/interface.go @@ -0,0 +1,33 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package idp + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1" + internalinterfaces "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go new file mode 100644 index 00000000..2f6030b9 --- /dev/null +++ b/generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go @@ -0,0 +1,77 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + idpv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/listers/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// ActiveDirectoryIdentityProviderInformer provides access to a shared informer and lister for +// ActiveDirectoryIdentityProviders. +type ActiveDirectoryIdentityProviderInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.ActiveDirectoryIdentityProviderLister +} + +type activeDirectoryIdentityProviderInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewActiveDirectoryIdentityProviderInformer constructs a new informer for ActiveDirectoryIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredActiveDirectoryIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredActiveDirectoryIdentityProviderInformer constructs a new informer for ActiveDirectoryIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredActiveDirectoryIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().ActiveDirectoryIdentityProviders(namespace).Watch(context.TODO(), options) + }, + }, + &idpv1alpha1.ActiveDirectoryIdentityProvider{}, + resyncPeriod, + indexers, + ) +} + +func (f *activeDirectoryIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredActiveDirectoryIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *activeDirectoryIdentityProviderInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&idpv1alpha1.ActiveDirectoryIdentityProvider{}, f.defaultInformer) +} + +func (f *activeDirectoryIdentityProviderInformer) Lister() v1alpha1.ActiveDirectoryIdentityProviderLister { + return v1alpha1.NewActiveDirectoryIdentityProviderLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go b/generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go new file mode 100644 index 00000000..c5bc9949 --- /dev/null +++ b/generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go @@ -0,0 +1,46 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // ActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviderInformer. + ActiveDirectoryIdentityProviders() ActiveDirectoryIdentityProviderInformer + // LDAPIdentityProviders returns a LDAPIdentityProviderInformer. + LDAPIdentityProviders() LDAPIdentityProviderInformer + // OIDCIdentityProviders returns a OIDCIdentityProviderInformer. + OIDCIdentityProviders() OIDCIdentityProviderInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// ActiveDirectoryIdentityProviders returns a ActiveDirectoryIdentityProviderInformer. +func (v *version) ActiveDirectoryIdentityProviders() ActiveDirectoryIdentityProviderInformer { + return &activeDirectoryIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + +// LDAPIdentityProviders returns a LDAPIdentityProviderInformer. +func (v *version) LDAPIdentityProviders() LDAPIdentityProviderInformer { + return &lDAPIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + +// OIDCIdentityProviders returns a OIDCIdentityProviderInformer. +func (v *version) OIDCIdentityProviders() OIDCIdentityProviderInformer { + return &oIDCIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go b/generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go new file mode 100644 index 00000000..c61eb2c8 --- /dev/null +++ b/generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go @@ -0,0 +1,77 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + idpv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/listers/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// LDAPIdentityProviderInformer provides access to a shared informer and lister for +// LDAPIdentityProviders. +type LDAPIdentityProviderInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.LDAPIdentityProviderLister +} + +type lDAPIdentityProviderInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewLDAPIdentityProviderInformer constructs a new informer for LDAPIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredLDAPIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredLDAPIdentityProviderInformer constructs a new informer for LDAPIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredLDAPIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().LDAPIdentityProviders(namespace).Watch(context.TODO(), options) + }, + }, + &idpv1alpha1.LDAPIdentityProvider{}, + resyncPeriod, + indexers, + ) +} + +func (f *lDAPIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredLDAPIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *lDAPIdentityProviderInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&idpv1alpha1.LDAPIdentityProvider{}, f.defaultInformer) +} + +func (f *lDAPIdentityProviderInformer) Lister() v1alpha1.LDAPIdentityProviderLister { + return v1alpha1.NewLDAPIdentityProviderLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go b/generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go new file mode 100644 index 00000000..ba2a9c5d --- /dev/null +++ b/generated/1.23/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go @@ -0,0 +1,77 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + idpv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" + versioned "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/listers/idp/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// OIDCIdentityProviderInformer provides access to a shared informer and lister for +// OIDCIdentityProviders. +type OIDCIdentityProviderInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.OIDCIdentityProviderLister +} + +type oIDCIdentityProviderInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewOIDCIdentityProviderInformer constructs a new informer for OIDCIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredOIDCIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredOIDCIdentityProviderInformer constructs a new informer for OIDCIdentityProvider type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredOIDCIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.IDPV1alpha1().OIDCIdentityProviders(namespace).Watch(context.TODO(), options) + }, + }, + &idpv1alpha1.OIDCIdentityProvider{}, + resyncPeriod, + indexers, + ) +} + +func (f *oIDCIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredOIDCIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *oIDCIdentityProviderInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&idpv1alpha1.OIDCIdentityProvider{}, f.defaultInformer) +} + +func (f *oIDCIdentityProviderInformer) Lister() v1alpha1.OIDCIdentityProviderLister { + return v1alpha1.NewOIDCIdentityProviderLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.23/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/1.23/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go new file mode 100644 index 00000000..26252eb0 --- /dev/null +++ b/generated/1.23/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -0,0 +1,27 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package internalinterfaces + +import ( + time "time" + + versioned "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + cache "k8s.io/client-go/tools/cache" +) + +// NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer. +type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer + +// SharedInformerFactory a small interface to allow for adding an informer without an import cycle +type SharedInformerFactory interface { + Start(stopCh <-chan struct{}) + InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer +} + +// TweakListOptionsFunc is a function that transforms a v1.ListOptions. +type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/generated/1.23/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.23/client/supervisor/listers/config/v1alpha1/expansion_generated.go new file mode 100644 index 00000000..d59892c4 --- /dev/null +++ b/generated/1.23/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -0,0 +1,14 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// FederationDomainListerExpansion allows custom methods to be added to +// FederationDomainLister. +type FederationDomainListerExpansion interface{} + +// FederationDomainNamespaceListerExpansion allows custom methods to be added to +// FederationDomainNamespaceLister. +type FederationDomainNamespaceListerExpansion interface{} diff --git a/generated/1.23/client/supervisor/listers/config/v1alpha1/federationdomain.go b/generated/1.23/client/supervisor/listers/config/v1alpha1/federationdomain.go new file mode 100644 index 00000000..5272f7a4 --- /dev/null +++ b/generated/1.23/client/supervisor/listers/config/v1alpha1/federationdomain.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/config/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// FederationDomainLister helps list FederationDomains. +// All objects returned here must be treated as read-only. +type FederationDomainLister interface { + // List lists all FederationDomains in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) + // FederationDomains returns an object that can list and get FederationDomains. + FederationDomains(namespace string) FederationDomainNamespaceLister + FederationDomainListerExpansion +} + +// federationDomainLister implements the FederationDomainLister interface. +type federationDomainLister struct { + indexer cache.Indexer +} + +// NewFederationDomainLister returns a new FederationDomainLister. +func NewFederationDomainLister(indexer cache.Indexer) FederationDomainLister { + return &federationDomainLister{indexer: indexer} +} + +// List lists all FederationDomains in the indexer. +func (s *federationDomainLister) List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.FederationDomain)) + }) + return ret, err +} + +// FederationDomains returns an object that can list and get FederationDomains. +func (s *federationDomainLister) FederationDomains(namespace string) FederationDomainNamespaceLister { + return federationDomainNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// FederationDomainNamespaceLister helps list and get FederationDomains. +// All objects returned here must be treated as read-only. +type FederationDomainNamespaceLister interface { + // List lists all FederationDomains in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) + // Get retrieves the FederationDomain from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.FederationDomain, error) + FederationDomainNamespaceListerExpansion +} + +// federationDomainNamespaceLister implements the FederationDomainNamespaceLister +// interface. +type federationDomainNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all FederationDomains in the indexer for a given namespace. +func (s federationDomainNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.FederationDomain, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.FederationDomain)) + }) + return ret, err +} + +// Get retrieves the FederationDomain from the indexer for a given namespace and name. +func (s federationDomainNamespaceLister) Get(name string) (*v1alpha1.FederationDomain, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("federationdomain"), name) + } + return obj.(*v1alpha1.FederationDomain), nil +} diff --git a/generated/1.23/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/1.23/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go new file mode 100644 index 00000000..9ec9c8c8 --- /dev/null +++ b/generated/1.23/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// ActiveDirectoryIdentityProviderLister helps list ActiveDirectoryIdentityProviders. +// All objects returned here must be treated as read-only. +type ActiveDirectoryIdentityProviderLister interface { + // List lists all ActiveDirectoryIdentityProviders in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) + // ActiveDirectoryIdentityProviders returns an object that can list and get ActiveDirectoryIdentityProviders. + ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderNamespaceLister + ActiveDirectoryIdentityProviderListerExpansion +} + +// activeDirectoryIdentityProviderLister implements the ActiveDirectoryIdentityProviderLister interface. +type activeDirectoryIdentityProviderLister struct { + indexer cache.Indexer +} + +// NewActiveDirectoryIdentityProviderLister returns a new ActiveDirectoryIdentityProviderLister. +func NewActiveDirectoryIdentityProviderLister(indexer cache.Indexer) ActiveDirectoryIdentityProviderLister { + return &activeDirectoryIdentityProviderLister{indexer: indexer} +} + +// List lists all ActiveDirectoryIdentityProviders in the indexer. +func (s *activeDirectoryIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.ActiveDirectoryIdentityProvider)) + }) + return ret, err +} + +// ActiveDirectoryIdentityProviders returns an object that can list and get ActiveDirectoryIdentityProviders. +func (s *activeDirectoryIdentityProviderLister) ActiveDirectoryIdentityProviders(namespace string) ActiveDirectoryIdentityProviderNamespaceLister { + return activeDirectoryIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// ActiveDirectoryIdentityProviderNamespaceLister helps list and get ActiveDirectoryIdentityProviders. +// All objects returned here must be treated as read-only. +type ActiveDirectoryIdentityProviderNamespaceLister interface { + // List lists all ActiveDirectoryIdentityProviders in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) + // Get retrieves the ActiveDirectoryIdentityProvider from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.ActiveDirectoryIdentityProvider, error) + ActiveDirectoryIdentityProviderNamespaceListerExpansion +} + +// activeDirectoryIdentityProviderNamespaceLister implements the ActiveDirectoryIdentityProviderNamespaceLister +// interface. +type activeDirectoryIdentityProviderNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all ActiveDirectoryIdentityProviders in the indexer for a given namespace. +func (s activeDirectoryIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.ActiveDirectoryIdentityProvider, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.ActiveDirectoryIdentityProvider)) + }) + return ret, err +} + +// Get retrieves the ActiveDirectoryIdentityProvider from the indexer for a given namespace and name. +func (s activeDirectoryIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.ActiveDirectoryIdentityProvider, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("activedirectoryidentityprovider"), name) + } + return obj.(*v1alpha1.ActiveDirectoryIdentityProvider), nil +} diff --git a/generated/1.23/client/supervisor/listers/idp/v1alpha1/expansion_generated.go b/generated/1.23/client/supervisor/listers/idp/v1alpha1/expansion_generated.go new file mode 100644 index 00000000..d79cd0fe --- /dev/null +++ b/generated/1.23/client/supervisor/listers/idp/v1alpha1/expansion_generated.go @@ -0,0 +1,30 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// ActiveDirectoryIdentityProviderListerExpansion allows custom methods to be added to +// ActiveDirectoryIdentityProviderLister. +type ActiveDirectoryIdentityProviderListerExpansion interface{} + +// ActiveDirectoryIdentityProviderNamespaceListerExpansion allows custom methods to be added to +// ActiveDirectoryIdentityProviderNamespaceLister. +type ActiveDirectoryIdentityProviderNamespaceListerExpansion interface{} + +// LDAPIdentityProviderListerExpansion allows custom methods to be added to +// LDAPIdentityProviderLister. +type LDAPIdentityProviderListerExpansion interface{} + +// LDAPIdentityProviderNamespaceListerExpansion allows custom methods to be added to +// LDAPIdentityProviderNamespaceLister. +type LDAPIdentityProviderNamespaceListerExpansion interface{} + +// OIDCIdentityProviderListerExpansion allows custom methods to be added to +// OIDCIdentityProviderLister. +type OIDCIdentityProviderListerExpansion interface{} + +// OIDCIdentityProviderNamespaceListerExpansion allows custom methods to be added to +// OIDCIdentityProviderNamespaceLister. +type OIDCIdentityProviderNamespaceListerExpansion interface{} diff --git a/generated/1.23/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go b/generated/1.23/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go new file mode 100644 index 00000000..6d287ab3 --- /dev/null +++ b/generated/1.23/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// LDAPIdentityProviderLister helps list LDAPIdentityProviders. +// All objects returned here must be treated as read-only. +type LDAPIdentityProviderLister interface { + // List lists all LDAPIdentityProviders in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) + // LDAPIdentityProviders returns an object that can list and get LDAPIdentityProviders. + LDAPIdentityProviders(namespace string) LDAPIdentityProviderNamespaceLister + LDAPIdentityProviderListerExpansion +} + +// lDAPIdentityProviderLister implements the LDAPIdentityProviderLister interface. +type lDAPIdentityProviderLister struct { + indexer cache.Indexer +} + +// NewLDAPIdentityProviderLister returns a new LDAPIdentityProviderLister. +func NewLDAPIdentityProviderLister(indexer cache.Indexer) LDAPIdentityProviderLister { + return &lDAPIdentityProviderLister{indexer: indexer} +} + +// List lists all LDAPIdentityProviders in the indexer. +func (s *lDAPIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.LDAPIdentityProvider)) + }) + return ret, err +} + +// LDAPIdentityProviders returns an object that can list and get LDAPIdentityProviders. +func (s *lDAPIdentityProviderLister) LDAPIdentityProviders(namespace string) LDAPIdentityProviderNamespaceLister { + return lDAPIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// LDAPIdentityProviderNamespaceLister helps list and get LDAPIdentityProviders. +// All objects returned here must be treated as read-only. +type LDAPIdentityProviderNamespaceLister interface { + // List lists all LDAPIdentityProviders in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) + // Get retrieves the LDAPIdentityProvider from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.LDAPIdentityProvider, error) + LDAPIdentityProviderNamespaceListerExpansion +} + +// lDAPIdentityProviderNamespaceLister implements the LDAPIdentityProviderNamespaceLister +// interface. +type lDAPIdentityProviderNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all LDAPIdentityProviders in the indexer for a given namespace. +func (s lDAPIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.LDAPIdentityProvider, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.LDAPIdentityProvider)) + }) + return ret, err +} + +// Get retrieves the LDAPIdentityProvider from the indexer for a given namespace and name. +func (s lDAPIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.LDAPIdentityProvider, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("ldapidentityprovider"), name) + } + return obj.(*v1alpha1.LDAPIdentityProvider), nil +} diff --git a/generated/1.23/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go b/generated/1.23/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go new file mode 100644 index 00000000..2f6f1247 --- /dev/null +++ b/generated/1.23/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// OIDCIdentityProviderLister helps list OIDCIdentityProviders. +// All objects returned here must be treated as read-only. +type OIDCIdentityProviderLister interface { + // List lists all OIDCIdentityProviders in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) + // OIDCIdentityProviders returns an object that can list and get OIDCIdentityProviders. + OIDCIdentityProviders(namespace string) OIDCIdentityProviderNamespaceLister + OIDCIdentityProviderListerExpansion +} + +// oIDCIdentityProviderLister implements the OIDCIdentityProviderLister interface. +type oIDCIdentityProviderLister struct { + indexer cache.Indexer +} + +// NewOIDCIdentityProviderLister returns a new OIDCIdentityProviderLister. +func NewOIDCIdentityProviderLister(indexer cache.Indexer) OIDCIdentityProviderLister { + return &oIDCIdentityProviderLister{indexer: indexer} +} + +// List lists all OIDCIdentityProviders in the indexer. +func (s *oIDCIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.OIDCIdentityProvider)) + }) + return ret, err +} + +// OIDCIdentityProviders returns an object that can list and get OIDCIdentityProviders. +func (s *oIDCIdentityProviderLister) OIDCIdentityProviders(namespace string) OIDCIdentityProviderNamespaceLister { + return oIDCIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// OIDCIdentityProviderNamespaceLister helps list and get OIDCIdentityProviders. +// All objects returned here must be treated as read-only. +type OIDCIdentityProviderNamespaceLister interface { + // List lists all OIDCIdentityProviders in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) + // Get retrieves the OIDCIdentityProvider from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.OIDCIdentityProvider, error) + OIDCIdentityProviderNamespaceListerExpansion +} + +// oIDCIdentityProviderNamespaceLister implements the OIDCIdentityProviderNamespaceLister +// interface. +type oIDCIdentityProviderNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all OIDCIdentityProviders in the indexer for a given namespace. +func (s oIDCIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCIdentityProvider, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.OIDCIdentityProvider)) + }) + return ret, err +} + +// Get retrieves the OIDCIdentityProvider from the indexer for a given namespace and name. +func (s oIDCIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.OIDCIdentityProvider, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("oidcidentityprovider"), name) + } + return obj.(*v1alpha1.OIDCIdentityProvider), nil +} diff --git a/generated/1.23/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml b/generated/1.23/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml new file mode 100644 index 00000000..bf656d1f --- /dev/null +++ b/generated/1.23/crds/authentication.concierge.pinniped.dev_jwtauthenticators.yaml @@ -0,0 +1,177 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: jwtauthenticators.authentication.concierge.pinniped.dev +spec: + group: authentication.concierge.pinniped.dev + names: + categories: + - pinniped + - pinniped-authenticator + - pinniped-authenticators + kind: JWTAuthenticator + listKind: JWTAuthenticatorList + plural: jwtauthenticators + singular: jwtauthenticator + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .spec.issuer + name: Issuer + type: string + - jsonPath: .spec.audience + name: Audience + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: "JWTAuthenticator describes the configuration of a JWT authenticator. + \n Upon receiving a signed JWT, a JWTAuthenticator will performs some validation + on it (e.g., valid signature, existence of claims, etc.) and extract the + username and groups from the token." