Merge pull request #108 from mattmoyer/cleanup-credential-request-api

Clean up CredentialRequest `types.go`.
This commit is contained in:
Matt Moyer 2020-09-15 15:03:07 -05:00 committed by GitHub
commit 1244a950e7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 109 additions and 74 deletions

View File

@ -13,19 +13,23 @@ const (
TokenCredentialType = CredentialType("token") TokenCredentialType = CredentialType("token")
) )
// CredentialRequestTokenCredential holds a bearer token issued by an upstream identity provider.
type CredentialRequestTokenCredential struct { type CredentialRequestTokenCredential struct {
// Value of the bearer token supplied with the credential request. // Value of the bearer token supplied with the credential request.
Value string `json:"value,omitempty" protobuf:"bytes,1,opt,name=value"` Value string `json:"value,omitempty"`
} }
// CredentialRequestSpec is the specification of a CredentialRequest, expected on requests to the Pinniped API
type CredentialRequestSpec struct { type CredentialRequestSpec struct {
// Type of credential. // Type of credential.
Type CredentialType `json:"type,omitempty" protobuf:"bytes,1,opt,name=type"` Type CredentialType `json:"type,omitempty"`
// Token credential (when Type == TokenCredentialType). // Token credential (when Type == TokenCredentialType).
Token *CredentialRequestTokenCredential `json:"token,omitempty" protobuf:"bytes,2,opt,name=token"` Token *CredentialRequestTokenCredential `json:"token,omitempty"`
} }
// CredentialRequestCredential is the cluster-specific credential returned on a successful CredentialRequest. It
// contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster.
type CredentialRequestCredential struct { type CredentialRequestCredential struct {
// ExpirationTimestamp indicates a time when the provided credentials expire. // ExpirationTimestamp indicates a time when the provided credentials expire.
ExpirationTimestamp metav1.Time `json:"expirationTimestamp,omitempty"` ExpirationTimestamp metav1.Time `json:"expirationTimestamp,omitempty"`
@ -40,6 +44,7 @@ type CredentialRequestCredential struct {
ClientKeyData string `json:"clientKeyData,omitempty"` ClientKeyData string `json:"clientKeyData,omitempty"`
} }
// CredentialRequestStatus is the status of a CredentialRequest, returned on responses to the Pinniped API.
type CredentialRequestStatus struct { type CredentialRequestStatus struct {
// A Credential will be returned for a successful credential request. // A Credential will be returned for a successful credential request.
// +optional // +optional
@ -50,25 +55,25 @@ type CredentialRequestStatus struct {
Message *string `json:"message,omitempty"` Message *string `json:"message,omitempty"`
} }
// CredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential.
// +genclient // +genclient
// +genclient:nonNamespaced // +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type CredentialRequest struct { type CredentialRequest struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` metav1.ObjectMeta `json:"metadata,omitempty"`
Spec CredentialRequestSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` Spec CredentialRequestSpec `json:"spec,omitempty"`
Status CredentialRequestStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` Status CredentialRequestStatus `json:"status,omitempty"`
} }
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// CredentialRequestList is a list of CredentialRequest objects. // CredentialRequestList is a list of CredentialRequest objects.
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type CredentialRequestList struct { type CredentialRequestList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` metav1.ListMeta `json:"metadata,omitempty"`
Items []CredentialRequest `json:"items" protobuf:"bytes,2,rep,name=items"` Items []CredentialRequest `json:"items"`
} }

View File

@ -210,7 +210,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped aggregated API.
[id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-17-apis-pinniped-v1alpha1-credentialrequest"] [id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-17-apis-pinniped-v1alpha1-credentialrequest"]
==== CredentialRequest ==== CredentialRequest
CredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential.
.Appears In: .Appears In:
**** ****
@ -230,7 +230,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped aggregated API.
[id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-17-apis-pinniped-v1alpha1-credentialrequestcredential"] [id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-17-apis-pinniped-v1alpha1-credentialrequestcredential"]
==== CredentialRequestCredential ==== CredentialRequestCredential
CredentialRequestCredential is the cluster-specific credential returned on a successful CredentialRequest. It contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster.
.Appears In: .Appears In:
**** ****
@ -252,7 +252,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped aggregated API.
[id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-17-apis-pinniped-v1alpha1-credentialrequestspec"] [id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-17-apis-pinniped-v1alpha1-credentialrequestspec"]
==== CredentialRequestSpec ==== CredentialRequestSpec
CredentialRequestSpec is the specification of a CredentialRequest, expected on requests to the Pinniped API
.Appears In: .Appears In:
**** ****
@ -270,7 +270,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped aggregated API.
[id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-17-apis-pinniped-v1alpha1-credentialrequeststatus"] [id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-17-apis-pinniped-v1alpha1-credentialrequeststatus"]
==== CredentialRequestStatus ==== CredentialRequestStatus
CredentialRequestStatus is the status of a CredentialRequest, returned on responses to the Pinniped API.
.Appears In: .Appears In:
**** ****
@ -288,7 +288,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped aggregated API.
[id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-17-apis-pinniped-v1alpha1-credentialrequesttokencredential"] [id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-17-apis-pinniped-v1alpha1-credentialrequesttokencredential"]
==== CredentialRequestTokenCredential ==== CredentialRequestTokenCredential
CredentialRequestTokenCredential holds a bearer token issued by an upstream identity provider.
.Appears In: .Appears In:
**** ****