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec for configuring the authenticator. + properties: + audience: + description: Audience is the required value of the "aud" JWT claim. + minLength: 1 + type: string + claims: + description: Claims allows customization of the claims that will be + mapped to user identity for Kubernetes access. + properties: + groups: + description: Groups is the name of the claim which should be read + to extract the user's group membership from the JWT token. When + not specified, it will default to "groups". + type: string + username: + description: Username is the name of the claim which should be + read to extract the username from the JWT token. When not specified, + it will default to "username". + type: string + type: object + issuer: + description: Issuer is the OIDC issuer URL that will be used to discover + public signing keys. Issuer is also used to validate the "iss" JWT + claim. + minLength: 1 + pattern: ^https:// + type: string + tls: + description: TLS configuration for communicating with the OIDC provider. + properties: + certificateAuthorityData: + description: X.509 Certificate Authority (base64-encoded PEM bundle). + If omitted, a default set of system roots will be trusted. + type: string + type: object + required: + - audience + - issuer + type: object + status: + description: Status of the authenticator. + properties: + conditions: + description: Represents the observations of the authenticator's current + state. + items: + description: Condition status of a resource (mirrored from the metav1.Condition + type added in Kubernetes 1.19). In a future API version we can + switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.23/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml b/generated/1.23/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml new file mode 100644 index 00000000..10dcc7bd --- /dev/null +++ b/generated/1.23/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -0,0 +1,150 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: webhookauthenticators.authentication.concierge.pinniped.dev +spec: + group: authentication.concierge.pinniped.dev + names: + categories: + - pinniped + - pinniped-authenticator + - pinniped-authenticators + kind: WebhookAuthenticator + listKind: WebhookAuthenticatorList + plural: webhookauthenticators + singular: webhookauthenticator + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .spec.endpoint + name: Endpoint + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: WebhookAuthenticator describes the configuration of a webhook + authenticator. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec for configuring the authenticator. + properties: + endpoint: + description: Webhook server endpoint URL. + minLength: 1 + pattern: ^https:// + type: string + tls: + description: TLS configuration. + properties: + certificateAuthorityData: + description: X.509 Certificate Authority (base64-encoded PEM bundle). + If omitted, a default set of system roots will be trusted. + type: string + type: object + required: + - endpoint + type: object + status: + description: Status of the authenticator. + properties: + conditions: + description: Represents the observations of the authenticator's current + state. + items: + description: Condition status of a resource (mirrored from the metav1.Condition + type added in Kubernetes 1.19). In a future API version we can + switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.23/crds/config.concierge.pinniped.dev_credentialissuers.yaml b/generated/1.23/crds/config.concierge.pinniped.dev_credentialissuers.yaml new file mode 100644 index 00000000..e09709a5 --- /dev/null +++ b/generated/1.23/crds/config.concierge.pinniped.dev_credentialissuers.yaml @@ -0,0 +1,247 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: credentialissuers.config.concierge.pinniped.dev +spec: + group: config.concierge.pinniped.dev + names: + categories: + - pinniped + kind: CredentialIssuer + listKind: CredentialIssuerList + plural: credentialissuers + singular: credentialissuer + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .spec.impersonationProxy.mode + name: ProxyMode + type: string + - jsonPath: .status.strategies[?(@.status == "Success")].type + name: DefaultStrategy + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: CredentialIssuer describes the configuration and status of the + Pinniped Concierge credential issuer. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec describes the intended configuration of the Concierge. + properties: + impersonationProxy: + description: ImpersonationProxy describes the intended configuration + of the Concierge impersonation proxy. + properties: + externalEndpoint: + description: "ExternalEndpoint describes the HTTPS endpoint where + the proxy will be exposed. If not set, the proxy will be served + using the external name of the LoadBalancer service or the cluster + service DNS name. \n This field must be non-empty when spec.impersonationProxy.service.type + is \"None\"." + type: string + mode: + description: 'Mode configures whether the impersonation proxy + should be started: - "disabled" explicitly disables the impersonation + proxy. This is the default. - "enabled" explicitly enables the + impersonation proxy. - "auto" enables or disables the impersonation + proxy based upon the cluster in which it is running.' + enum: + - auto + - enabled + - disabled + type: string + service: + default: + type: LoadBalancer + description: Service describes the configuration of the Service + provisioned to expose the impersonation proxy to clients. + properties: + annotations: + additionalProperties: + type: string + description: Annotations specifies zero or more key/value + pairs to set as annotations on the provisioned Service. + type: object + loadBalancerIP: + description: LoadBalancerIP specifies the IP address to set + in the spec.loadBalancerIP field of the provisioned Service. + This is not supported on all cloud providers. + maxLength: 255 + minLength: 1 + type: string + type: + default: LoadBalancer + description: "Type specifies the type of Service to provision + for the impersonation proxy. \n If the type is \"None\", + then the \"spec.impersonationProxy.externalEndpoint\" field + must be set to a non-empty value so that the Concierge can + properly advertise the endpoint in the CredentialIssuer's + status." + enum: + - LoadBalancer + - ClusterIP + - None + type: string + type: object + required: + - mode + - service + type: object + required: + - impersonationProxy + type: object + status: + description: CredentialIssuerStatus describes the status of the Concierge. + properties: + kubeConfigInfo: + description: Information needed to form a valid Pinniped-based kubeconfig + using this credential issuer. This field is deprecated and will + be removed in a future version. + properties: + certificateAuthorityData: + description: The K8s API server CA bundle. + minLength: 1 + type: string + server: + description: The K8s API server URL. + minLength: 1 + pattern: ^https://|^http:// + type: string + required: + - certificateAuthorityData + - server + type: object + strategies: + description: List of integration strategies that were attempted by + Pinniped. + items: + description: CredentialIssuerStrategy describes the status of an + integration strategy that was attempted by Pinniped. + properties: + frontend: + description: Frontend describes how clients can connect using + this strategy. + properties: + impersonationProxyInfo: + description: ImpersonationProxyInfo describes the parameters + for the impersonation proxy on this Concierge. This field + is only set when Type is "ImpersonationProxy". + properties: + certificateAuthorityData: + description: CertificateAuthorityData is the base64-encoded + PEM CA bundle of the impersonation proxy. + minLength: 1 + type: string + endpoint: + description: Endpoint is the HTTPS endpoint of the impersonation + proxy. + minLength: 1 + pattern: ^https:// + type: string + required: + - certificateAuthorityData + - endpoint + type: object + tokenCredentialRequestInfo: + description: TokenCredentialRequestAPIInfo describes the + parameters for the TokenCredentialRequest API on this + Concierge. This field is only set when Type is "TokenCredentialRequestAPI". + properties: + certificateAuthorityData: + description: CertificateAuthorityData is the base64-encoded + Kubernetes API server CA bundle. + minLength: 1 + type: string + server: + description: Server is the Kubernetes API server URL. + minLength: 1 + pattern: ^https://|^http:// + type: string + required: + - certificateAuthorityData + - server + type: object + type: + description: Type describes which frontend mechanism clients + can use with a strategy. + enum: + - TokenCredentialRequestAPI + - ImpersonationProxy + type: string + required: + - type + type: object + lastUpdateTime: + description: When the status was last checked. + format: date-time + type: string + message: + description: Human-readable description of the current status. + minLength: 1 + type: string + reason: + description: Reason for the current status. + enum: + - Listening + - Pending + - Disabled + - ErrorDuringSetup + - CouldNotFetchKey + - CouldNotGetClusterInfo + - FetchedKey + type: string + status: + description: Status of the attempted integration strategy. + enum: + - Success + - Error + type: string + type: + description: Type of integration attempted. + enum: + - KubeClusterSigningCertificate + - ImpersonationProxy + type: string + required: + - lastUpdateTime + - message + - reason + - status + - type + type: object + type: array + required: + - strategies + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.23/crds/config.supervisor.pinniped.dev_federationdomains.yaml b/generated/1.23/crds/config.supervisor.pinniped.dev_federationdomains.yaml new file mode 100644 index 00000000..5fad1946 --- /dev/null +++ b/generated/1.23/crds/config.supervisor.pinniped.dev_federationdomains.yaml @@ -0,0 +1,170 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: federationdomains.config.supervisor.pinniped.dev +spec: + group: config.supervisor.pinniped.dev + names: + categories: + - pinniped + kind: FederationDomain + listKind: FederationDomainList + plural: federationdomains + singular: federationdomain + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.issuer + name: Issuer + type: string + - jsonPath: .status.status + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: FederationDomain describes the configuration of an OIDC provider. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec of the OIDC provider. + properties: + issuer: + description: "Issuer is the OIDC Provider's issuer, per the OIDC Discovery + Metadata document, as well as the identifier that it will use for + the iss claim in issued JWTs. This field will also be used as the + base URL for any endpoints used by the OIDC Provider (e.g., if your + issuer is https://example.com/foo, then your authorization endpoint + will look like https://example.com/foo/some/path/to/auth/endpoint). + \n See https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 + for more information." + minLength: 1 + type: string + tls: + description: TLS configures how this FederationDomain is served over + Transport Layer Security (TLS). + properties: + secretName: + description: "SecretName is an optional name of a Secret in the + same namespace, of type `kubernetes.io/tls`, which contains + the TLS serving certificate for the HTTPS endpoints served by + this FederationDomain. When provided, the TLS Secret named here + must contain keys named `tls.crt` and `tls.key` that contain + the certificate and private key to use for TLS. \n Server Name + Indication (SNI) is an extension to the Transport Layer Security + (TLS) supported by all major browsers. \n SecretName is required + if you would like to use different TLS certificates for issuers + of different hostnames. SNI requests do not include port numbers, + so all issuers with the same DNS hostname must use the same + SecretName value even if they have different port numbers. \n + SecretName is not required when you would like to use only the + HTTP endpoints (e.g. when terminating TLS at an Ingress). It + is also not required when you would like all requests to this + OIDC Provider's HTTPS endpoints to use the default TLS certificate, + which is configured elsewhere. \n When your Issuer URL's host + is an IP address, then this field is ignored. SNI does not work + for IP addresses." + type: string + type: object + required: + - issuer + type: object + status: + description: Status of the OIDC provider. + properties: + lastUpdateTime: + description: LastUpdateTime holds the time at which the Status was + last updated. It is a pointer to get around some undesirable behavior + with respect to the empty metav1.Time value (see https://github.com/kubernetes/kubernetes/issues/86811). + format: date-time + type: string + message: + description: Message provides human-readable details about the Status. + type: string + secrets: + description: Secrets contains information about this OIDC Provider's + secrets. + properties: + jwks: + description: JWKS holds the name of the corev1.Secret in which + this OIDC Provider's signing/verification keys are stored. If + it is empty, then the signing/verification keys are either unknown + or they don't exist. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + stateEncryptionKey: + description: StateSigningKey holds the name of the corev1.Secret + in which this OIDC Provider's key for encrypting state parameters + is stored. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + stateSigningKey: + description: StateSigningKey holds the name of the corev1.Secret + in which this OIDC Provider's key for signing state parameters + is stored. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + tokenSigningKey: + description: TokenSigningKey holds the name of the corev1.Secret + in which this OIDC Provider's key for signing tokens is stored. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + type: object + status: + description: Status holds an enum that describes the state of this + OIDC Provider. Note that this Status can represent success or failure. + enum: + - Success + - Duplicate + - Invalid + - SameIssuerHostMustUseSameSecret + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.23/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml b/generated/1.23/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml new file mode 100644 index 00000000..0ac278fe --- /dev/null +++ b/generated/1.23/crds/idp.supervisor.pinniped.dev_activedirectoryidentityproviders.yaml @@ -0,0 +1,305 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: activedirectoryidentityproviders.idp.supervisor.pinniped.dev +spec: + group: idp.supervisor.pinniped.dev + names: + categories: + - pinniped + - pinniped-idp + - pinniped-idps + kind: ActiveDirectoryIdentityProvider + listKind: ActiveDirectoryIdentityProviderList + plural: activedirectoryidentityproviders + singular: activedirectoryidentityprovider + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.host + name: Host + type: string + - jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: ActiveDirectoryIdentityProvider describes the configuration of + an upstream Microsoft Active Directory identity provider. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec for configuring the identity provider. + properties: + bind: + description: Bind contains the configuration for how to provide access + credentials during an initial bind to the ActiveDirectory server + to be allowed to perform searches and binds to validate a user's + credentials during a user's authentication attempt. + properties: + secretName: + description: SecretName contains the name of a namespace-local + Secret object that provides the username and password for an + Active Directory bind user. This account will be used to perform + LDAP searches. The Secret should be of type "kubernetes.io/basic-auth" + which includes "username" and "password" keys. The username + value should be the full dn (distinguished name) of your bind + account, e.g. "cn=bind-account,ou=users,dc=example,dc=com". + The password must be non-empty. + minLength: 1 + type: string + required: + - secretName + type: object + groupSearch: + description: GroupSearch contains the configuration for searching + for a user's group membership in ActiveDirectory. + properties: + attributes: + description: Attributes specifies how the group's information + should be read from each ActiveDirectory entry which was found + as the result of the group search. + properties: + groupName: + description: GroupName specifies the name of the attribute + in the Active Directory entries whose value shall become + a group name in the user's list of groups after a successful + authentication. The value of this field is case-sensitive + and must match the case of the attribute name returned by + the ActiveDirectory server in the user's entry. E.g. "cn" + for common name. Distinguished names can be used by specifying + lower-case "dn". Optional. When not specified, this defaults + to a custom field that looks like "sAMAccountName@domain", + where domain is constructed from the domain components of + the group DN. + type: string + type: object + base: + description: Base is the dn (distinguished name) that should be + used as the search base when searching for groups. E.g. "ou=groups,dc=example,dc=com". + Optional, when not specified it will be based on the result + of a query for the defaultNamingContext (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). + The default behavior searches your entire domain for groups. + It may make sense to specify a subtree as a search base if you + wish to exclude some groups for security reasons or to make + searches faster. + type: string + filter: + description: Filter is the ActiveDirectory search filter which + should be applied when searching for groups for a user. The + pattern "{}" must occur in the filter at least once and will + be dynamically replaced by the dn (distinguished name) of the + user entry found as a result of the user search. E.g. "member={}" + or "&(objectClass=groupOfNames)(member={})". For more information + about ActiveDirectory filters, see https://ldap.com/ldap-filters. + Note that the dn (distinguished name) is not an attribute of + an entry, so "dn={}" cannot be used. Optional. When not specified, + the default will act as if the filter were specified as "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={})". + This searches nested groups by default. Note that nested group + search can be slow for some Active Directory servers. To disable + it, you can set the filter to "(&(objectClass=group)(member={})" + type: string + skipGroupRefresh: + description: "The user's group membership is refreshed as they + interact with the supervisor to obtain new credentials (as their + old credentials expire). This allows group membership changes + to be quickly reflected into Kubernetes clusters. Since group + membership is often used to bind authorization policies, it + is important to keep the groups observed in Kubernetes clusters + in-sync with the identity provider. \n In some environments, + frequent group membership queries may result in a significant + performance impact on the identity provider and/or the supervisor. + The best approach to handle performance impacts is to tweak + the group query to be more performant, for example by disabling + nested group search or by using a more targeted group search + base. \n If the group search query cannot be made performant + and you are willing to have group memberships remain static + for approximately a day, then set skipGroupRefresh to true. + \ This is an insecure configuration as authorization policies + that are bound to group membership will not notice if a user + has been removed from a particular group until their next login. + \n This is an experimental feature that may be removed or significantly + altered in the future. Consumers of this configuration should + carefully read all release notes before upgrading to ensure + that the meaning of this field has not changed." + type: boolean + type: object + host: + description: 'Host is the hostname of this Active Directory identity + provider, i.e., where to connect. For example: ldap.example.com:636.' + minLength: 1 + type: string + tls: + description: TLS contains the connection settings for how to establish + the connection to the Host. + properties: + certificateAuthorityData: + description: X.509 Certificate Authority (base64-encoded PEM bundle). + If omitted, a default set of system roots will be trusted. + type: string + type: object + userSearch: + description: UserSearch contains the configuration for searching for + a user by name in Active Directory. + properties: + attributes: + description: Attributes specifies how the user's information should + be read from the ActiveDirectory entry which was found as the + result of the user search. + properties: + uid: + description: UID specifies the name of the attribute in the + ActiveDirectory entry which whose value shall be used to + uniquely identify the user within this ActiveDirectory provider + after a successful authentication. Optional, when empty + this defaults to "objectGUID". + type: string + username: + description: Username specifies the name of the attribute + in Active Directory entry whose value shall become the username + of the user after a successful authentication. Optional, + when empty this defaults to "userPrincipalName". + type: string + type: object + base: + description: Base is the dn (distinguished name) that should be + used as the search base when searching for users. E.g. "ou=users,dc=example,dc=com". + Optional, when not specified it will be based on the result + of a query for the defaultNamingContext (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse). + The default behavior searches your entire domain for users. + It may make sense to specify a subtree as a search base if you + wish to exclude some users or to make searches faster. + type: string + filter: + description: Filter is the search filter which should be applied + when searching for users. The pattern "{}" must occur in the + filter at least once and will be dynamically replaced by the + username for which the search is being run. E.g. "mail={}" or + "&(objectClass=person)(uid={})". For more information about + LDAP filters, see https://ldap.com/ldap-filters. Note that the + dn (distinguished name) is not an attribute of an entry, so + "dn={}" cannot be used. Optional. When not specified, the default + will be '(&(objectClass=person)(!(objectClass=computer))(!(showInAdvancedViewOnly=TRUE))(|(sAMAccountName={}")(mail={})(userPrincipalName={})(sAMAccountType=805306368))' + This means that the user is a person, is not a computer, the + sAMAccountType is for a normal user account, and is not shown + in advanced view only (which would likely mean its a system + created service account with advanced permissions). Also, either + the sAMAccountName, the userPrincipalName, or the mail attribute + matches the input username. + type: string + type: object + required: + - host + type: object + status: + description: Status of the identity provider. + properties: + conditions: + description: Represents the observations of an identity provider's + current state. + items: + description: Condition status of a resource (mirrored from the metav1.Condition + type added in Kubernetes 1.19). In a future API version we can + switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + phase: + default: Pending + description: Phase summarizes the overall status of the ActiveDirectoryIdentityProvider. + enum: + - Pending + - Ready + - Error + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.23/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml b/generated/1.23/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml new file mode 100644 index 00000000..33f1c954 --- /dev/null +++ b/generated/1.23/crds/idp.supervisor.pinniped.dev_ldapidentityproviders.yaml @@ -0,0 +1,302 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: ldapidentityproviders.idp.supervisor.pinniped.dev +spec: + group: idp.supervisor.pinniped.dev + names: + categories: + - pinniped + - pinniped-idp + - pinniped-idps + kind: LDAPIdentityProvider + listKind: LDAPIdentityProviderList + plural: ldapidentityproviders + singular: ldapidentityprovider + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.host + name: Host + type: string + - jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: LDAPIdentityProvider describes the configuration of an upstream + Lightweight Directory Access Protocol (LDAP) identity provider. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec for configuring the identity provider. + properties: + bind: + description: Bind contains the configuration for how to provide access + credentials during an initial bind to the LDAP server to be allowed + to perform searches and binds to validate a user's credentials during + a user's authentication attempt. + properties: + secretName: + description: SecretName contains the name of a namespace-local + Secret object that provides the username and password for an + LDAP bind user. This account will be used to perform LDAP searches. + The Secret should be of type "kubernetes.io/basic-auth" which + includes "username" and "password" keys. The username value + should be the full dn (distinguished name) of your bind account, + e.g. "cn=bind-account,ou=users,dc=example,dc=com". The password + must be non-empty. + minLength: 1 + type: string + required: + - secretName + type: object + groupSearch: + description: GroupSearch contains the configuration for searching + for a user's group membership in the LDAP provider. + properties: + attributes: + description: Attributes specifies how the group's information + should be read from each LDAP entry which was found as the result + of the group search. + properties: + groupName: + description: GroupName specifies the name of the attribute + in the LDAP entries whose value shall become a group name + in the user's list of groups after a successful authentication. + The value of this field is case-sensitive and must match + the case of the attribute name returned by the LDAP server + in the user's entry. E.g. "cn" for common name. Distinguished + names can be used by specifying lower-case "dn". Optional. + When not specified, the default will act as if the GroupName + were specified as "dn" (distinguished name). + type: string + type: object + base: + description: Base is the dn (distinguished name) that should be + used as the search base when searching for groups. E.g. "ou=groups,dc=example,dc=com". + When not specified, no group search will be performed and authenticated + users will not belong to any groups from the LDAP provider. + Also, when not specified, the values of Filter and Attributes + are ignored. + type: string + filter: + description: Filter is the LDAP search filter which should be + applied when searching for groups for a user. The pattern "{}" + must occur in the filter at least once and will be dynamically + replaced by the dn (distinguished name) of the user entry found + as a result of the user search. E.g. "member={}" or "&(objectClass=groupOfNames)(member={})". + For more information about LDAP filters, see https://ldap.com/ldap-filters. + Note that the dn (distinguished name) is not an attribute of + an entry, so "dn={}" cannot be used. Optional. When not specified, + the default will act as if the Filter were specified as "member={}". + type: string + skipGroupRefresh: + description: "The user's group membership is refreshed as they + interact with the supervisor to obtain new credentials (as their + old credentials expire). This allows group membership changes + to be quickly reflected into Kubernetes clusters. Since group + membership is often used to bind authorization policies, it + is important to keep the groups observed in Kubernetes clusters + in-sync with the identity provider. \n In some environments, + frequent group membership queries may result in a significant + performance impact on the identity provider and/or the supervisor. + The best approach to handle performance impacts is to tweak + the group query to be more performant, for example by disabling + nested group search or by using a more targeted group search + base. \n If the group search query cannot be made performant + and you are willing to have group memberships remain static + for approximately a day, then set skipGroupRefresh to true. + \ This is an insecure configuration as authorization policies + that are bound to group membership will not notice if a user + has been removed from a particular group until their next login. + \n This is an experimental feature that may be removed or significantly + altered in the future. Consumers of this configuration should + carefully read all release notes before upgrading to ensure + that the meaning of this field has not changed." + type: boolean + type: object + host: + description: 'Host is the hostname of this LDAP identity provider, + i.e., where to connect. For example: ldap.example.com:636.' + minLength: 1 + type: string + tls: + description: TLS contains the connection settings for how to establish + the connection to the Host. + properties: + certificateAuthorityData: + description: X.509 Certificate Authority (base64-encoded PEM bundle). + If omitted, a default set of system roots will be trusted. + type: string + type: object + userSearch: + description: UserSearch contains the configuration for searching for + a user by name in the LDAP provider. + properties: + attributes: + description: Attributes specifies how the user's information should + be read from the LDAP entry which was found as the result of + the user search. + properties: + uid: + description: UID specifies the name of the attribute in the + LDAP entry which whose value shall be used to uniquely identify + the user within this LDAP provider after a successful authentication. + E.g. "uidNumber" or "objectGUID". The value of this field + is case-sensitive and must match the case of the attribute + name returned by the LDAP server in the user's entry. Distinguished + names can be used by specifying lower-case "dn". + minLength: 1 + type: string + username: + description: Username specifies the name of the attribute + in the LDAP entry whose value shall become the username + of the user after a successful authentication. This would + typically be the same attribute name used in the user search + filter, although it can be different. E.g. "mail" or "uid" + or "userPrincipalName". The value of this field is case-sensitive + and must match the case of the attribute name returned by + the LDAP server in the user's entry. Distinguished names + can be used by specifying lower-case "dn". When this field + is set to "dn" then the LDAPIdentityProviderUserSearch's + Filter field cannot be blank, since the default value of + "dn={}" would not work. + minLength: 1 + type: string + type: object + base: + description: Base is the dn (distinguished name) that should be + used as the search base when searching for users. E.g. "ou=users,dc=example,dc=com". + minLength: 1 + type: string + filter: + description: Filter is the LDAP search filter which should be + applied when searching for users. The pattern "{}" must occur + in the filter at least once and will be dynamically replaced + by the username for which the search is being run. E.g. "mail={}" + or "&(objectClass=person)(uid={})". For more information about + LDAP filters, see https://ldap.com/ldap-filters. Note that the + dn (distinguished name) is not an attribute of an entry, so + "dn={}" cannot be used. Optional. When not specified, the default + will act as if the Filter were specified as the value from Attributes.Username + appended by "={}". When the Attributes.Username is set to "dn" + then the Filter must be explicitly specified, since the default + value of "dn={}" would not work. + type: string + type: object + required: + - host + type: object + status: + description: Status of the identity provider. + properties: + conditions: + description: Represents the observations of an identity provider's + current state. + items: + description: Condition status of a resource (mirrored from the metav1.Condition + type added in Kubernetes 1.19). In a future API version we can + switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + phase: + default: Pending + description: Phase summarizes the overall status of the LDAPIdentityProvider. + enum: + - Pending + - Ready + - Error + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.23/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml b/generated/1.23/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml new file mode 100644 index 00000000..8ebd5eb5 --- /dev/null +++ b/generated/1.23/crds/idp.supervisor.pinniped.dev_oidcidentityproviders.yaml @@ -0,0 +1,329 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: oidcidentityproviders.idp.supervisor.pinniped.dev +spec: + group: idp.supervisor.pinniped.dev + names: + categories: + - pinniped + - pinniped-idp + - pinniped-idps + kind: OIDCIdentityProvider + listKind: OIDCIdentityProviderList + plural: oidcidentityproviders + singular: oidcidentityprovider + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.issuer + name: Issuer + type: string + - jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: OIDCIdentityProvider describes the configuration of an upstream + OpenID Connect identity provider. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec for configuring the identity provider. + properties: + authorizationConfig: + description: AuthorizationConfig holds information about how to form + the OAuth2 authorization request parameters to be used with this + OIDC identity provider. + properties: + additionalAuthorizeParameters: + description: additionalAuthorizeParameters are extra query parameters + that should be included in the authorize request to your OIDC + provider in the authorization request during an OIDC Authorization + Code Flow. By default, no extra parameters are sent. The standard + parameters that will be sent are "response_type", "scope", "client_id", + "state", "nonce", "code_challenge", "code_challenge_method", + and "redirect_uri". These parameters cannot be included in this + setting. Additionally, the "hd" parameter cannot be included + in this setting at this time. The "hd" parameter is used by + Google's OIDC provider to provide a hint as to which "hosted + domain" the user should use during login. However, Pinniped + does not yet support validating the hosted domain in the resulting + ID token, so it is not yet safe to use this feature of Google's + OIDC provider with Pinniped. This setting does not influence + the parameters sent to the token endpoint in the Resource Owner + Password Credentials Grant. The Pinniped Supervisor requires + that your OIDC provider returns refresh tokens to the Supervisor + from the authorization flows. Some OIDC providers may require + a certain value for the "prompt" parameter in order to properly + request refresh tokens. See the documentation of your OIDC provider's + authorization endpoint for its requirements for what to include + in the request in order to receive a refresh token in the response, + if anything. If your provider requires the prompt parameter + to request a refresh token, then include it here. Also note + that most providers also require a certain scope to be requested + in order to receive refresh tokens. See the additionalScopes + setting for more information about using scopes to request refresh + tokens. + items: + description: Parameter is a key/value pair which represents + a parameter in an HTTP request. + properties: + name: + description: The name of the parameter. Required. + minLength: 1 + type: string + value: + description: The value of the parameter. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + additionalScopes: + description: 'additionalScopes are the additional scopes that + will be requested from your OIDC provider in the authorization + request during an OIDC Authorization Code Flow and in the token + request during a Resource Owner Password Credentials Grant. + Note that the "openid" scope will always be requested regardless + of the value in this setting, since it is always required according + to the OIDC spec. By default, when this field is not set, the + Supervisor will request the following scopes: "openid", "offline_access", + "email", and "profile". See https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims + for a description of the "profile" and "email" scopes. See https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess + for a description of the "offline_access" scope. This default + value may change in future versions of Pinniped as the standard + evolves, or as common patterns used by providers who implement + the standard in the ecosystem evolve. By setting this list to + anything other than an empty list, you are overriding the default + value, so you may wish to include some of "offline_access", + "email", and "profile" in your override list. If you do not + want any of these scopes to be requested, you may set this list + to contain only "openid". Some OIDC providers may also require + a scope to get access to the user''s group membership, in which + case you may wish to include it in this list. Sometimes the + scope to request the user''s group membership is called "groups", + but unfortunately this is not specified in the OIDC standard. + Generally speaking, you should include any scopes required to + cause the appropriate claims to be the returned by your OIDC + provider in the ID token or userinfo endpoint results for those + claims which you would like to use in the oidcClaims settings + to determine the usernames and group memberships of your Kubernetes + users. See your OIDC provider''s documentation for more information + about what scopes are available to request claims. Additionally, + the Pinniped Supervisor requires that your OIDC provider returns + refresh tokens to the Supervisor from these authorization flows. + For most OIDC providers, the scope required to receive refresh + tokens will be "offline_access". See the documentation of your + OIDC provider''s authorization and token endpoints for its requirements + for what to include in the request in order to receive a refresh + token in the response, if anything. Note that it may be safe + to send "offline_access" even to providers which do not require + it, since the provider may ignore scopes that it does not understand + or require (see https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). + In the unusual case that you must avoid sending the "offline_access" + scope, then you must override the default value of this setting. + This is required if your OIDC provider will reject the request + when it includes "offline_access" (e.g. GitLab''s OIDC provider).' + items: + type: string + type: array + allowPasswordGrant: + description: allowPasswordGrant, when true, will allow the use + of OAuth 2.0's Resource Owner Password Credentials Grant (see + https://datatracker.ietf.org/doc/html/rfc6749#section-4.3) to + authenticate to the OIDC provider using a username and password + without a web browser, in addition to the usual browser-based + OIDC Authorization Code Flow. The Resource Owner Password Credentials + Grant is not officially part of the OIDC specification, so it + may not be supported by your OIDC provider. If your OIDC provider + supports returning ID tokens from a Resource Owner Password + Credentials Grant token request, then you can choose to set + this field to true. This will allow end users to choose to present + their username and password to the kubectl CLI (using the Pinniped + plugin) to authenticate to the cluster, without using a web + browser to log in as is customary in OIDC Authorization Code + Flow. This may be convenient for users, especially for identities + from your OIDC provider which are not intended to represent + a human actor, such as service accounts performing actions in + a CI/CD environment. Even if your OIDC provider supports it, + you may wish to disable this behavior by setting this field + to false when you prefer to only allow users of this OIDCIdentityProvider + to log in via the browser-based OIDC Authorization Code Flow. + Using the Resource Owner Password Credentials Grant means that + the Pinniped CLI and Pinniped Supervisor will directly handle + your end users' passwords (similar to LDAPIdentityProvider), + and you will not be able to require multi-factor authentication + or use the other web-based login features of your OIDC provider + during Resource Owner Password Credentials Grant logins. allowPasswordGrant + defaults to false. + type: boolean + type: object + claims: + description: Claims provides the names of token claims that will be + used when inspecting an identity from this OIDC identity provider. + properties: + groups: + description: Groups provides the name of the ID token claim or + userinfo endpoint response claim that will be used to ascertain + the groups to which an identity belongs. By default, the identities + will not include any group memberships when this setting is + not configured. + type: string + username: + description: Username provides the name of the ID token claim + or userinfo endpoint response claim that will be used to ascertain + an identity's username. When not set, the username will be an + automatically constructed unique string which will include the + issuer URL of your OIDC provider along with the value of the + "sub" (subject) claim from the ID token. + type: string + type: object + client: + description: OIDCClient contains OIDC client information to be used + used with this OIDC identity provider. + properties: + secretName: + description: SecretName contains the name of a namespace-local + Secret object that provides the clientID and clientSecret for + an OIDC client. If only the SecretName is specified in an OIDCClient + struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oidc-client" + with keys "clientID" and "clientSecret". + type: string + required: + - secretName + type: object + issuer: + description: Issuer is the issuer URL of this OIDC identity provider, + i.e., where to fetch /.well-known/openid-configuration. + minLength: 1 + pattern: ^https:// + type: string + tls: + description: TLS configuration for discovery/JWKS requests to the + issuer. + properties: + certificateAuthorityData: + description: X.509 Certificate Authority (base64-encoded PEM bundle). + If omitted, a default set of system roots will be trusted. + type: string + type: object + required: + - client + - issuer + type: object + status: + description: Status of the identity provider. + properties: + conditions: + description: Represents the observations of an identity provider's + current state. + items: + description: Condition status of a resource (mirrored from the metav1.Condition + type added in Kubernetes 1.19). In a future API version we can + switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + phase: + default: Pending + description: Phase summarizes the overall status of the OIDCIdentityProvider. + enum: + - Pending + - Ready + - Error + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/latest/apis/concierge/authentication/v1alpha1/doc.go b/generated/latest/apis/concierge/authentication/v1alpha1/doc.go index 18505fea..d00d3ba6 100644 --- a/generated/latest/apis/concierge/authentication/v1alpha1/doc.go +++ b/generated/latest/apis/concierge/authentication/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/latest/apis/concierge/authentication/v1alpha1/register.go b/generated/latest/apis/concierge/authentication/v1alpha1/register.go index a00b5e9e..f58039e4 100644 --- a/generated/latest/apis/concierge/authentication/v1alpha1/register.go +++ b/generated/latest/apis/concierge/authentication/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go b/generated/latest/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go index 0d22d7af..a8596b22 100644 --- a/generated/latest/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go +++ b/generated/latest/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/authentication/v1alpha1/types_meta.go b/generated/latest/apis/concierge/authentication/v1alpha1/types_meta.go index e59976ff..76a7d547 100644 --- a/generated/latest/apis/concierge/authentication/v1alpha1/types_meta.go +++ b/generated/latest/apis/concierge/authentication/v1alpha1/types_meta.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/authentication/v1alpha1/types_tls.go b/generated/latest/apis/concierge/authentication/v1alpha1/types_tls.go index f882f2d6..12231665 100644 --- a/generated/latest/apis/concierge/authentication/v1alpha1/types_tls.go +++ b/generated/latest/apis/concierge/authentication/v1alpha1/types_tls.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go b/generated/latest/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go index 2a66815d..77b1e045 100644 --- a/generated/latest/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go +++ b/generated/latest/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/latest/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index a64567b2..883959bf 100644 --- a/generated/latest/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/latest/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,7 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/latest/apis/concierge/config/v1alpha1/doc.go b/generated/latest/apis/concierge/config/v1alpha1/doc.go index 6b94e609..97b2f212 100644 --- a/generated/latest/apis/concierge/config/v1alpha1/doc.go +++ b/generated/latest/apis/concierge/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/latest/apis/concierge/config/v1alpha1/register.go b/generated/latest/apis/concierge/config/v1alpha1/register.go index 7ada1d46..8d799898 100644 --- a/generated/latest/apis/concierge/config/v1alpha1/register.go +++ b/generated/latest/apis/concierge/config/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/config/v1alpha1/types_credentialissuer.go b/generated/latest/apis/concierge/config/v1alpha1/types_credentialissuer.go index 69b4fc13..d1cb160b 100644 --- a/generated/latest/apis/concierge/config/v1alpha1/types_credentialissuer.go +++ b/generated/latest/apis/concierge/config/v1alpha1/types_credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/latest/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go index cf679b2c..a00b3fc8 100644 --- a/generated/latest/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/latest/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,7 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/latest/apis/concierge/identity/doc.go b/generated/latest/apis/concierge/identity/doc.go index 6d821566..130e8942 100644 --- a/generated/latest/apis/concierge/identity/doc.go +++ b/generated/latest/apis/concierge/identity/doc.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:deepcopy-gen=package diff --git a/generated/latest/apis/concierge/identity/register.go b/generated/latest/apis/concierge/identity/register.go index ad0fe3ab..0cefb834 100644 --- a/generated/latest/apis/concierge/identity/register.go +++ b/generated/latest/apis/concierge/identity/register.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/generated/latest/apis/concierge/identity/types_userinfo.go b/generated/latest/apis/concierge/identity/types_userinfo.go index fdd5b258..65eb50cc 100644 --- a/generated/latest/apis/concierge/identity/types_userinfo.go +++ b/generated/latest/apis/concierge/identity/types_userinfo.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/generated/latest/apis/concierge/identity/types_whoami.go b/generated/latest/apis/concierge/identity/types_whoami.go index 133a9a8e..4ba30607 100644 --- a/generated/latest/apis/concierge/identity/types_whoami.go +++ b/generated/latest/apis/concierge/identity/types_whoami.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package identity diff --git a/generated/latest/apis/concierge/identity/v1alpha1/conversion.go b/generated/latest/apis/concierge/identity/v1alpha1/conversion.go index e7e86b85..63ae004e 100644 --- a/generated/latest/apis/concierge/identity/v1alpha1/conversion.go +++ b/generated/latest/apis/concierge/identity/v1alpha1/conversion.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/identity/v1alpha1/defaults.go b/generated/latest/apis/concierge/identity/v1alpha1/defaults.go index 8953e608..15c2bec9 100644 --- a/generated/latest/apis/concierge/identity/v1alpha1/defaults.go +++ b/generated/latest/apis/concierge/identity/v1alpha1/defaults.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/identity/v1alpha1/doc.go b/generated/latest/apis/concierge/identity/v1alpha1/doc.go index 074b8d00..8d19b08d 100644 --- a/generated/latest/apis/concierge/identity/v1alpha1/doc.go +++ b/generated/latest/apis/concierge/identity/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/latest/apis/concierge/identity/v1alpha1/register.go b/generated/latest/apis/concierge/identity/v1alpha1/register.go index 09ecfad8..0e17d584 100644 --- a/generated/latest/apis/concierge/identity/v1alpha1/register.go +++ b/generated/latest/apis/concierge/identity/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/identity/v1alpha1/types_userinfo.go b/generated/latest/apis/concierge/identity/v1alpha1/types_userinfo.go index dc15fd36..4e509fc1 100644 --- a/generated/latest/apis/concierge/identity/v1alpha1/types_userinfo.go +++ b/generated/latest/apis/concierge/identity/v1alpha1/types_userinfo.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/identity/v1alpha1/types_whoami.go b/generated/latest/apis/concierge/identity/v1alpha1/types_whoami.go index b9ecadb4..3d884346 100644 --- a/generated/latest/apis/concierge/identity/v1alpha1/types_whoami.go +++ b/generated/latest/apis/concierge/identity/v1alpha1/types_whoami.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/latest/apis/concierge/identity/v1alpha1/zz_generated.conversion.go index f6c79068..14493b92 100644 --- a/generated/latest/apis/concierge/identity/v1alpha1/zz_generated.conversion.go +++ b/generated/latest/apis/concierge/identity/v1alpha1/zz_generated.conversion.go @@ -1,6 +1,7 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by conversion-gen. DO NOT EDIT. diff --git a/generated/latest/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/latest/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go index a6733d9d..8206b6dd 100644 --- a/generated/latest/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go +++ b/generated/latest/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,7 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/latest/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/latest/apis/concierge/identity/v1alpha1/zz_generated.defaults.go index b954fa5e..9097a935 100644 --- a/generated/latest/apis/concierge/identity/v1alpha1/zz_generated.defaults.go +++ b/generated/latest/apis/concierge/identity/v1alpha1/zz_generated.defaults.go @@ -1,6 +1,7 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by defaulter-gen. DO NOT EDIT. diff --git a/generated/latest/apis/concierge/identity/validation/validation.go b/generated/latest/apis/concierge/identity/validation/validation.go index f62b358b..c7bd879f 100644 --- a/generated/latest/apis/concierge/identity/validation/validation.go +++ b/generated/latest/apis/concierge/identity/validation/validation.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package validation diff --git a/generated/latest/apis/concierge/identity/zz_generated.deepcopy.go b/generated/latest/apis/concierge/identity/zz_generated.deepcopy.go index b80f7b8c..4d844ffd 100644 --- a/generated/latest/apis/concierge/identity/zz_generated.deepcopy.go +++ b/generated/latest/apis/concierge/identity/zz_generated.deepcopy.go @@ -1,6 +1,7 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/latest/apis/concierge/login/doc.go b/generated/latest/apis/concierge/login/doc.go index d7bfbcbe..14af63a2 100644 --- a/generated/latest/apis/concierge/login/doc.go +++ b/generated/latest/apis/concierge/login/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:deepcopy-gen=package diff --git a/generated/latest/apis/concierge/login/register.go b/generated/latest/apis/concierge/login/register.go index f93663f8..1c3ba130 100644 --- a/generated/latest/apis/concierge/login/register.go +++ b/generated/latest/apis/concierge/login/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/generated/latest/apis/concierge/login/types_clustercred.go b/generated/latest/apis/concierge/login/types_clustercred.go index fda1103a..dd683b81 100644 --- a/generated/latest/apis/concierge/login/types_clustercred.go +++ b/generated/latest/apis/concierge/login/types_clustercred.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/generated/latest/apis/concierge/login/types_token.go b/generated/latest/apis/concierge/login/types_token.go index 17a341b2..e3af529e 100644 --- a/generated/latest/apis/concierge/login/types_token.go +++ b/generated/latest/apis/concierge/login/types_token.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package login diff --git a/generated/latest/apis/concierge/login/v1alpha1/conversion.go b/generated/latest/apis/concierge/login/v1alpha1/conversion.go index 226f6135..dca8bca2 100644 --- a/generated/latest/apis/concierge/login/v1alpha1/conversion.go +++ b/generated/latest/apis/concierge/login/v1alpha1/conversion.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/login/v1alpha1/defaults.go b/generated/latest/apis/concierge/login/v1alpha1/defaults.go index 830aa010..12f0acd2 100644 --- a/generated/latest/apis/concierge/login/v1alpha1/defaults.go +++ b/generated/latest/apis/concierge/login/v1alpha1/defaults.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/login/v1alpha1/doc.go b/generated/latest/apis/concierge/login/v1alpha1/doc.go index faf62735..f13ebae4 100644 --- a/generated/latest/apis/concierge/login/v1alpha1/doc.go +++ b/generated/latest/apis/concierge/login/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/latest/apis/concierge/login/v1alpha1/register.go b/generated/latest/apis/concierge/login/v1alpha1/register.go index d5e1ee5e..60efec82 100644 --- a/generated/latest/apis/concierge/login/v1alpha1/register.go +++ b/generated/latest/apis/concierge/login/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/login/v1alpha1/types_clustercred.go b/generated/latest/apis/concierge/login/v1alpha1/types_clustercred.go index 574e8b51..eb50c7fe 100644 --- a/generated/latest/apis/concierge/login/v1alpha1/types_clustercred.go +++ b/generated/latest/apis/concierge/login/v1alpha1/types_clustercred.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/login/v1alpha1/types_token.go b/generated/latest/apis/concierge/login/v1alpha1/types_token.go index 53e25645..c8f3b66e 100644 --- a/generated/latest/apis/concierge/login/v1alpha1/types_token.go +++ b/generated/latest/apis/concierge/login/v1alpha1/types_token.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/latest/apis/concierge/login/v1alpha1/zz_generated.conversion.go index d1e53e70..e413bb49 100644 --- a/generated/latest/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/latest/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -1,6 +1,7 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by conversion-gen. DO NOT EDIT. diff --git a/generated/latest/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/latest/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go index c17260e8..6f39cfec 100644 --- a/generated/latest/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ b/generated/latest/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,7 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/latest/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/latest/apis/concierge/login/v1alpha1/zz_generated.defaults.go index b954fa5e..9097a935 100644 --- a/generated/latest/apis/concierge/login/v1alpha1/zz_generated.defaults.go +++ b/generated/latest/apis/concierge/login/v1alpha1/zz_generated.defaults.go @@ -1,6 +1,7 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by defaulter-gen. DO NOT EDIT. diff --git a/generated/latest/apis/concierge/login/zz_generated.deepcopy.go b/generated/latest/apis/concierge/login/zz_generated.deepcopy.go index a65c9486..07f4f074 100644 --- a/generated/latest/apis/concierge/login/zz_generated.deepcopy.go +++ b/generated/latest/apis/concierge/login/zz_generated.deepcopy.go @@ -1,6 +1,7 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/latest/apis/supervisor/config/v1alpha1/doc.go b/generated/latest/apis/supervisor/config/v1alpha1/doc.go index 03a92db8..aad367db 100644 --- a/generated/latest/apis/supervisor/config/v1alpha1/doc.go +++ b/generated/latest/apis/supervisor/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/latest/apis/supervisor/config/v1alpha1/register.go b/generated/latest/apis/supervisor/config/v1alpha1/register.go index 32c81af8..69045298 100644 --- a/generated/latest/apis/supervisor/config/v1alpha1/register.go +++ b/generated/latest/apis/supervisor/config/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/supervisor/config/v1alpha1/types_federationdomain.go b/generated/latest/apis/supervisor/config/v1alpha1/types_federationdomain.go index 15e94f62..e92303a9 100644 --- a/generated/latest/apis/supervisor/config/v1alpha1/types_federationdomain.go +++ b/generated/latest/apis/supervisor/config/v1alpha1/types_federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/latest/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index fbe695da..856b8988 100644 --- a/generated/latest/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/latest/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,7 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/latest/apis/supervisor/idp/v1alpha1/doc.go b/generated/latest/apis/supervisor/idp/v1alpha1/doc.go index 71f2737d..a9e91c47 100644 --- a/generated/latest/apis/supervisor/idp/v1alpha1/doc.go +++ b/generated/latest/apis/supervisor/idp/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // +k8s:openapi-gen=true diff --git a/generated/latest/apis/supervisor/idp/v1alpha1/register.go b/generated/latest/apis/supervisor/idp/v1alpha1/register.go index e3406a81..8829a863 100644 --- a/generated/latest/apis/supervisor/idp/v1alpha1/register.go +++ b/generated/latest/apis/supervisor/idp/v1alpha1/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/supervisor/idp/v1alpha1/types_meta.go b/generated/latest/apis/supervisor/idp/v1alpha1/types_meta.go index e04c6f2a..76a7d547 100644 --- a/generated/latest/apis/supervisor/idp/v1alpha1/types_meta.go +++ b/generated/latest/apis/supervisor/idp/v1alpha1/types_meta.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/supervisor/idp/v1alpha1/types_tls.go b/generated/latest/apis/supervisor/idp/v1alpha1/types_tls.go index fa4db315..1413a262 100644 --- a/generated/latest/apis/supervisor/idp/v1alpha1/types_tls.go +++ b/generated/latest/apis/supervisor/idp/v1alpha1/types_tls.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/latest/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index 12e67583..5f5be6f3 100644 --- a/generated/latest/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/latest/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -1,6 +1,7 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by deepcopy-gen. DO NOT EDIT. diff --git a/generated/latest/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go b/generated/latest/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go index 6ddebe9b..ea055090 100644 --- a/generated/latest/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go +++ b/generated/latest/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package v1alpha1 diff --git a/generated/latest/apis/supervisor/oidc/types_supervisor_oidc.go b/generated/latest/apis/supervisor/oidc/types_supervisor_oidc.go index 36d95d18..b35aafcb 100644 --- a/generated/latest/apis/supervisor/oidc/types_supervisor_oidc.go +++ b/generated/latest/apis/supervisor/oidc/types_supervisor_oidc.go @@ -1,4 +1,4 @@ -// Copyright 2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package oidc diff --git a/generated/latest/client/concierge/clientset/versioned/clientset.go b/generated/latest/client/concierge/clientset/versioned/clientset.go index 7e8480eb..c2744edf 100644 --- a/generated/latest/client/concierge/clientset/versioned/clientset.go +++ b/generated/latest/client/concierge/clientset/versioned/clientset.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -7,6 +7,7 @@ package versioned import ( "fmt" + "net/http" authenticationv1alpha1 "go.pinniped.dev/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1" configv1alpha1 "go.pinniped.dev/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1" @@ -66,34 +67,53 @@ func (c *Clientset) Discovery() discovery.DiscoveryInterface { // NewForConfig creates a new Clientset for the given config. // If config's RateLimiter is not set and QPS and Burst are acceptable, // NewForConfig will generate a rate-limiter in configShallowCopy. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*Clientset, error) { configShallowCopy := *c + + // share the transport between all clients + httpClient, err := rest.HTTPClientFor(&configShallowCopy) + if err != nil { + return nil, err + } + + return NewForConfigAndClient(&configShallowCopy, httpClient) +} + +// NewForConfigAndClient creates a new Clientset for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfigAndClient will generate a rate-limiter in configShallowCopy. +func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, error) { + configShallowCopy := *c if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { if configShallowCopy.Burst <= 0 { return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") } configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) } + var cs Clientset var err error - cs.authenticationV1alpha1, err = authenticationv1alpha1.NewForConfig(&configShallowCopy) + cs.authenticationV1alpha1, err = authenticationv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) if err != nil { return nil, err } - cs.configV1alpha1, err = configv1alpha1.NewForConfig(&configShallowCopy) + cs.configV1alpha1, err = configv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) if err != nil { return nil, err } - cs.identityV1alpha1, err = identityv1alpha1.NewForConfig(&configShallowCopy) + cs.identityV1alpha1, err = identityv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) if err != nil { return nil, err } - cs.loginV1alpha1, err = loginv1alpha1.NewForConfig(&configShallowCopy) + cs.loginV1alpha1, err = loginv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) if err != nil { return nil, err } - cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient) if err != nil { return nil, err } @@ -103,14 +123,11 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { // NewForConfigOrDie creates a new Clientset for the given config and // panics if there is an error in the config. func NewForConfigOrDie(c *rest.Config) *Clientset { - var cs Clientset - cs.authenticationV1alpha1 = authenticationv1alpha1.NewForConfigOrDie(c) - cs.configV1alpha1 = configv1alpha1.NewForConfigOrDie(c) - cs.identityV1alpha1 = identityv1alpha1.NewForConfigOrDie(c) - cs.loginV1alpha1 = loginv1alpha1.NewForConfigOrDie(c) - - cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) - return &cs + cs, err := NewForConfig(c) + if err != nil { + panic(err) + } + return cs } // New creates a new Clientset for the given RESTClient. diff --git a/generated/latest/client/concierge/clientset/versioned/doc.go b/generated/latest/client/concierge/clientset/versioned/doc.go index ecbdad66..5dc02e6e 100644 --- a/generated/latest/client/concierge/clientset/versioned/doc.go +++ b/generated/latest/client/concierge/clientset/versioned/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/fake/clientset_generated.go b/generated/latest/client/concierge/clientset/versioned/fake/clientset_generated.go index 7bf61933..5be23cdd 100644 --- a/generated/latest/client/concierge/clientset/versioned/fake/clientset_generated.go +++ b/generated/latest/client/concierge/clientset/versioned/fake/clientset_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -67,7 +67,10 @@ func (c *Clientset) Tracker() testing.ObjectTracker { return c.tracker } -var _ clientset.Interface = &Clientset{} +var ( + _ clientset.Interface = &Clientset{} + _ testing.FakeClient = &Clientset{} +) // AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { diff --git a/generated/latest/client/concierge/clientset/versioned/fake/doc.go b/generated/latest/client/concierge/clientset/versioned/fake/doc.go index a2db57bf..7c9538fd 100644 --- a/generated/latest/client/concierge/clientset/versioned/fake/doc.go +++ b/generated/latest/client/concierge/clientset/versioned/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/fake/register.go b/generated/latest/client/concierge/clientset/versioned/fake/register.go index 0356cd9e..28930bf4 100644 --- a/generated/latest/client/concierge/clientset/versioned/fake/register.go +++ b/generated/latest/client/concierge/clientset/versioned/fake/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/scheme/doc.go b/generated/latest/client/concierge/clientset/versioned/scheme/doc.go index 7d24c5d2..cc02f1d3 100644 --- a/generated/latest/client/concierge/clientset/versioned/scheme/doc.go +++ b/generated/latest/client/concierge/clientset/versioned/scheme/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/scheme/register.go b/generated/latest/client/concierge/clientset/versioned/scheme/register.go index c793f040..25a067da 100644 --- a/generated/latest/client/concierge/clientset/versioned/scheme/register.go +++ b/generated/latest/client/concierge/clientset/versioned/scheme/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go index ef8ba015..ebc965d9 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -6,6 +6,8 @@ package v1alpha1 import ( + "net/http" + v1alpha1 "go.pinniped.dev/generated/latest/apis/concierge/authentication/v1alpha1" "go.pinniped.dev/generated/latest/client/concierge/clientset/versioned/scheme" rest "k8s.io/client-go/rest" @@ -31,12 +33,28 @@ func (c *AuthenticationV1alpha1Client) WebhookAuthenticators() WebhookAuthentica } // NewForConfig creates a new AuthenticationV1alpha1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) { config := *c if err := setConfigDefaults(&config); err != nil { return nil, err } - client, err := rest.RESTClientFor(&config) + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new AuthenticationV1alpha1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AuthenticationV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err } diff --git a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go index 80e81396..90c3589f 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go index 284f073a..33878586 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -97,7 +97,7 @@ func (c *FakeJWTAuthenticators) UpdateStatus(ctx context.Context, jWTAuthenticat // Delete takes name of the jWTAuthenticator and deletes it. Returns an error if one occurs. func (c *FakeJWTAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { _, err := c.Fake. - Invokes(testing.NewRootDeleteAction(jwtauthenticatorsResource, name), &v1alpha1.JWTAuthenticator{}) + Invokes(testing.NewRootDeleteActionWithOptions(jwtauthenticatorsResource, name, opts), &v1alpha1.JWTAuthenticator{}) return err } diff --git a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go index e72f3ea2..a55dc578 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -97,7 +97,7 @@ func (c *FakeWebhookAuthenticators) UpdateStatus(ctx context.Context, webhookAut // Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. func (c *FakeWebhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { _, err := c.Fake. - Invokes(testing.NewRootDeleteAction(webhookauthenticatorsResource, name), &v1alpha1.WebhookAuthenticator{}) + Invokes(testing.NewRootDeleteActionWithOptions(webhookauthenticatorsResource, name, opts), &v1alpha1.WebhookAuthenticator{}) return err } diff --git a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go index 44fba43b..03757746 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go index 33ca108c..ac5704d0 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go index eb30ace7..85cfb1f4 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go index a26c0d98..825cd757 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -6,6 +6,8 @@ package v1alpha1 import ( + "net/http" + v1alpha1 "go.pinniped.dev/generated/latest/apis/concierge/config/v1alpha1" "go.pinniped.dev/generated/latest/client/concierge/clientset/versioned/scheme" rest "k8s.io/client-go/rest" @@ -26,12 +28,28 @@ func (c *ConfigV1alpha1Client) CredentialIssuers() CredentialIssuerInterface { } // NewForConfig creates a new ConfigV1alpha1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { config := *c if err := setConfigDefaults(&config); err != nil { return nil, err } - client, err := rest.RESTClientFor(&config) + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new ConfigV1alpha1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ConfigV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err } diff --git a/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go b/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go index 2b6c7277..2f69d554 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index 428b5342..ee61e353 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go b/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go index a045bc75..b84f327c 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -97,7 +97,7 @@ func (c *FakeCredentialIssuers) UpdateStatus(ctx context.Context, credentialIssu // Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs. func (c *FakeCredentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { _, err := c.Fake. - Invokes(testing.NewRootDeleteAction(credentialissuersResource, name), &v1alpha1.CredentialIssuer{}) + Invokes(testing.NewRootDeleteActionWithOptions(credentialissuersResource, name, opts), &v1alpha1.CredentialIssuer{}) return err } diff --git a/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index f98d40d0..294cd402 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go b/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go b/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go b/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go index 235501d5..09d593a4 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_identity_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go b/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go index 70e99bc0..4a2210c7 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake/fake_whoamirequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go b/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go index 8bea78ec..925d9ca3 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go b/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go index 2df6b395..0f824045 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/identity_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -6,6 +6,8 @@ package v1alpha1 import ( + "net/http" + v1alpha1 "go.pinniped.dev/generated/latest/apis/concierge/identity/v1alpha1" "go.pinniped.dev/generated/latest/client/concierge/clientset/versioned/scheme" rest "k8s.io/client-go/rest" @@ -26,12 +28,28 @@ func (c *IdentityV1alpha1Client) WhoAmIRequests() WhoAmIRequestInterface { } // NewForConfig creates a new IdentityV1alpha1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*IdentityV1alpha1Client, error) { config := *c if err := setConfigDefaults(&config); err != nil { return nil, err } - client, err := rest.RESTClientFor(&config) + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new IdentityV1alpha1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*IdentityV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err } diff --git a/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go b/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go index ce1c6f29..a0661d63 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/identity/v1alpha1/whoamirequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go b/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go b/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go b/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go index 282060b5..74b64d39 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_login_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go b/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go index ada573f1..1dd103e4 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/fake/fake_tokencredentialrequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go b/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go index 0d67146e..7ed35ca8 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go b/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go index b4f8ddca..257ae0cb 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/login_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -6,6 +6,8 @@ package v1alpha1 import ( + "net/http" + v1alpha1 "go.pinniped.dev/generated/latest/apis/concierge/login/v1alpha1" "go.pinniped.dev/generated/latest/client/concierge/clientset/versioned/scheme" rest "k8s.io/client-go/rest" @@ -26,12 +28,28 @@ func (c *LoginV1alpha1Client) TokenCredentialRequests() TokenCredentialRequestIn } // NewForConfig creates a new LoginV1alpha1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*LoginV1alpha1Client, error) { config := *c if err := setConfigDefaults(&config); err != nil { return nil, err } - client, err := rest.RESTClientFor(&config) + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new LoginV1alpha1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*LoginV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err } diff --git a/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go b/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go index dabd2c54..ff4cc3ec 100644 --- a/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go +++ b/generated/latest/client/concierge/clientset/versioned/typed/login/v1alpha1/tokencredentialrequest.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/informers/externalversions/authentication/interface.go b/generated/latest/client/concierge/informers/externalversions/authentication/interface.go index c635245d..ce27aa49 100644 --- a/generated/latest/client/concierge/informers/externalversions/authentication/interface.go +++ b/generated/latest/client/concierge/informers/externalversions/authentication/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go b/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go index f61c25dd..f88e47b4 100644 --- a/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go +++ b/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go b/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go index 85c6517d..d63bcea3 100644 --- a/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go index 47427666..efc801b4 100644 --- a/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/latest/client/concierge/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/informers/externalversions/config/interface.go b/generated/latest/client/concierge/informers/externalversions/config/interface.go index cbf87417..d314ccf4 100644 --- a/generated/latest/client/concierge/informers/externalversions/config/interface.go +++ b/generated/latest/client/concierge/informers/externalversions/config/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go b/generated/latest/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go index c343eb6d..92893a30 100644 --- a/generated/latest/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go +++ b/generated/latest/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/informers/externalversions/config/v1alpha1/interface.go b/generated/latest/client/concierge/informers/externalversions/config/v1alpha1/interface.go index 841bbc9c..ab4271d7 100644 --- a/generated/latest/client/concierge/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/latest/client/concierge/informers/externalversions/config/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/informers/externalversions/factory.go b/generated/latest/client/concierge/informers/externalversions/factory.go index 10f39982..59f0aede 100644 --- a/generated/latest/client/concierge/informers/externalversions/factory.go +++ b/generated/latest/client/concierge/informers/externalversions/factory.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/informers/externalversions/generic.go b/generated/latest/client/concierge/informers/externalversions/generic.go index 6ebd6ad6..79a127cd 100644 --- a/generated/latest/client/concierge/informers/externalversions/generic.go +++ b/generated/latest/client/concierge/informers/externalversions/generic.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/latest/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go index cf712310..e7791288 100644 --- a/generated/latest/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/latest/client/concierge/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/listers/authentication/v1alpha1/expansion_generated.go b/generated/latest/client/concierge/listers/authentication/v1alpha1/expansion_generated.go index d78e57b0..665b978e 100644 --- a/generated/latest/client/concierge/listers/authentication/v1alpha1/expansion_generated.go +++ b/generated/latest/client/concierge/listers/authentication/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go b/generated/latest/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go index 0236deb4..71b64432 100644 --- a/generated/latest/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go +++ b/generated/latest/client/concierge/listers/authentication/v1alpha1/jwtauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/latest/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go index 3411ed01..6fcf59ab 100644 --- a/generated/latest/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go +++ b/generated/latest/client/concierge/listers/authentication/v1alpha1/webhookauthenticator.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/listers/config/v1alpha1/credentialissuer.go b/generated/latest/client/concierge/listers/config/v1alpha1/credentialissuer.go index fa820bb2..0373823b 100644 --- a/generated/latest/client/concierge/listers/config/v1alpha1/credentialissuer.go +++ b/generated/latest/client/concierge/listers/config/v1alpha1/credentialissuer.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/latest/client/concierge/listers/config/v1alpha1/expansion_generated.go b/generated/latest/client/concierge/listers/config/v1alpha1/expansion_generated.go index 7fa5be2f..7212c891 100644 --- a/generated/latest/client/concierge/listers/config/v1alpha1/expansion_generated.go +++ b/generated/latest/client/concierge/listers/config/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/clientset.go b/generated/latest/client/supervisor/clientset/versioned/clientset.go index 6bb80d9c..7e617419 100644 --- a/generated/latest/client/supervisor/clientset/versioned/clientset.go +++ b/generated/latest/client/supervisor/clientset/versioned/clientset.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -7,6 +7,7 @@ package versioned import ( "fmt" + "net/http" configv1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1" @@ -50,26 +51,45 @@ func (c *Clientset) Discovery() discovery.DiscoveryInterface { // NewForConfig creates a new Clientset for the given config. // If config's RateLimiter is not set and QPS and Burst are acceptable, // NewForConfig will generate a rate-limiter in configShallowCopy. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*Clientset, error) { configShallowCopy := *c + + // share the transport between all clients + httpClient, err := rest.HTTPClientFor(&configShallowCopy) + if err != nil { + return nil, err + } + + return NewForConfigAndClient(&configShallowCopy, httpClient) +} + +// NewForConfigAndClient creates a new Clientset for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfigAndClient will generate a rate-limiter in configShallowCopy. +func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, error) { + configShallowCopy := *c if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { if configShallowCopy.Burst <= 0 { return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") } configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) } + var cs Clientset var err error - cs.configV1alpha1, err = configv1alpha1.NewForConfig(&configShallowCopy) + cs.configV1alpha1, err = configv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) if err != nil { return nil, err } - cs.iDPV1alpha1, err = idpv1alpha1.NewForConfig(&configShallowCopy) + cs.iDPV1alpha1, err = idpv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) if err != nil { return nil, err } - cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient) if err != nil { return nil, err } @@ -79,12 +99,11 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { // NewForConfigOrDie creates a new Clientset for the given config and // panics if there is an error in the config. func NewForConfigOrDie(c *rest.Config) *Clientset { - var cs Clientset - cs.configV1alpha1 = configv1alpha1.NewForConfigOrDie(c) - cs.iDPV1alpha1 = idpv1alpha1.NewForConfigOrDie(c) - - cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) - return &cs + cs, err := NewForConfig(c) + if err != nil { + panic(err) + } + return cs } // New creates a new Clientset for the given RESTClient. diff --git a/generated/latest/client/supervisor/clientset/versioned/doc.go b/generated/latest/client/supervisor/clientset/versioned/doc.go index ecbdad66..5dc02e6e 100644 --- a/generated/latest/client/supervisor/clientset/versioned/doc.go +++ b/generated/latest/client/supervisor/clientset/versioned/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/latest/client/supervisor/clientset/versioned/fake/clientset_generated.go index 75d97342..783ec35f 100644 --- a/generated/latest/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/latest/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -63,7 +63,10 @@ func (c *Clientset) Tracker() testing.ObjectTracker { return c.tracker } -var _ clientset.Interface = &Clientset{} +var ( + _ clientset.Interface = &Clientset{} + _ testing.FakeClient = &Clientset{} +) // ConfigV1alpha1 retrieves the ConfigV1alpha1Client func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { diff --git a/generated/latest/client/supervisor/clientset/versioned/fake/doc.go b/generated/latest/client/supervisor/clientset/versioned/fake/doc.go index a2db57bf..7c9538fd 100644 --- a/generated/latest/client/supervisor/clientset/versioned/fake/doc.go +++ b/generated/latest/client/supervisor/clientset/versioned/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/fake/register.go b/generated/latest/client/supervisor/clientset/versioned/fake/register.go index 851684fb..4d84f079 100644 --- a/generated/latest/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/latest/client/supervisor/clientset/versioned/fake/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/scheme/doc.go b/generated/latest/client/supervisor/clientset/versioned/scheme/doc.go index 7d24c5d2..cc02f1d3 100644 --- a/generated/latest/client/supervisor/clientset/versioned/scheme/doc.go +++ b/generated/latest/client/supervisor/clientset/versioned/scheme/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/scheme/register.go b/generated/latest/client/supervisor/clientset/versioned/scheme/register.go index 0f3a5074..7b874df0 100644 --- a/generated/latest/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/latest/client/supervisor/clientset/versioned/scheme/register.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index be9998c4..c946632a 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -6,6 +6,8 @@ package v1alpha1 import ( + "net/http" + v1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/scheme" rest "k8s.io/client-go/rest" @@ -26,12 +28,28 @@ func (c *ConfigV1alpha1Client) FederationDomains(namespace string) FederationDom } // NewForConfig creates a new ConfigV1alpha1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { config := *c if err := setConfigDefaults(&config); err != nil { return nil, err } - client, err := rest.RESTClientFor(&config) + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new ConfigV1alpha1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ConfigV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err } diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index f7648ea5..088e66a2 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go index c9172314..c7175c5e 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -104,7 +104,7 @@ func (c *FakeFederationDomains) UpdateStatus(ctx context.Context, federationDoma // Delete takes name of the federationDomain and deletes it. Returns an error if one occurs. func (c *FakeFederationDomains) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { _, err := c.Fake. - Invokes(testing.NewDeleteAction(federationdomainsResource, c.ns, name), &v1alpha1.FederationDomain{}) + Invokes(testing.NewDeleteActionWithOptions(federationdomainsResource, c.ns, name, opts), &v1alpha1.FederationDomain{}) return err } diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go index 5da02cd0..2c01049d 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index 116ba682..ba9c9173 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go index 40990cd9..e69128ee 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go index 471ef9f5..e7a470b6 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go index 68c64650..7906901b 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go index d8e88b4d..9436a4bc 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -104,7 +104,7 @@ func (c *FakeActiveDirectoryIdentityProviders) UpdateStatus(ctx context.Context, // Delete takes name of the activeDirectoryIdentityProvider and deletes it. Returns an error if one occurs. func (c *FakeActiveDirectoryIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { _, err := c.Fake. - Invokes(testing.NewDeleteAction(activedirectoryidentityprovidersResource, c.ns, name), &v1alpha1.ActiveDirectoryIdentityProvider{}) + Invokes(testing.NewDeleteActionWithOptions(activedirectoryidentityprovidersResource, c.ns, name, opts), &v1alpha1.ActiveDirectoryIdentityProvider{}) return err } diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go index c089ba8b..63a68ef1 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go index d3253d48..fb134912 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -104,7 +104,7 @@ func (c *FakeLDAPIdentityProviders) UpdateStatus(ctx context.Context, lDAPIdenti // Delete takes name of the lDAPIdentityProvider and deletes it. Returns an error if one occurs. func (c *FakeLDAPIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { _, err := c.Fake. - Invokes(testing.NewDeleteAction(ldapidentityprovidersResource, c.ns, name), &v1alpha1.LDAPIdentityProvider{}) + Invokes(testing.NewDeleteActionWithOptions(ldapidentityprovidersResource, c.ns, name, opts), &v1alpha1.LDAPIdentityProvider{}) return err } diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go index 4751b72d..71d429cf 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake/fake_oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -104,7 +104,7 @@ func (c *FakeOIDCIdentityProviders) UpdateStatus(ctx context.Context, oIDCIdenti // Delete takes name of the oIDCIdentityProvider and deletes it. Returns an error if one occurs. func (c *FakeOIDCIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { _, err := c.Fake. - Invokes(testing.NewDeleteAction(oidcidentityprovidersResource, c.ns, name), &v1alpha1.OIDCIdentityProvider{}) + Invokes(testing.NewDeleteActionWithOptions(oidcidentityprovidersResource, c.ns, name, opts), &v1alpha1.OIDCIdentityProvider{}) return err } diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go index a7fdb511..cbefaca4 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go index f492b7e6..92087f3b 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/idp_client.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. @@ -6,6 +6,8 @@ package v1alpha1 import ( + "net/http" + v1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1" "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/scheme" rest "k8s.io/client-go/rest" @@ -36,12 +38,28 @@ func (c *IDPV1alpha1Client) OIDCIdentityProviders(namespace string) OIDCIdentity } // NewForConfig creates a new IDPV1alpha1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { config := *c if err := setConfigDefaults(&config); err != nil { return nil, err } - client, err := rest.RESTClientFor(&config) + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new IDPV1alpha1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*IDPV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err } diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go index c42fee93..6f2908ae 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go index 3897d6ac..0f9e8a54 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by client-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/informers/externalversions/config/interface.go b/generated/latest/client/supervisor/informers/externalversions/config/interface.go index 4b0748c9..6ab42b7e 100644 --- a/generated/latest/client/supervisor/informers/externalversions/config/interface.go +++ b/generated/latest/client/supervisor/informers/externalversions/config/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go b/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go index 30e24f63..d04d4e26 100644 --- a/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go +++ b/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index 0e850729..5273529b 100644 --- a/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/informers/externalversions/factory.go b/generated/latest/client/supervisor/informers/externalversions/factory.go index 60fa58b8..252195d3 100644 --- a/generated/latest/client/supervisor/informers/externalversions/factory.go +++ b/generated/latest/client/supervisor/informers/externalversions/factory.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/informers/externalversions/generic.go b/generated/latest/client/supervisor/informers/externalversions/generic.go index 6c6b427d..f36794e6 100644 --- a/generated/latest/client/supervisor/informers/externalversions/generic.go +++ b/generated/latest/client/supervisor/informers/externalversions/generic.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/informers/externalversions/idp/interface.go b/generated/latest/client/supervisor/informers/externalversions/idp/interface.go index f5456461..70407f0d 100644 --- a/generated/latest/client/supervisor/informers/externalversions/idp/interface.go +++ b/generated/latest/client/supervisor/informers/externalversions/idp/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go index d0393f4e..983f4e84 100644 --- a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go index 4f19f336..18d70ba7 100644 --- a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go +++ b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go index 2e6b3861..bdc190a0 100644 --- a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go index 545d1de0..5c1806c8 100644 --- a/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/latest/client/supervisor/informers/externalversions/idp/v1alpha1/oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go b/generated/latest/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go index 226d14d6..0111f276 100644 --- a/generated/latest/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/generated/latest/client/supervisor/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by informer-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/latest/client/supervisor/listers/config/v1alpha1/expansion_generated.go index 4fd0edbc..d59892c4 100644 --- a/generated/latest/client/supervisor/listers/config/v1alpha1/expansion_generated.go +++ b/generated/latest/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/listers/config/v1alpha1/federationdomain.go b/generated/latest/client/supervisor/listers/config/v1alpha1/federationdomain.go index 620503ca..4cf4e795 100644 --- a/generated/latest/client/supervisor/listers/config/v1alpha1/federationdomain.go +++ b/generated/latest/client/supervisor/listers/config/v1alpha1/federationdomain.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go b/generated/latest/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go index 47c573cc..814e7a86 100644 --- a/generated/latest/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go +++ b/generated/latest/client/supervisor/listers/idp/v1alpha1/activedirectoryidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/listers/idp/v1alpha1/expansion_generated.go b/generated/latest/client/supervisor/listers/idp/v1alpha1/expansion_generated.go index 7c625e80..d79cd0fe 100644 --- a/generated/latest/client/supervisor/listers/idp/v1alpha1/expansion_generated.go +++ b/generated/latest/client/supervisor/listers/idp/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go b/generated/latest/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go index 4c7d773c..3a73cad0 100644 --- a/generated/latest/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go +++ b/generated/latest/client/supervisor/listers/idp/v1alpha1/ldapidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/generated/latest/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go b/generated/latest/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go index 938926d5..d4425c37 100644 --- a/generated/latest/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go +++ b/generated/latest/client/supervisor/listers/idp/v1alpha1/oidcidentityprovider.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 // Code generated by lister-gen. DO NOT EDIT. diff --git a/hack/boilerplate.go.txt b/hack/boilerplate.go.txt index 7b28cd1e..8764f93e 100644 --- a/hack/boilerplate.go.txt +++ b/hack/boilerplate.go.txt @@ -1,2 +1,2 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 diff --git a/hack/lib/kube-versions.txt b/hack/lib/kube-versions.txt index b7f50718..0d833e3d 100644 --- a/hack/lib/kube-versions.txt +++ b/hack/lib/kube-versions.txt @@ -1,4 +1,7 @@ -1.20.4 -1.19.5 -1.18.2 -1.17.11 +1.23.3 +1.22.6 +1.21.9 +1.20.14 +1.19.15 +1.18.18 +1.17.16 diff --git a/hack/lib/update-codegen.sh b/hack/lib/update-codegen.sh index 8005511a..d0c11a92 100755 --- a/hack/lib/update-codegen.sh +++ b/hack/lib/update-codegen.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +# Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. # SPDX-License-Identifier: Apache-2.0 set -euo pipefail ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)" @@ -13,7 +13,7 @@ export GO111MODULE="on" if [[ -z "${CONTAINED:-}" ]]; then for kubeVersion in "${KUBE_VERSIONS[@]}"; do # CODEGEN_IMAGE is the container image to use when running - CODEGEN_IMAGE="projects.registry.vmware.com/pinniped/k8s-code-generator-$(echo "$kubeVersion" | cut -d"." -f1-2):latest" + CODEGEN_IMAGE="ghcr.io/pinniped-ci-bot/k8s-code-generator-$(echo "$kubeVersion" | cut -d"." -f1-2):latest" echo "generating code for ${kubeVersion} using ${CODEGEN_IMAGE}..." docker run --rm \ @@ -83,6 +83,10 @@ require ( ) EOF +# Generate a go.sum without changing the go.mod by running go mod download. +echo "running go mod download in ${OUTPUT_DIR}/apis/go.mod to generate a go.sum file..." +(cd "${OUTPUT_DIR}/apis" && go mod download all 2>&1 | sed "s|^|go-mod-download > |") + # Make the generated client code its own Go module. echo "generating ${OUTPUT_DIR}/client/go.mod..." mkdir client @@ -98,33 +102,40 @@ require ( k8s.io/api ${KUBE_MODULE_VERSION} k8s.io/apimachinery ${KUBE_MODULE_VERSION} k8s.io/client-go ${KUBE_MODULE_VERSION} - k8s.io/apimachinery ${KUBE_MODULE_VERSION} + ${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/apis v0.0.0 ) replace ${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/apis => ../apis EOF +# Generate a go.sum without changing the go.mod by running go mod download. +echo "running go mod download in ${OUTPUT_DIR}/client/go.mod to generate a go.sum file..." +(cd "${OUTPUT_DIR}/client" && go mod download all 2>&1 | sed "s|^|go-mod-download > |") + +# Note that you can change this value to 10 to debug the Kubernetes code generator shell scripts used below. +debug_level=1 + # Generate API-related code for our public API groups echo "generating API-related code for our public API groups..." (cd apis && bash "${GOPATH}/src/k8s.io/code-generator/generate-groups.sh" \ - deepcopy \ + "deepcopy" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/apis" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/apis" \ "supervisor/config:v1alpha1 supervisor/idp:v1alpha1 concierge/config:v1alpha1 concierge/authentication:v1alpha1 concierge/login:v1alpha1 concierge/identity:v1alpha1" \ - --go-header-file "${ROOT}/hack/boilerplate.go.txt" 2>&1 | sed "s|^|gen-api > |" + --go-header-file "${ROOT}/hack/boilerplate.go.txt" -v "$debug_level" 2>&1 | sed "s|^|gen-api > |" ) # Generate API-related code for our internal API groups echo "generating API-related code for our internal API groups..." (cd apis && bash "${GOPATH}/src/k8s.io/code-generator/generate-internal-groups.sh" \ - deepcopy,defaulter,conversion \ + "deepcopy,defaulter,conversion" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/client/concierge" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/apis" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/apis" \ "concierge/login:v1alpha1 concierge/identity:v1alpha1" \ - --go-header-file "${ROOT}/hack/boilerplate.go.txt" 2>&1 | sed "s|^|gen-int-api > |" + --go-header-file "${ROOT}/hack/boilerplate.go.txt" -v "$debug_level" 2>&1 | sed "s|^|gen-int-api > |" ) @@ -136,19 +147,19 @@ echo "tidying ${OUTPUT_DIR}/apis/go.mod..." echo "generating client code for our public API groups..." (cd client && bash "${GOPATH}/src/k8s.io/code-generator/generate-groups.sh" \ - client,lister,informer \ + "client,lister,informer" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/client/concierge" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/apis" \ "concierge/config:v1alpha1 concierge/authentication:v1alpha1 concierge/login:v1alpha1 concierge/identity:v1alpha1" \ - --go-header-file "${ROOT}/hack/boilerplate.go.txt" 2>&1 | sed "s|^|gen-client > |" + --go-header-file "${ROOT}/hack/boilerplate.go.txt" -v "$debug_level" 2>&1 | sed "s|^|gen-client > |" ) - (cd client && +(cd client && bash "${GOPATH}/src/k8s.io/code-generator/generate-groups.sh" \ - client,lister,informer \ + "client,lister,informer" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/client/supervisor" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/apis" \ "supervisor/config:v1alpha1 supervisor/idp:v1alpha1" \ - --go-header-file "${ROOT}/hack/boilerplate.go.txt" 2>&1 | sed "s|^|gen-client > |" + --go-header-file "${ROOT}/hack/boilerplate.go.txt" -v "$debug_level" 2>&1 | sed "s|^|gen-client > |" ) # Tidy up the .../client module diff --git a/hack/update.sh b/hack/update.sh index f66fdc22..6b0cbca4 100755 --- a/hack/update.sh +++ b/hack/update.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +# Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. # SPDX-License-Identifier: Apache-2.0 set -euo pipefail @@ -11,17 +11,27 @@ ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." && pwd )" xargs -n 1 -P 8 "$ROOT/hack/lib/update-codegen.sh" < "${ROOT}/hack/lib/kube-versions.txt" # Copy the latest version into a ./generated/latest directory so we can depend on it without nested modules. -LATEST_VERSION="$(head -1 < "${ROOT}/hack/lib/kube-versions.txt" | cut -d"." -f1-2)" +LATEST_MINOR_VERSION="$(head -1 < "${ROOT}/hack/lib/kube-versions.txt" | cut -d"." -f1-2)" LATEST_ROOT="$ROOT/generated/latest" rm -rf "$LATEST_ROOT" -cp -r "$ROOT/generated/$LATEST_VERSION/" "$LATEST_ROOT" +cp -r "$ROOT/generated/$LATEST_MINOR_VERSION/" "$LATEST_ROOT" find "$LATEST_ROOT" \( -name "go.mod" -or -name "go.sum" -or -name "README.adoc" \) -delete rm -r "$LATEST_ROOT/crds" -find "$LATEST_ROOT" -type f -print0 | xargs -0 sed -i '' -e "s|go.pinniped.dev/generated/$LATEST_VERSION|go.pinniped.dev/generated/latest|g" +if [[ "$(uname -s)" == "Linux" ]]; then + # docker on linux preserves the root ownership of the output files of update-codegen.sh, + # so chown the files before editing them. + sudo chown -R "$(id --user)" generated + sudo chgrp -R "$(id --group)" generated + # sed on Linux uses -i'' (no space in between). + find "$LATEST_ROOT" -type f -print0 | xargs -0 sed -i'' -e "s|go.pinniped.dev/generated/$LATEST_MINOR_VERSION|go.pinniped.dev/generated/latest|g" +else + # sed on MacOS uses -i '' (with space in between). + find "$LATEST_ROOT" -type f -print0 | xargs -0 sed -i '' -e "s|go.pinniped.dev/generated/$LATEST_MINOR_VERSION|go.pinniped.dev/generated/latest|g" +fi # Copy each CRD yaml to the app which should cause it to be installed. -cp "$ROOT"/generated/1.20/crds/*.supervisor.*.yaml "$ROOT/deploy/supervisor" -cp "$ROOT"/generated/1.20/crds/*.concierge.*.yaml "$ROOT/deploy/concierge" +cp "$ROOT"/generated/"$LATEST_MINOR_VERSION"/crds/*.supervisor.*.yaml "$ROOT/deploy/supervisor" +cp "$ROOT"/generated/"$LATEST_MINOR_VERSION"/crds/*.concierge.*.yaml "$ROOT/deploy/concierge" # Tidy. "$ROOT/hack/module.sh" tidy From 8179a7e80259a1afdc8d05e1677e838320cedb2a Mon Sep 17 00:00:00 2001 From: Monis Khan Date: Tue, 1 Mar 2022 09:25:56 -0500 Subject: [PATCH 4/8] Bump kube to v0.23.4, rest to latest Signed-off-by: Monis Khan --- go.mod | 42 +++++++++++++-------------- go.sum | 91 ++++++++++++++++++++++++++++++++-------------------------- 2 files changed, 72 insertions(+), 61 deletions(-) diff --git a/go.mod b/go.mod index e6a4d71b..7152237b 100644 --- a/go.mod +++ b/go.mod @@ -42,7 +42,7 @@ require ( github.com/creack/pty v1.1.17 github.com/davecgh/go-spew v1.1.1 github.com/felixge/httpsnoop v1.0.2 - github.com/go-ldap/ldap/v3 v3.4.1 + github.com/go-ldap/ldap/v3 v3.4.2 github.com/go-logr/logr v1.2.2 github.com/go-logr/stdr v1.2.2 github.com/gofrs/flock v0.8.1 @@ -51,11 +51,11 @@ require ( github.com/google/gofuzz v1.2.0 github.com/google/uuid v1.3.0 github.com/gorilla/securecookie v1.1.1 - github.com/gorilla/websocket v1.4.2 + github.com/gorilla/websocket v1.5.0 github.com/joshlf/go-acl v0.0.0-20200411065538-eae00ae38531 github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 github.com/ory/fosite v0.42.1 - github.com/ory/x v0.0.344 + github.com/ory/x v0.0.352 github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 github.com/pkg/errors v0.9.1 github.com/sclevine/agouti v3.0.0+incompatible @@ -65,28 +65,28 @@ require ( github.com/stretchr/testify v1.7.0 github.com/tdewolff/minify/v2 v2.10.0 go.uber.org/atomic v1.9.0 - golang.org/x/crypto v0.0.0-20220210151621-f4118a5b28e2 - golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd - golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 + golang.org/x/crypto v0.0.0-20220214200702-86341886e292 + golang.org/x/net v0.0.0-20220225172249-27dd8689420f + golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b golang.org/x/sync v0.0.0-20210220032951-036812b2e83c golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 golang.org/x/text v0.3.7 gopkg.in/square/go-jose.v2 v2.6.0 - k8s.io/api v0.23.3 - k8s.io/apiextensions-apiserver v0.23.3 - k8s.io/apimachinery v0.23.3 - k8s.io/apiserver v0.23.3 - k8s.io/client-go v0.23.3 - k8s.io/component-base v0.23.3 + k8s.io/api v0.23.4 + k8s.io/apiextensions-apiserver v0.23.4 + k8s.io/apimachinery v0.23.4 + k8s.io/apiserver v0.23.4 + k8s.io/client-go v0.23.4 + k8s.io/component-base v0.23.4 k8s.io/gengo v0.0.0-20211129171323-c02415ce4185 k8s.io/klog/v2 v2.40.1 - k8s.io/kube-aggregator v0.23.3 - k8s.io/utils v0.0.0-20220127004650-9b3446523e65 + k8s.io/kube-aggregator v0.23.4 + k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 sigs.k8s.io/yaml v1.3.0 ) require ( - cloud.google.com/go/compute v1.2.0 // indirect + cloud.google.com/go/compute v1.5.0 // indirect github.com/Azure/go-autorest v14.2.0+incompatible // indirect github.com/Azure/go-autorest/autorest v0.11.24 // indirect github.com/Azure/go-autorest/autorest/adal v0.9.18 // indirect @@ -129,7 +129,7 @@ require ( github.com/josharian/intern v1.0.0 // indirect github.com/joshlf/testutil v0.0.0-20170608050642-b5d8aa79d93d // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/magiconair/properties v1.8.5 // indirect + github.com/magiconair/properties v1.8.6 // indirect github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/goveralls v0.0.11 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect @@ -169,15 +169,15 @@ require ( go.opentelemetry.io/otel/sdk/metric v0.20.0 // indirect go.opentelemetry.io/otel/trace v1.2.0 // indirect go.opentelemetry.io/proto/otlp v0.10.0 // indirect - go.uber.org/multierr v1.7.0 // indirect + go.uber.org/multierr v1.8.0 // indirect go.uber.org/zap v1.21.0 // indirect golang.org/x/mod v0.5.1 // indirect - golang.org/x/sys v0.0.0-20220209214540-3681064d5158 // indirect - golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11 // indirect + golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9 // indirect + golang.org/x/time v0.0.0-20220224211638-0e9765cccd65 // indirect golang.org/x/tools v0.1.9 // indirect golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20220208230804-65c12eb4c068 // indirect + google.golang.org/genproto v0.0.0-20220228195345-15d65a4533f7 // indirect google.golang.org/grpc v1.44.0 // indirect google.golang.org/protobuf v1.27.1 // indirect gopkg.in/inf.v0 v0.9.1 // indirect @@ -186,7 +186,7 @@ require ( gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect k8s.io/kube-openapi v0.0.0-20220124234850-424119656bbf // indirect - sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.27 // indirect + sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.28 // indirect sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 // indirect sigs.k8s.io/structured-merge-diff/v4 v4.2.1 // indirect ) diff --git a/go.sum b/go.sum index 631f14b5..64917f65 100644 --- a/go.sum +++ b/go.sum @@ -41,8 +41,9 @@ cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUM cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= cloud.google.com/go/compute v0.1.0/go.mod h1:GAesmwr110a34z04OlxYkATPBEfVhkymfTBXtfbBFow= -cloud.google.com/go/compute v1.2.0 h1:EKki8sSdvDU0OO9mAXGwPXOTOgPz2l08R0/IutDH11I= -cloud.google.com/go/compute v1.2.0/go.mod h1:xlogom/6gr8RJGBe7nT2eGsQYAFUbbv8dbC29qE3Xmw= +cloud.google.com/go/compute v1.3.0/go.mod h1:cCZiE1NHEtai4wiufUhW8I8S1JKkAnhnQJWM7YD99wM= +cloud.google.com/go/compute v1.5.0 h1:b1zWmYuuHz7gO9kDcM/EpHGr06UgsYNRpNJzI2kFiLM= +cloud.google.com/go/compute v1.5.0/go.mod h1:9SMHyhJlzhlkJqrPAc839t2BZFTSk6Jdj6mkzQJeu0M= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk= @@ -519,8 +520,8 @@ github.com/go-latex/latex v0.0.0-20210118124228-b3d85cf34e07/go.mod h1:CO1AlKB2C github.com/go-latex/latex v0.0.0-20210823091927-c0d11ff05a81/go.mod h1:SX0U8uGpxhq9o2S/CELCSUxEWWAuoCUcVCQWv7G2OCk= github.com/go-ldap/ldap v3.0.2+incompatible h1:kD5HQcAzlQ7yrhfn+h+MSABeAy/jAJhvIJ/QDllP44g= github.com/go-ldap/ldap v3.0.2+incompatible/go.mod h1:qfd9rJvER9Q0/D/Sqn1DfHRoBp40uXYvFoEVrNEPqRc= -github.com/go-ldap/ldap/v3 v3.4.1 h1:fU/0xli6HY02ocbMuozHAYsaHLcnkLjvho2r5a34BUU= -github.com/go-ldap/ldap/v3 v3.4.1/go.mod h1:iYS1MdmrmceOJ1QOTnRXrIs7i3kloqtmGQjRvjKpyMg= +github.com/go-ldap/ldap/v3 v3.4.2 h1:zFZKcXKLqZpFMrMQGHeHWKXbDTdNCmhGY9AK41zPh+8= +github.com/go-ldap/ldap/v3 v3.4.2/go.mod h1:iYS1MdmrmceOJ1QOTnRXrIs7i3kloqtmGQjRvjKpyMg= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= @@ -1030,8 +1031,9 @@ github.com/gorilla/sessions v1.1.2/go.mod h1:8KCfur6+4Mqcc6S0FEfKuN15Vl5MgXW92AE github.com/gorilla/sessions v1.1.3/go.mod h1:8KCfur6+4Mqcc6S0FEfKuN15Vl5MgXW92AE8ovaJD0w= github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/gorilla/websocket v1.4.2 h1:+/TMaTYc4QFitKJxsQ7Yye35DkWvkdLcvGKqM+x0Ufc= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= +github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gotestyourself/gotestyourself v1.3.0/go.mod h1:zZKM6oeNM8k+FRljX1mnzVYeS8wiGgQyvST1/GafPbY= github.com/gotestyourself/gotestyourself v2.2.0+incompatible/go.mod h1:zZKM6oeNM8k+FRljX1mnzVYeS8wiGgQyvST1/GafPbY= github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= @@ -1290,8 +1292,9 @@ github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0Q github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.4/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= -github.com/magiconair/properties v1.8.5 h1:b6kJs+EmPFMYGkow9GiUyCyOvIwYetYJ3fSaWak/Gls= github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= +github.com/magiconair/properties v1.8.6 h1:5ibWZ6iY0NctNGWo87LalDlEZ6R41TqbbDamhfG/Qzo= +github.com/magiconair/properties v1.8.6/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= @@ -1541,8 +1544,8 @@ github.com/ory/x v0.0.214/go.mod h1:aRl57gzyD4GF0HQCekovXhv0xTZgAgiht3o8eVhsm9Q= github.com/ory/x v0.0.250/go.mod h1:jUJaVptu+geeqlb9SyQCogTKj5ztSDIF6APkhbKtwLc= github.com/ory/x v0.0.272/go.mod h1:1TTPgJGQutrhI2OnwdrTIHE9ITSf4MpzXFzA/ncTGRc= github.com/ory/x v0.0.288/go.mod h1:APpShLyJcVzKw1kTgrHI+j/L9YM+8BRjHlcYObc7C1U= -github.com/ory/x v0.0.344 h1:ba74mT+d3UNNCdqSq5cTEHsjQc5UHoTjE9e873nNpRM= -github.com/ory/x v0.0.344/go.mod h1:Ddbu3ecSaNDgxdntdD1gDu3ALG5fWR5AwUB1ILeBUNE= +github.com/ory/x v0.0.352 h1:FNQZENWd0NB5nM5RuWu/mEjKuK85U4SyX+Zqrw2cJLg= +github.com/ory/x v0.0.352/go.mod h1:zuNjBKtyxFpKnDG6q/1QP0pqQv840P/Dw5JbdY7lNTU= github.com/pact-foundation/pact-go v1.0.4/go.mod h1:uExwJY4kCzNPcHRj+hCR/HBbOOIwwtUjcrb0b5/5kLM= github.com/parnurzeal/gorequest v0.2.15/go.mod h1:3Kh2QUMJoqw3icWAecsyzkpY7UzRfDhbRdTjtNwNiUE= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= @@ -1981,8 +1984,8 @@ go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/ go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4= go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= -go.uber.org/multierr v1.7.0 h1:zaiO/rmgFjbmCXdSYJWQcdvOCsthmdaHfr3Gm2Kx4Ec= -go.uber.org/multierr v1.7.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= +go.uber.org/multierr v1.8.0 h1:dg6GjLku4EH+249NNmoIciG9N/jURbDG+pFlTkhzIC8= +go.uber.org/multierr v1.8.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= @@ -2042,8 +2045,8 @@ golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.0.0-20220210151621-f4118a5b28e2 h1:XdAboW3BNMv9ocSCOk/u1MFioZGzCNkiJZ19v9Oe3Ig= -golang.org/x/crypto v0.0.0-20220210151621-f4118a5b28e2/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20220214200702-86341886e292 h1:f+lwQ+GtmgoY+A2YaQxlSOnDjXcQ7ZRLWOHbC6HtRqE= +golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -2173,8 +2176,9 @@ golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20211020060615-d418f374d309/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd h1:O7DYs+zxREGLKzKoMQrtrEacpb0ZVXA5rIwylE2Xchk= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220225172249-27dd8689420f h1:oA4XRj0qtSt8Yo1Zms0CUlsT3KG69V2UGQWPBxujDmc= +golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181003184128-c57b0facaced/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -2193,8 +2197,9 @@ golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 h1:RerP+noqYHUQ8CMRcPlC2nvTa4dcBIjegkuWdcUDuqg= golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b h1:clP8eMhB30EHdc0bd2Twtq6kgU7yl5ub2cQLSdrv1Dg= +golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -2354,8 +2359,10 @@ golang.org/x/sys v0.0.0-20211205182925-97ca703d548d/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20211210111614-af8b64212486/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220209214540-3681064d5158 h1:rm+CHSpPEEW2IsXUib1ThaHIjuBVZjxNgSKmBLFfD4c= +golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9 h1:nhht2DYV/Sn3qOayu8lM+cU1ii9sTLUeBQwQQfUHtrs= +golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -2379,8 +2386,8 @@ golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxb golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11 h1:GZokNIeuVkl3aZHJchRrr13WCsols02MLUcz1U9is6M= -golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20220224211638-0e9765cccd65 h1:M73Iuj3xbbb9Uk1DYhzydthsj6oOd6l9bpuFcNoUvTs= +golang.org/x/time v0.0.0-20220224211638-0e9765cccd65/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -2548,7 +2555,8 @@ google.golang.org/api v0.59.0/go.mod h1:sT2boj7M9YJxZzgeZqXogmhfmRWDtPzT31xkieUb google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I= google.golang.org/api v0.62.0/go.mod h1:dKmwPCydfsad4qCH08MSdgWjfHOyfpd4VtDGgRFdavw= google.golang.org/api v0.63.0/go.mod h1:gs4ij2ffTRXwuzzgJl/56BdwJaA194ijkfn++9tDuPo= -google.golang.org/api v0.66.0/go.mod h1:I1dmXYpX7HGwz/ejRxwQp2qj5bFAz93HiCU1C1oYd9M= +google.golang.org/api v0.67.0/go.mod h1:ShHKP8E60yPsKNw/w8w+VYaj9H6buA5UqDp8dhbQZ6g= +google.golang.org/api v0.70.0/go.mod h1:Bs4ZM2HGifEvXwd50TtW70ovgJffJYw2oRCOFU/SkfA= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -2637,10 +2645,12 @@ google.golang.org/genproto v0.0.0-20211203200212-54befc351ae9/go.mod h1:5CzLGKJ6 google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211221195035-429b39de9b1c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220114231437-d2e6a121cae0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220201184016-50beb8ab5c44/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220208230804-65c12eb4c068 h1:pwzFiZfBTH/GjBWz1BcDwMBaHBo8mZvpLa7eBKJpFAk= -google.golang.org/genproto v0.0.0-20220208230804-65c12eb4c068/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220126215142-9970aeb2e350/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220207164111-0872dc986b00/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220218161850-94dd64e39d7c/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220222213610-43724f9ea8cf/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= +google.golang.org/genproto v0.0.0-20220228195345-15d65a4533f7 h1:ntPPoHzFW6Xp09ueznmahONZufyoSakK/piXnr2BU3I= +google.golang.org/genproto v0.0.0-20220228195345-15d65a4533f7/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= @@ -2779,31 +2789,31 @@ howett.net/plist v0.0.0-20201203080718-1454fab16a06/go.mod h1:vMygbs4qMhSZSc4lCU k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= -k8s.io/api v0.23.3 h1:KNrME8KHGr12Ozjf8ytOewKzZh6hl/hHUZeHddT3a38= -k8s.io/api v0.23.3/go.mod h1:w258XdGyvCmnBj/vGzQMj6kzdufJZVUwEM1U2fRJwSQ= -k8s.io/apiextensions-apiserver v0.23.3 h1:JvPJA7hSEAqMRteveq4aj9semilAZYcJv+9HHFWfUdM= -k8s.io/apiextensions-apiserver v0.23.3/go.mod h1:/ZpRXdgKZA6DvIVPEmXDCZJN53YIQEUDF+hrpIQJL38= +k8s.io/api v0.23.4 h1:85gnfXQOWbJa1SiWGpE9EEtHs0UVvDyIsSMpEtl2D4E= +k8s.io/api v0.23.4/go.mod h1:i77F4JfyNNrhOjZF7OwwNJS5Y1S9dpwvb9iYRYRczfI= +k8s.io/apiextensions-apiserver v0.23.4 h1:AFDUEu/yEf0YnuZhqhIFhPLPhhcQQVuR1u3WCh0rveU= +k8s.io/apiextensions-apiserver v0.23.4/go.mod h1:TWYAKymJx7nLMxWCgWm2RYGXHrGlVZnxIlGnvtfYu+g= k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc= -k8s.io/apimachinery v0.23.3 h1:7IW6jxNzrXTsP0c8yXz2E5Yx/WTzVPTsHIx/2Vm0cIk= -k8s.io/apimachinery v0.23.3/go.mod h1:BEuFMMBaIbcOqVIJqNZJXGFTP4W6AycEpb5+m/97hrM= +k8s.io/apimachinery v0.23.4 h1:fhnuMd/xUL3Cjfl64j5ULKZ1/J9n8NuQEgNL+WXWfdM= +k8s.io/apimachinery v0.23.4/go.mod h1:BEuFMMBaIbcOqVIJqNZJXGFTP4W6AycEpb5+m/97hrM= k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM= k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q= -k8s.io/apiserver v0.23.3 h1:gWY1DmA0AdAGR/H+Q/1FtyGkFq8xqSaZOw7oLopmO8k= -k8s.io/apiserver v0.23.3/go.mod h1:3HhsTmC+Pn+Jctw+Ow0LHA4dQ4oXrQ4XJDzrVDG64T4= +k8s.io/apiserver v0.23.4 h1:zNvQlG+C/ERjuUz4p7eY/0IWHaMixRSBoxgmyIdwo9Y= +k8s.io/apiserver v0.23.4/go.mod h1:A6l/ZcNtxGfPSqbFDoxxOjEjSKBaQmE+UTveOmMkpNc= k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0= -k8s.io/client-go v0.23.3 h1:23QYUmCQ/W6hW78xIwm3XqZrrKZM+LWDqW2zfo+szJs= -k8s.io/client-go v0.23.3/go.mod h1:47oMd+YvAOqZM7pcQ6neJtBiFH7alOyfunYN48VsmwE= -k8s.io/code-generator v0.23.3/go.mod h1:S0Q1JVA+kSzTI1oUvbKAxZY/DYbA/ZUb4Uknog12ETk= +k8s.io/client-go v0.23.4 h1:YVWvPeerA2gpUudLelvsolzH7c2sFoXXR5wM/sWqNFU= +k8s.io/client-go v0.23.4/go.mod h1:PKnIL4pqLuvYUK1WU7RLTMYKPiIh7MYShLshtRY9cj0= +k8s.io/code-generator v0.23.4/go.mod h1:S0Q1JVA+kSzTI1oUvbKAxZY/DYbA/ZUb4Uknog12ETk= k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI= k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM= -k8s.io/component-base v0.23.3 h1:q+epprVdylgecijVGVdf4MbizEL2feW4ssd7cdo6LVY= -k8s.io/component-base v0.23.3/go.mod h1:1Smc4C60rWG7d3HjSYpIwEbySQ3YWg0uzH5a2AtaTLg= +k8s.io/component-base v0.23.4 h1:SziYh48+QKxK+ykJ3Ejqd98XdZIseVBG7sBaNLPqy6M= +k8s.io/component-base v0.23.4/go.mod h1:8o3Gg8i2vnUXGPOwciiYlkSaZT+p+7gA9Scoz8y4W4E= k8s.io/cri-api v0.17.3/go.mod h1:X1sbHmuXhwaHs9xxYffLqJogVsnI+f6cPRcgPel7ywM= k8s.io/cri-api v0.20.1/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= k8s.io/cri-api v0.20.4/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= @@ -2818,8 +2828,8 @@ k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.30.0/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.40.1 h1:P4RRucWk/lFOlDdkAr3mc7iWFkgKrZY9qZMAgek06S4= k8s.io/klog/v2 v2.40.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-aggregator v0.23.3 h1:9IP+D+YzIbGor/TArN3pYf9Thj19wYhzLRGRrFaKFSs= -k8s.io/kube-aggregator v0.23.3/go.mod h1:pt5QJ3QaIdhZzNlUvN5wndbM0LNT4BvhszGkzy2QdFo= +k8s.io/kube-aggregator v0.23.4 h1:gLk78rGLVfUXCdD14NrKg/JFBmNNCZ8FEs3tYt+W6Zk= +k8s.io/kube-aggregator v0.23.4/go.mod h1:hpmPi4oaLBe014CkBCqzBYWok64H2C7Ka6FBLJvHgkg= k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65/go.mod h1:sX9MT8g7NVZM5lVL/j8QyCCJe8YSMW30QvGZWaCIDIk= k8s.io/kube-openapi v0.0.0-20220124234850-424119656bbf h1:M9XBsiMslw2lb2ZzglC0TOkBPK5NQi0/noUrdnoFwUg= @@ -2828,8 +2838,8 @@ k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20211116205334-6203023598ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20220127004650-9b3446523e65 h1:ONWS0Wgdg5wRiQIAui7L/023aC9+IxrIrydY7l8llsE= -k8s.io/utils v0.0.0-20220127004650-9b3446523e65/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 h1:HNSDgDCrr/6Ly3WEGKZftiE7IY19Vz2GdbOCyI4qqhc= +k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= modernc.org/cc v1.0.0/go.mod h1:1Sk4//wdnYJiUIxnW8ddKpaOJCF37yAdqYnkxUpaYxw= modernc.org/golex v1.0.0/go.mod h1:b/QX9oBD/LhixY6NDh+IdGv17hgB+51fET1i2kPSmvk= modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k= @@ -2841,8 +2851,9 @@ rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.27 h1:KQOkVzXrLNb0EP6W0FD6u3CCPAwgXFYwZitbj7K0P0Y= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.27/go.mod h1:tq2nT0Kx7W+/f2JVE+zxYtUhdjuELJkVpNz+x/QN5R4= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.28 h1:W77Zf0W3/x9IuyysjbDMV9wJKH/ksG6eviSzyd4jFTc= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.28/go.mod h1:tq2nT0Kx7W+/f2JVE+zxYtUhdjuELJkVpNz+x/QN5R4= sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6/go.mod h1:p4QtZmO4uMYipTQNzagwnNoseA6OxSUutVw05NhYDRs= sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 h1:kDi4JBNAsJWfz1aEXhO8Jg87JJaPNLh5tIzYHgStQ9Y= sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2/go.mod h1:B+TnT182UBxE84DiCz4CVE26eOSDAeYCpfDnC2kdKMY= From bf7457db59e096ce916ca6411d4238699ef347f2 Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Tue, 1 Mar 2022 10:01:49 -0800 Subject: [PATCH 5/8] expose env var for debug level of codegen --- hack/lib/update-codegen.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/hack/lib/update-codegen.sh b/hack/lib/update-codegen.sh index d0c11a92..8a101f21 100755 --- a/hack/lib/update-codegen.sh +++ b/hack/lib/update-codegen.sh @@ -8,6 +8,9 @@ KUBE_VERSIONS=("$@") BASE_PKG="go.pinniped.dev" export GO111MODULE="on" +# Note that you can change this value to 10 to debug the Kubernetes code generator shell scripts used below. +debug_level="${CODEGEN_LOG_LEVEL:-1}" + # If we're not running in a container, assume that we want to loop over and run each build # in a container. if [[ -z "${CONTAINED:-}" ]]; then @@ -18,6 +21,7 @@ if [[ -z "${CONTAINED:-}" ]]; then echo "generating code for ${kubeVersion} using ${CODEGEN_IMAGE}..." docker run --rm \ --env CONTAINED=1 \ + --env CODEGEN_LOG_LEVEL="$debug_level" \ --volume "${ROOT}:/work" \ --workdir "/work" \ "${CODEGEN_IMAGE}" \ @@ -112,9 +116,6 @@ EOF echo "running go mod download in ${OUTPUT_DIR}/client/go.mod to generate a go.sum file..." (cd "${OUTPUT_DIR}/client" && go mod download all 2>&1 | sed "s|^|go-mod-download > |") -# Note that you can change this value to 10 to debug the Kubernetes code generator shell scripts used below. -debug_level=1 - # Generate API-related code for our public API groups echo "generating API-related code for our public API groups..." (cd apis && From 58f790c1c6994ac7310d243b7389ce92c747ca08 Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Tue, 1 Mar 2022 10:39:58 -0800 Subject: [PATCH 6/8] generate code for 1.17-1.20 using Go 1.17 --- .../concierge/authentication/v1alpha1/zz_generated.deepcopy.go | 1 + .../apis/concierge/config/v1alpha1/zz_generated.deepcopy.go | 1 + .../apis/concierge/identity/v1alpha1/zz_generated.conversion.go | 1 + .../apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go | 1 + .../apis/concierge/identity/v1alpha1/zz_generated.defaults.go | 1 + generated/1.17/apis/concierge/identity/zz_generated.deepcopy.go | 1 + .../apis/concierge/login/v1alpha1/zz_generated.conversion.go | 1 + .../1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go | 1 + .../1.17/apis/concierge/login/v1alpha1/zz_generated.defaults.go | 1 + generated/1.17/apis/concierge/login/zz_generated.deepcopy.go | 1 + generated/1.17/apis/go.sum | 2 -- .../apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go | 1 + .../1.17/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go | 1 + .../concierge/authentication/v1alpha1/zz_generated.deepcopy.go | 1 + .../apis/concierge/config/v1alpha1/zz_generated.deepcopy.go | 1 + .../apis/concierge/identity/v1alpha1/zz_generated.conversion.go | 1 + .../apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go | 1 + .../apis/concierge/identity/v1alpha1/zz_generated.defaults.go | 1 + generated/1.18/apis/concierge/identity/zz_generated.deepcopy.go | 1 + .../apis/concierge/login/v1alpha1/zz_generated.conversion.go | 1 + .../1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go | 1 + .../1.18/apis/concierge/login/v1alpha1/zz_generated.defaults.go | 1 + generated/1.18/apis/concierge/login/zz_generated.deepcopy.go | 1 + generated/1.18/apis/go.sum | 2 -- .../apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go | 1 + .../1.18/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go | 1 + .../concierge/authentication/v1alpha1/zz_generated.deepcopy.go | 1 + .../apis/concierge/config/v1alpha1/zz_generated.deepcopy.go | 1 + .../apis/concierge/identity/v1alpha1/zz_generated.conversion.go | 1 + .../apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go | 1 + .../apis/concierge/identity/v1alpha1/zz_generated.defaults.go | 1 + generated/1.19/apis/concierge/identity/zz_generated.deepcopy.go | 1 + .../apis/concierge/login/v1alpha1/zz_generated.conversion.go | 1 + .../1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go | 1 + .../1.19/apis/concierge/login/v1alpha1/zz_generated.defaults.go | 1 + generated/1.19/apis/concierge/login/zz_generated.deepcopy.go | 1 + generated/1.19/apis/go.sum | 2 -- .../apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go | 1 + .../1.19/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go | 1 + .../concierge/authentication/v1alpha1/zz_generated.deepcopy.go | 1 + .../apis/concierge/config/v1alpha1/zz_generated.deepcopy.go | 1 + .../apis/concierge/identity/v1alpha1/zz_generated.conversion.go | 1 + .../apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go | 1 + .../apis/concierge/identity/v1alpha1/zz_generated.defaults.go | 1 + generated/1.20/apis/concierge/identity/zz_generated.deepcopy.go | 1 + .../apis/concierge/login/v1alpha1/zz_generated.conversion.go | 1 + .../1.20/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go | 1 + .../1.20/apis/concierge/login/v1alpha1/zz_generated.defaults.go | 1 + generated/1.20/apis/concierge/login/zz_generated.deepcopy.go | 1 + generated/1.20/apis/go.sum | 2 -- .../apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go | 1 + .../1.20/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go | 1 + 52 files changed, 48 insertions(+), 8 deletions(-) diff --git a/generated/1.17/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index 011daf87..883959bf 100644 --- a/generated/1.17/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.17/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go index 4f93cd1d..a00b3fc8 100644 --- a/generated/1.17/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.conversion.go index c3cc79c3..a03069d5 100644 --- a/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.conversion.go +++ b/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.conversion.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go index cb3cb300..8206b6dd 100644 --- a/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.defaults.go index 13351449..9097a935 100644 --- a/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.defaults.go +++ b/generated/1.17/apis/concierge/identity/v1alpha1/zz_generated.defaults.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.17/apis/concierge/identity/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/identity/zz_generated.deepcopy.go index f176dfb0..4d844ffd 100644 --- a/generated/1.17/apis/concierge/identity/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/identity/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.conversion.go index 0bfc05b1..6835b905 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go index 18ca4b25..6f39cfec 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.defaults.go index 13351449..9097a935 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.defaults.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.defaults.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.17/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/login/zz_generated.deepcopy.go index aa41974e..07f4f074 100644 --- a/generated/1.17/apis/concierge/login/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/login/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.17/apis/go.sum b/generated/1.17/apis/go.sum index 688beed9..8b02fb72 100644 --- a/generated/1.17/apis/go.sum +++ b/generated/1.17/apis/go.sum @@ -63,7 +63,6 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -73,7 +72,6 @@ golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456 h1:ng0gs1AKnRRuEMZoTLLlbOd+C17zUDepwGQBb/n+JVg= golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= diff --git a/generated/1.17/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 5c12910e..856b8988 100644 --- a/generated/1.17/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.17/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index b1e1c3dd..5f5be6f3 100644 --- a/generated/1.17/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.18/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index 011daf87..883959bf 100644 --- a/generated/1.18/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.18/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go index 4f93cd1d..a00b3fc8 100644 --- a/generated/1.18/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.conversion.go index c4ac66f7..12ba8663 100644 --- a/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.conversion.go +++ b/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.conversion.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go index cb3cb300..8206b6dd 100644 --- a/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.defaults.go index 13351449..9097a935 100644 --- a/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.defaults.go +++ b/generated/1.18/apis/concierge/identity/v1alpha1/zz_generated.defaults.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.18/apis/concierge/identity/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/identity/zz_generated.deepcopy.go index f176dfb0..4d844ffd 100644 --- a/generated/1.18/apis/concierge/identity/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/identity/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.conversion.go index 23a85fce..7ecda590 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go index 18ca4b25..6f39cfec 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.defaults.go index 13351449..9097a935 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.defaults.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.defaults.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.18/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/login/zz_generated.deepcopy.go index aa41974e..07f4f074 100644 --- a/generated/1.18/apis/concierge/login/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/login/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.18/apis/go.sum b/generated/1.18/apis/go.sum index 3cbc46a4..dda3fdc9 100644 --- a/generated/1.18/apis/go.sum +++ b/generated/1.18/apis/go.sum @@ -69,7 +69,6 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -90,7 +89,6 @@ golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201112073958-5cba982894dd h1:5CtCZbICpIOFdgO940moixOPjc0178IU44m4EjOO5IY= golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= diff --git a/generated/1.18/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 5c12910e..856b8988 100644 --- a/generated/1.18/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.18/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index b1e1c3dd..5f5be6f3 100644 --- a/generated/1.18/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.19/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index 011daf87..883959bf 100644 --- a/generated/1.19/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.19/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go index 4f93cd1d..a00b3fc8 100644 --- a/generated/1.19/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.conversion.go index 2bdd0f25..7c9e053e 100644 --- a/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.conversion.go +++ b/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.conversion.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go index cb3cb300..8206b6dd 100644 --- a/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.defaults.go index 13351449..9097a935 100644 --- a/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.defaults.go +++ b/generated/1.19/apis/concierge/identity/v1alpha1/zz_generated.defaults.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.19/apis/concierge/identity/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/identity/zz_generated.deepcopy.go index f176dfb0..4d844ffd 100644 --- a/generated/1.19/apis/concierge/identity/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/identity/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.conversion.go index b14331de..a374f417 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go index 18ca4b25..6f39cfec 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.defaults.go index 13351449..9097a935 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.defaults.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.defaults.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.19/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/login/zz_generated.deepcopy.go index aa41974e..07f4f074 100644 --- a/generated/1.19/apis/concierge/login/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/login/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.19/apis/go.sum b/generated/1.19/apis/go.sum index 32c6cf1a..e65852db 100644 --- a/generated/1.19/apis/go.sum +++ b/generated/1.19/apis/go.sum @@ -91,7 +91,6 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -124,7 +123,6 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201112073958-5cba982894dd h1:5CtCZbICpIOFdgO940moixOPjc0178IU44m4EjOO5IY= golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= diff --git a/generated/1.19/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 5c12910e..856b8988 100644 --- a/generated/1.19/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.19/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index b1e1c3dd..5f5be6f3 100644 --- a/generated/1.19/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.20/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go b/generated/1.20/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index 011daf87..883959bf 100644 --- a/generated/1.20/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.20/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.20/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.20/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go index 4f93cd1d..a00b3fc8 100644 --- a/generated/1.20/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.20/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.conversion.go b/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.conversion.go index 7b7aef34..1127f977 100644 --- a/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.conversion.go +++ b/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.conversion.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go b/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go index cb3cb300..8206b6dd 100644 --- a/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.defaults.go b/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.defaults.go index 13351449..9097a935 100644 --- a/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.defaults.go +++ b/generated/1.20/apis/concierge/identity/v1alpha1/zz_generated.defaults.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.20/apis/concierge/identity/zz_generated.deepcopy.go b/generated/1.20/apis/concierge/identity/zz_generated.deepcopy.go index f176dfb0..4d844ffd 100644 --- a/generated/1.20/apis/concierge/identity/zz_generated.deepcopy.go +++ b/generated/1.20/apis/concierge/identity/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.conversion.go index f14f64f4..ced1bf26 100644 --- a/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go index 18ca4b25..6f39cfec 100644 --- a/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.defaults.go b/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.defaults.go index 13351449..9097a935 100644 --- a/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.defaults.go +++ b/generated/1.20/apis/concierge/login/v1alpha1/zz_generated.defaults.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.20/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.20/apis/concierge/login/zz_generated.deepcopy.go index aa41974e..07f4f074 100644 --- a/generated/1.20/apis/concierge/login/zz_generated.deepcopy.go +++ b/generated/1.20/apis/concierge/login/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.20/apis/go.sum b/generated/1.20/apis/go.sum index d1ac6c2a..b252f0b3 100644 --- a/generated/1.20/apis/go.sum +++ b/generated/1.20/apis/go.sum @@ -104,7 +104,6 @@ github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9dec golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -140,7 +139,6 @@ golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201112073958-5cba982894dd h1:5CtCZbICpIOFdgO940moixOPjc0178IU44m4EjOO5IY= golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= diff --git a/generated/1.20/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.20/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 5c12910e..856b8988 100644 --- a/generated/1.20/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.20/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. diff --git a/generated/1.20/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.20/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go index b1e1c3dd..5f5be6f3 100644 --- a/generated/1.20/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.20/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. From 609b55a6d70549186da6dc42a83d45bdaaf8de76 Mon Sep 17 00:00:00 2001 From: Margo Crawford Date: Tue, 1 Feb 2022 16:50:30 -0800 Subject: [PATCH 7/8] Pinniped Supervisor should issue a warning when groups change during refresh --- internal/oidc/token/token_handler.go | 32 ++ internal/oidc/token/token_handler_test.go | 49 +++ test/integration/supervisor_warnings_test.go | 439 +++++++++++++++++++ 3 files changed, 520 insertions(+) create mode 100644 test/integration/supervisor_warnings_test.go diff --git a/internal/oidc/token/token_handler.go b/internal/oidc/token/token_handler.go index 55e73352..5cd82ada 100644 --- a/internal/oidc/token/token_handler.go +++ b/internal/oidc/token/token_handler.go @@ -7,11 +7,13 @@ package token import ( "context" "errors" + "fmt" "net/http" "github.com/ory/fosite" "github.com/ory/x/errorsx" "golang.org/x/oauth2" + "k8s.io/apimachinery/pkg/util/sets" "k8s.io/apiserver/pkg/warning" "go.pinniped.dev/internal/httputil/httperr" @@ -187,6 +189,15 @@ func upstreamOIDCRefresh(ctx context.Context, session *psession.PinnipedSession, WithDebugf("provider name: %q, provider type: %q", s.ProviderName, s.ProviderType)) } if refreshedGroups != nil { + oldGroups, err := getDownstreamGroupsFromPinnipedSession(session) + if err != nil { + return err + } + username, err := getDownstreamUsernameFromPinnipedSession(session) + if err != nil { + return err + } + warnIfGroupsChanged(ctx, oldGroups, refreshedGroups, username) session.Fosite.Claims.Extra[oidc.DownstreamGroupsClaim] = refreshedGroups } @@ -202,6 +213,15 @@ func upstreamOIDCRefresh(ctx context.Context, session *psession.PinnipedSession, return nil } +// print out the diff between two lists of sorted groups. +func diffSortedGroups(oldGroups, newGroups []string) ([]string, []string) { + oldGroupsAsSet := sets.NewString(oldGroups...) + newGroupsAsSet := sets.NewString(newGroups...) + added := newGroupsAsSet.Difference(oldGroupsAsSet) // groups in newGroups that are not in oldGroups i.e. added + removed := oldGroupsAsSet.Difference(newGroupsAsSet) // groups in oldGroups that are not in newGroups i.e. removed + return added.List(), removed.List() +} + func validateIdentityUnchangedSinceInitialLogin(mergedClaims map[string]interface{}, session *psession.PinnipedSession, usernameClaimName string) error { s := session.Custom @@ -320,6 +340,8 @@ func upstreamLDAPRefresh(ctx context.Context, providerCache oidc.UpstreamIdentit // Replace the old value with the new value. session.Fosite.Claims.Extra[oidc.DownstreamGroupsClaim] = groups + warnIfGroupsChanged(ctx, oldGroups, groups, username) + return nil } @@ -393,3 +415,13 @@ func getDownstreamGroupsFromPinnipedSession(session *psession.PinnipedSession) ( } return downstreamGroups, nil } + +func warnIfGroupsChanged(ctx context.Context, oldGroups []string, refreshedGroups []string, username string) { + added, removed := diffSortedGroups(oldGroups, refreshedGroups) + if len(added) > 0 { + warning.AddWarning(ctx, "", fmt.Sprintf("User %q has been added to the following groups: %q", username, added)) + } + if len(removed) > 0 { + warning.AddWarning(ctx, "", fmt.Sprintf("User %q has been removed from the following groups: %q: ", username, removed)) + } +} diff --git a/internal/oidc/token/token_handler_test.go b/internal/oidc/token/token_handler_test.go index a81c3972..4e1bb96d 100644 --- a/internal/oidc/token/token_handler_test.go +++ b/internal/oidc/token/token_handler_test.go @@ -3624,3 +3624,52 @@ func toSliceOfInterface(s []string) []interface{} { } return r } + +func TestDiffSortedGroups(t *testing.T) { + tests := []struct { + name string + oldGroups []string + newGroups []string + wantAdded []string + wantRemoved []string + }{ + { + name: "groups were added", + oldGroups: []string{"b", "c"}, + newGroups: []string{"a", "b", "bb", "c", "d"}, + wantAdded: []string{"a", "bb", "d"}, + wantRemoved: []string{}, + }, + { + name: "groups were removed", + oldGroups: []string{"a", "b", "bb", "c", "d"}, + newGroups: []string{"b", "c"}, + wantAdded: []string{}, + wantRemoved: []string{"a", "bb", "d"}, + }, + { + name: "groups were added and removed", + oldGroups: []string{"a", "c"}, + newGroups: []string{"b", "c", "d"}, + wantAdded: []string{"b", "d"}, + wantRemoved: []string{"a"}, + }, + { + name: "groups are exactly the same", + oldGroups: []string{"a", "b", "c"}, + newGroups: []string{"a", "b", "c"}, + wantAdded: []string{}, + wantRemoved: []string{}, + }, + } + for _, test := range tests { + test := test + t.Run(test.name, func(t *testing.T) { + t.Parallel() + + added, removed := diffSortedGroups(test.oldGroups, test.newGroups) + require.Equal(t, test.wantAdded, added) + require.Equal(t, test.wantRemoved, removed) + }) + } +} diff --git a/test/integration/supervisor_warnings_test.go b/test/integration/supervisor_warnings_test.go new file mode 100644 index 00000000..735926d1 --- /dev/null +++ b/test/integration/supervisor_warnings_test.go @@ -0,0 +1,439 @@ +// Copyright 2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 +package integration + +import ( + "context" + "encoding/base64" + "fmt" + "io" + "io/ioutil" + "net/url" + "os" + "os/exec" + "path/filepath" + "regexp" + "runtime" + "sort" + "strings" + "testing" + "time" + + coreosoidc "github.com/coreos/go-oidc/v3/oidc" + "github.com/creack/pty" + "github.com/stretchr/testify/require" + authorizationv1 "k8s.io/api/authorization/v1" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + + authv1alpha "go.pinniped.dev/generated/latest/apis/concierge/authentication/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" + idpv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1" + "go.pinniped.dev/internal/certauthority" + "go.pinniped.dev/internal/oidc" + "go.pinniped.dev/internal/psession" + "go.pinniped.dev/internal/testutil" + "go.pinniped.dev/pkg/oidcclient" + "go.pinniped.dev/pkg/oidcclient/filesession" + "go.pinniped.dev/test/testlib" + "go.pinniped.dev/test/testlib/browsertest" +) + +func TestSupervisorWarnings_Browser(t *testing.T) { + env := testlib.IntegrationEnv(t) + + ctx, cancelFunc := context.WithTimeout(context.Background(), 10*time.Minute) + defer cancelFunc() + + // Build pinniped CLI. + pinnipedExe := testlib.PinnipedCLIPath(t) + tempDir := testutil.TempDir(t) + + // Infer the downstream issuer URL from the callback associated with the upstream test client registration. + issuerURL, err := url.Parse(env.SupervisorUpstreamOIDC.CallbackURL) + require.NoError(t, err) + require.True(t, strings.HasSuffix(issuerURL.Path, "/callback")) + issuerURL.Path = strings.TrimSuffix(issuerURL.Path, "/callback") + t.Logf("testing with downstream issuer URL %s", issuerURL.String()) + + // Generate a CA bundle with which to serve this provider. + t.Logf("generating test CA") + ca, err := certauthority.New("Downstream Test CA", 1*time.Hour) + require.NoError(t, err) + + // Save that bundle plus the one that signs the upstream issuer, for test purposes. + testCABundlePath := filepath.Join(tempDir, "test-ca.pem") + testCABundlePEM := []byte(string(ca.Bundle()) + "\n" + env.SupervisorUpstreamOIDC.CABundle) + testCABundleBase64 := base64.StdEncoding.EncodeToString(testCABundlePEM) + require.NoError(t, ioutil.WriteFile(testCABundlePath, testCABundlePEM, 0600)) + + // Use the CA to issue a TLS server cert. + t.Logf("issuing test certificate") + tlsCert, err := ca.IssueServerCert([]string{issuerURL.Hostname()}, nil, 1*time.Hour) + require.NoError(t, err) + certPEM, keyPEM, err := certauthority.ToPEM(tlsCert) + require.NoError(t, err) + + // Write the serving cert to a secret. + certSecret := testlib.CreateTestSecret(t, + env.SupervisorNamespace, + "oidc-provider-tls", + corev1.SecretTypeTLS, + map[string]string{"tls.crt": string(certPEM), "tls.key": string(keyPEM)}, + ) + + // Create the downstream FederationDomain and expect it to go into the success status condition. + downstream := testlib.CreateTestFederationDomain(ctx, t, + issuerURL.String(), + certSecret.Name, + configv1alpha1.SuccessFederationDomainStatusCondition, + ) + + // Create a JWTAuthenticator that will validate the tokens from the downstream issuer. + clusterAudience := "test-cluster-" + testlib.RandHex(t, 8) + authenticator := testlib.CreateTestJWTAuthenticator(ctx, t, authv1alpha.JWTAuthenticatorSpec{ + Issuer: downstream.Spec.Issuer, + Audience: clusterAudience, + TLS: &authv1alpha.TLSSpec{CertificateAuthorityData: testCABundleBase64}, + }) + + t.Run("LDAP group refresh flow", func(t *testing.T) { + if len(env.ToolsNamespace) == 0 && !env.HasCapability(testlib.CanReachInternetLDAPPorts) { + t.Skip("LDAP integration test requires connectivity to an LDAP server") + } + + expectedUsername := env.SupervisorUpstreamLDAP.TestUserMailAttributeValue + + setupClusterForEndToEndLDAPTest(t, expectedUsername, env) + + // Use a specific session cache for this test. + sessionCachePath := tempDir + "/ldap-test-refresh-sessions.yaml" + credentialCachePath := tempDir + "/ldap-test-refresh-credentials.yaml" + kubeconfigPath := runPinnipedGetKubeconfig(t, env, pinnipedExe, tempDir, []string{ + "get", "kubeconfig", + "--concierge-api-group-suffix", env.APIGroupSuffix, + "--concierge-authenticator-type", "jwt", + "--concierge-authenticator-name", authenticator.Name, + "--oidc-session-cache", sessionCachePath, + "--credential-cache", credentialCachePath, + }) + + // Run "kubectl get namespaces" which should trigger a cli-based login. + start := time.Now() + kubectlCmd := exec.CommandContext(ctx, "kubectl", "get", "namespace", "--kubeconfig", kubeconfigPath) + kubectlCmd.Env = append(os.Environ(), env.ProxyEnv()...) + var kubectlStdoutPipe io.ReadCloser + if runtime.GOOS != "darwin" { + // For some unknown reason this breaks the pty library on some MacOS machines. + // The problem doesn't reproduce for everyone, so this is just a workaround. + kubectlStdoutPipe, err = kubectlCmd.StdoutPipe() + require.NoError(t, err) + } + ptyFile, err := pty.Start(kubectlCmd) + require.NoError(t, err) + + // Wait for the subprocess to print the username prompt, then type the user's username. + readFromFileUntilStringIsSeen(t, ptyFile, "Username: ") + _, err = ptyFile.WriteString(expectedUsername + "\n") + require.NoError(t, err) + + // Wait for the subprocess to print the password prompt, then type the user's password. + readFromFileUntilStringIsSeen(t, ptyFile, "Password: ") + _, err = ptyFile.WriteString(env.SupervisorUpstreamLDAP.TestUserPassword + "\n") + require.NoError(t, err) + + // Read all of the remaining output from the subprocess until EOF. + t.Logf("waiting for kubectl to output namespace list") + // Read all output from the subprocess until EOF. + // Ignore any errors returned because there is always an error on linux. + kubectlPtyOutputBytes, _ := ioutil.ReadAll(ptyFile) + if kubectlStdoutPipe != nil { + // On non-MacOS check that stdout of the CLI contains the expected output. + kubectlStdOutOutputBytes, _ := ioutil.ReadAll(kubectlStdoutPipe) + requireKubectlGetNamespaceOutput(t, env, string(kubectlStdOutOutputBytes)) + } else { + // On MacOS check that the pty (stdout+stderr+stdin) of the CLI contains the expected output. + requireKubectlGetNamespaceOutput(t, env, string(kubectlPtyOutputBytes)) + } + + t.Logf("first kubectl command took %s", time.Since(start).String()) + + // To simulate the groups having changed without actually changing the groups the user belongs to in the LDAP + // server, we update the refresh token secret to have a different value for the groups. + // Then the refresh flow will update them back to their real values. + // To do this, we get the refresh token signature out of the cache, use it to get the Secret, update it, and + // put it back. + cache := filesession.New(sessionCachePath, filesession.WithErrorReporter(func(err error) { + require.NoError(t, err) + })) + + // construct the cache key + downstreamScopes := []string{coreosoidc.ScopeOfflineAccess, coreosoidc.ScopeOpenID, "pinniped:request-audience"} + sort.Strings(downstreamScopes) + sessionCacheKey := oidcclient.SessionCacheKey{ + Issuer: downstream.Spec.Issuer, + ClientID: "pinniped-cli", + Scopes: downstreamScopes, + RedirectURI: "http://localhost:0/callback", + } + // use it to get the cache entry + token := cache.GetToken(sessionCacheKey) + require.NotNil(t, token) + + // using the refresh token signature contained in the cache, get the refresh token session + // out of kube secret storage. + kubeClient := testlib.NewKubernetesClientset(t).CoreV1() + refreshTokenSignature := strings.Split(token.RefreshToken.Token, ".")[1] + oauthStore := oidc.NewKubeStorage(kubeClient.Secrets(env.SupervisorNamespace), oidc.DefaultOIDCTimeoutsConfiguration()) + storedRefreshSession, err := oauthStore.GetRefreshTokenSession(ctx, refreshTokenSignature, nil) + require.NoError(t, err) + + // change the groups to simulate them changing in the IDP. + pinnipedSession, ok := storedRefreshSession.GetSession().(*psession.PinnipedSession) + require.True(t, ok, "should have been able to cast session data to PinnipedSession") + pinnipedSession.Fosite.Claims.Extra["groups"] = []string{"some-wrong-group", "some-other-group"} + + require.NoError(t, oauthStore.DeleteRefreshTokenSession(ctx, refreshTokenSignature)) + require.NoError(t, oauthStore.CreateRefreshTokenSession(ctx, refreshTokenSignature, storedRefreshSession)) + + // remove the credential cache, which includes the cached cert, so it won't be reused and the refresh flow will be triggered. + err = os.Remove(credentialCachePath) + require.NoError(t, err) + + // wait for the existing tokens to expire, triggering the refresh flow. + ctx2, cancel2 := context.WithTimeout(ctx, 1*time.Minute) + defer cancel2() + + // Run kubectl, which should work without any prompting for authentication. + kubectlCmd2 := exec.CommandContext(ctx2, "kubectl", "get", "namespace", "--kubeconfig", kubeconfigPath) + kubectlCmd2.Env = append(os.Environ(), env.ProxyEnv()...) + startTime2 := time.Now() + var kubectlStdoutPipe2 io.ReadCloser + if runtime.GOOS != "darwin" { + // For some unknown reason this breaks the pty library on some MacOS machines. + // The problem doesn't reproduce for everyone, so this is just a workaround. + kubectlStdoutPipe2, err = kubectlCmd2.StdoutPipe() + require.NoError(t, err) + } + ptyFile2, err := pty.Start(kubectlCmd2) + require.NoError(t, err) + + // Read all of the remaining output from the subprocess until EOF. + t.Logf("waiting for kubectl to output namespace list") + // Read all output from the subprocess until EOF. + // Ignore any errors returned because there is always an error on linux. + kubectlPtyOutputBytes2, _ := ioutil.ReadAll(ptyFile2) + if kubectlStdoutPipe2 != nil { + // On non-MacOS check that stdout of the CLI contains the expected output. + kubectlStdOutOutputBytes2, _ := ioutil.ReadAll(kubectlStdoutPipe2) + requireKubectlGetNamespaceOutput(t, env, string(kubectlStdOutOutputBytes2)) + } else { + // On MacOS check that the pty (stdout+stderr+stdin) of the CLI contains the expected output. + requireKubectlGetNamespaceOutput(t, env, string(kubectlPtyOutputBytes2)) + } + // the output should include a warning that the groups have changed. + require.Contains(t, string(kubectlPtyOutputBytes2), fmt.Sprintf("User %q has been added to the following groups: %q", env.SupervisorUpstreamLDAP.TestUserMailAttributeValue, env.SupervisorUpstreamLDAP.TestUserDirectGroupsDNs)) + require.Contains(t, string(kubectlPtyOutputBytes2), fmt.Sprintf("User %q has been removed from the following groups: [\"some-other-group\" \"some-wrong-group\"]", env.SupervisorUpstreamLDAP.TestUserMailAttributeValue)) + + t.Logf("second kubectl command took %s", time.Since(startTime2).String()) + }) + + t.Run("OIDC group refresh flow", func(t *testing.T) { + if len(env.SupervisorUpstreamOIDC.ExpectedGroups) == 0 { + t.Skip("Skipping OIDC group refresh test since there are no groups") + } + + // Start a fresh browser driver because we don't want to share cookies between the various tests in this file. + page := browsertest.Open(t) + + expectedUsername := env.SupervisorUpstreamOIDC.Username + + // Create a ClusterRoleBinding to give our test user from the upstream read-only access to the cluster. + testlib.CreateTestClusterRoleBinding(t, + rbacv1.Subject{Kind: rbacv1.UserKind, APIGroup: rbacv1.GroupName, Name: expectedUsername}, + rbacv1.RoleRef{Kind: "ClusterRole", APIGroup: rbacv1.GroupName, Name: "view"}, + ) + testlib.WaitForUserToHaveAccess(t, expectedUsername, []string{}, &authorizationv1.ResourceAttributes{ + Verb: "get", + Group: "", + Version: "v1", + Resource: "namespaces", + }) + + // Create upstream OIDC provider and wait for it to become ready. + testlib.CreateTestOIDCIdentityProvider(t, idpv1alpha1.OIDCIdentityProviderSpec{ + Issuer: env.SupervisorUpstreamOIDC.Issuer, + TLS: &idpv1alpha1.TLSSpec{ + CertificateAuthorityData: base64.StdEncoding.EncodeToString([]byte(env.SupervisorUpstreamOIDC.CABundle)), + }, + AuthorizationConfig: idpv1alpha1.OIDCAuthorizationConfig{ + AdditionalScopes: env.SupervisorUpstreamOIDC.AdditionalScopes, + }, + Claims: idpv1alpha1.OIDCClaims{ + Username: env.SupervisorUpstreamOIDC.UsernameClaim, + Groups: env.SupervisorUpstreamOIDC.GroupsClaim, + }, + Client: idpv1alpha1.OIDCClient{ + SecretName: testlib.CreateClientCredsSecret(t, env.SupervisorUpstreamOIDC.ClientID, env.SupervisorUpstreamOIDC.ClientSecret).Name, + }, + }, idpv1alpha1.PhaseReady) + + // Use a specific session cache for this test. + sessionCachePath := tempDir + "/ldap-test-refresh-sessions.yaml" + credentialCachePath := tempDir + "/ldap-test-refresh-credentials.yaml" + kubeconfigPath := runPinnipedGetKubeconfig(t, env, pinnipedExe, tempDir, []string{ + "get", "kubeconfig", + "--concierge-api-group-suffix", env.APIGroupSuffix, + "--concierge-authenticator-type", "jwt", + "--concierge-authenticator-name", authenticator.Name, + "--oidc-skip-browser", + "--oidc-skip-listen", + "--oidc-ca-bundle", testCABundlePath, + "--oidc-session-cache", sessionCachePath, + "--credential-cache", credentialCachePath, + }) + + // Run "kubectl get namespaces" which should trigger a cli-based login. + start := time.Now() + kubectlCmd := exec.CommandContext(ctx, "kubectl", "get", "namespace", "--kubeconfig", kubeconfigPath) + kubectlCmd.Env = append(os.Environ(), env.ProxyEnv()...) + var kubectlStdoutPipe io.ReadCloser + if runtime.GOOS != "darwin" { + // For some unknown reason this breaks the pty library on some MacOS machines. + // The problem doesn't reproduce for everyone, so this is just a workaround. + kubectlStdoutPipe, err = kubectlCmd.StdoutPipe() + require.NoError(t, err) + } + ptyFile, err := pty.Start(kubectlCmd) + require.NoError(t, err) + + // Wait for the subprocess to print the login prompt. + t.Logf("waiting for CLI to output login URL and manual prompt") + output := readFromFileUntilStringIsSeen(t, ptyFile, "Optionally, paste your authorization code: ") + require.Contains(t, output, "Log in by visiting this link:") + require.Contains(t, output, "Optionally, paste your authorization code: ") + + // Find the line with the login URL. + var loginURL string + for _, line := range strings.Split(output, "\n") { + trimmed := strings.TrimSpace(line) + if strings.HasPrefix(trimmed, "https://") { + loginURL = trimmed + } + } + require.NotEmptyf(t, loginURL, "didn't find login URL in output: %s", output) + + t.Logf("navigating to login page") + require.NoError(t, page.Navigate(loginURL)) + + // Expect to be redirected to the upstream provider and log in. + browsertest.LoginToUpstream(t, page, env.SupervisorUpstreamOIDC) + + // Expect to be redirected to the downstream callback which is serving the form_post HTML. + t.Logf("waiting for response page %s", downstream.Spec.Issuer) + browsertest.WaitForURL(t, page, regexp.MustCompile(regexp.QuoteMeta(downstream.Spec.Issuer))) + + // The response page should have failed to automatically post, and should now be showing the manual instructions. + authCode := formpostExpectManualState(t, page) + + // Enter the auth code in the waiting prompt, followed by a newline. + t.Logf("'manually' pasting authorization code %q to waiting prompt", authCode) + _, err = ptyFile.WriteString(authCode + "\n") + require.NoError(t, err) + + // Read all of the remaining output from the subprocess until EOF. + t.Logf("waiting for kubectl to output namespace list") + // Read all output from the subprocess until EOF. + // Ignore any errors returned because there is always an error on linux. + kubectlPtyOutputBytes, _ := ioutil.ReadAll(ptyFile) + if kubectlStdoutPipe != nil { + // On non-MacOS check that stdout of the CLI contains the expected output. + kubectlStdOutOutputBytes, _ := ioutil.ReadAll(kubectlStdoutPipe) + requireKubectlGetNamespaceOutput(t, env, string(kubectlStdOutOutputBytes)) + } else { + // On MacOS check that the pty (stdout+stderr+stdin) of the CLI contains the expected output. + requireKubectlGetNamespaceOutput(t, env, string(kubectlPtyOutputBytes)) + } + + t.Logf("first kubectl command took %s", time.Since(start).String()) + + // To simulate the groups having changed without actually changing the groups the user belongs to in the LDAP + // server, we update the refresh token secret to have a different value for the groups. + // Then the refresh flow will update them back to their real values. + // To do this, we get the refresh token signature out of the cache, use it to get the Secret, update it, and + // put it back. + cache := filesession.New(sessionCachePath, filesession.WithErrorReporter(func(err error) { + require.NoError(t, err) + })) + + // construct the cache key + downstreamScopes := []string{coreosoidc.ScopeOfflineAccess, coreosoidc.ScopeOpenID, "pinniped:request-audience"} + sort.Strings(downstreamScopes) + sessionCacheKey := oidcclient.SessionCacheKey{ + Issuer: downstream.Spec.Issuer, + ClientID: "pinniped-cli", + Scopes: downstreamScopes, + RedirectURI: "http://localhost:0/callback", + } + // use it to get the cache entry + token := cache.GetToken(sessionCacheKey) + require.NotNil(t, token) + + // using the refresh token signature contained in the cache, get the refresh token session + // out of kube secret storage. + kubeClient := testlib.NewKubernetesClientset(t).CoreV1() + refreshTokenSignature := strings.Split(token.RefreshToken.Token, ".")[1] + oauthStore := oidc.NewKubeStorage(kubeClient.Secrets(env.SupervisorNamespace), oidc.DefaultOIDCTimeoutsConfiguration()) + storedRefreshSession, err := oauthStore.GetRefreshTokenSession(ctx, refreshTokenSignature, nil) + require.NoError(t, err) + + // change the groups to simulate them changing in the IDP. + pinnipedSession, ok := storedRefreshSession.GetSession().(*psession.PinnipedSession) + require.True(t, ok, "should have been able to cast session data to PinnipedSession") + pinnipedSession.Fosite.Claims.Extra["groups"] = []string{"some-wrong-group", "some-other-group"} + + require.NoError(t, oauthStore.DeleteRefreshTokenSession(ctx, refreshTokenSignature)) + require.NoError(t, oauthStore.CreateRefreshTokenSession(ctx, refreshTokenSignature, storedRefreshSession)) + + // remove the credential cache, which includes the cached cert, so it won't be reused and the refresh flow will be triggered. + err = os.Remove(credentialCachePath) + require.NoError(t, err) + + // wait for the existing tokens to expire, triggering the refresh flow. + ctx2, cancel2 := context.WithTimeout(ctx, 1*time.Minute) + defer cancel2() + + // Run kubectl, which should work without any prompting for authentication. + kubectlCmd2 := exec.CommandContext(ctx2, "kubectl", "get", "namespace", "--kubeconfig", kubeconfigPath) + kubectlCmd2.Env = append(os.Environ(), env.ProxyEnv()...) + startTime2 := time.Now() + var kubectlStdoutPipe2 io.ReadCloser + if runtime.GOOS != "darwin" { + // For some unknown reason this breaks the pty library on some MacOS machines. + // The problem doesn't reproduce for everyone, so this is just a workaround. + kubectlStdoutPipe2, err = kubectlCmd2.StdoutPipe() + require.NoError(t, err) + } + ptyFile2, err := pty.Start(kubectlCmd2) + require.NoError(t, err) + + // Read all of the remaining output from the subprocess until EOF. + t.Logf("waiting for kubectl to output namespace list") + // Read all output from the subprocess until EOF. + // Ignore any errors returned because there is always an error on linux. + kubectlPtyOutputBytes2, _ := ioutil.ReadAll(ptyFile2) + if kubectlStdoutPipe2 != nil { + // On non-MacOS check that stdout of the CLI contains the expected output. + kubectlStdOutOutputBytes2, _ := ioutil.ReadAll(kubectlStdoutPipe2) + requireKubectlGetNamespaceOutput(t, env, string(kubectlStdOutOutputBytes2)) + } else { + // On MacOS check that the pty (stdout+stderr+stdin) of the CLI contains the expected output. + requireKubectlGetNamespaceOutput(t, env, string(kubectlPtyOutputBytes2)) + } + // the output should include a warning that the groups have changed. + require.Contains(t, string(kubectlPtyOutputBytes2), fmt.Sprintf("User %q has been added to the following groups: %q", env.SupervisorUpstreamOIDC.Username, env.SupervisorUpstreamOIDC.ExpectedGroups)) + require.Contains(t, string(kubectlPtyOutputBytes2), fmt.Sprintf("User %q has been removed from the following groups: [\"some-other-group\" \"some-wrong-group\"]", env.SupervisorUpstreamOIDC.Username)) + + t.Logf("second kubectl command took %s", time.Since(startTime2).String()) + }) +} From be2aee957cf831f1c6ce424ae7e740473bab7c1a Mon Sep 17 00:00:00 2001 From: Mo Khan Date: Wed, 2 Mar 2022 09:04:41 -0500 Subject: [PATCH 8/8] Bump API docs to 1.23 Seems like this should be automated. --- site/content/docs/reference/api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/site/content/docs/reference/api.md b/site/content/docs/reference/api.md index a27b71a0..a5a271db 100644 --- a/site/content/docs/reference/api.md +++ b/site/content/docs/reference/api.md @@ -9,4 +9,4 @@ menu: weight: 35 parent: reference --- -Full API reference documentation for the Pinniped Kubernetes API is available [on GitHub](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.20/README.adoc). +Full API reference documentation for the Pinniped Kubernetes API is available [on GitHub](https://github.com/vmware-tanzu/pinniped/blob/main/generated/1.23/README.adoc).