View File

@ -13,19 +13,23 @@ const (
TokenCredentialType = CredentialType("token") TokenCredentialType = CredentialType("token")
) )
// CredentialRequestTokenCredential holds a bearer token issued by an upstream identity provider.
type CredentialRequestTokenCredential struct { type CredentialRequestTokenCredential struct {
// Value of the bearer token supplied with the credential request. // Value of the bearer token supplied with the credential request.
Value string `json:"value,omitempty" protobuf:"bytes,1,opt,name=value"` Value string `json:"value,omitempty"`
} }
// CredentialRequestSpec is the specification of a CredentialRequest, expected on requests to the Pinniped API
type CredentialRequestSpec struct { type CredentialRequestSpec struct {
// Type of credential. // Type of credential.
Type CredentialType `json:"type,omitempty" protobuf:"bytes,1,opt,name=type"` Type CredentialType `json:"type,omitempty"`
// Token credential (when Type == TokenCredentialType). // Token credential (when Type == TokenCredentialType).
Token *CredentialRequestTokenCredential `json:"token,omitempty" protobuf:"bytes,2,opt,name=token"` Token *CredentialRequestTokenCredential `json:"token,omitempty"`
} }
// CredentialRequestCredential is the cluster-specific credential returned on a successful CredentialRequest. It
// contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster.
type CredentialRequestCredential struct { type CredentialRequestCredential struct {
// ExpirationTimestamp indicates a time when the provided credentials expire. // ExpirationTimestamp indicates a time when the provided credentials expire.
ExpirationTimestamp metav1.Time `json:"expirationTimestamp,omitempty"` ExpirationTimestamp metav1.Time `json:"expirationTimestamp,omitempty"`
@ -40,6 +44,7 @@ type CredentialRequestCredential struct {
ClientKeyData string `json:"clientKeyData,omitempty"` ClientKeyData string `json:"clientKeyData,omitempty"`
} }
// CredentialRequestStatus is the status of a CredentialRequest, returned on responses to the Pinniped API.
type CredentialRequestStatus struct { type CredentialRequestStatus struct {
// A Credential will be returned for a successful credential request. // A Credential will be returned for a successful credential request.
// +optional // +optional
@ -50,25 +55,25 @@ type CredentialRequestStatus struct {
Message *string `json:"message,omitempty"` Message *string `json:"message,omitempty"`
} }
// CredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential.
// +genclient // +genclient
// +genclient:nonNamespaced // +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type CredentialRequest struct { type CredentialRequest struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` metav1.ObjectMeta `json:"metadata,omitempty"`
Spec CredentialRequestSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` Spec CredentialRequestSpec `json:"spec,omitempty"`
Status CredentialRequestStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` Status CredentialRequestStatus `json:"status,omitempty"`
} }
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// CredentialRequestList is a list of CredentialRequest objects. // CredentialRequestList is a list of CredentialRequest objects.
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type CredentialRequestList struct { type CredentialRequestList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` metav1.ListMeta `json:"metadata,omitempty"`
Items []CredentialRequest `json:"items" protobuf:"bytes,2,rep,name=items"` Items []CredentialRequest `json:"items"`
} }

View File

@ -531,6 +531,7 @@ func schema_117_apis_pinniped_v1alpha1_CredentialRequest(ref common.ReferenceCal
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "CredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"kind": { "kind": {
@ -574,6 +575,7 @@ func schema_117_apis_pinniped_v1alpha1_CredentialRequestCredential(ref common.Re
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "CredentialRequestCredential is the cluster-specific credential returned on a successful CredentialRequest. It contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"expirationTimestamp": { "expirationTimestamp": {
@ -662,6 +664,7 @@ func schema_117_apis_pinniped_v1alpha1_CredentialRequestSpec(ref common.Referenc
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "CredentialRequestSpec is the specification of a CredentialRequest, expected on requests to the Pinniped API",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"type": { "type": {
@ -689,6 +692,7 @@ func schema_117_apis_pinniped_v1alpha1_CredentialRequestStatus(ref common.Refere
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "CredentialRequestStatus is the status of a CredentialRequest, returned on responses to the Pinniped API.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"credential": { "credential": {
@ -716,6 +720,7 @@ func schema_117_apis_pinniped_v1alpha1_CredentialRequestTokenCredential(ref comm
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "CredentialRequestTokenCredential holds a bearer token issued by an upstream identity provider.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"value": { "value": {

View File

@ -210,7 +210,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped aggregated API.
[id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-18-apis-pinniped-v1alpha1-credentialrequest"] [id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-18-apis-pinniped-v1alpha1-credentialrequest"]
==== CredentialRequest ==== CredentialRequest
CredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential.
.Appears In: .Appears In:
**** ****
@ -230,7 +230,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped aggregated API.
[id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-18-apis-pinniped-v1alpha1-credentialrequestcredential"] [id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-18-apis-pinniped-v1alpha1-credentialrequestcredential"]
==== CredentialRequestCredential ==== CredentialRequestCredential
CredentialRequestCredential is the cluster-specific credential returned on a successful CredentialRequest. It contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster.
.Appears In: .Appears In:
**** ****
@ -252,7 +252,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped aggregated API.
[id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-18-apis-pinniped-v1alpha1-credentialrequestspec"] [id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-18-apis-pinniped-v1alpha1-credentialrequestspec"]
==== CredentialRequestSpec ==== CredentialRequestSpec
CredentialRequestSpec is the specification of a CredentialRequest, expected on requests to the Pinniped API
.Appears In: .Appears In:
**** ****
@ -270,7 +270,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped aggregated API.
[id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-18-apis-pinniped-v1alpha1-credentialrequeststatus"] [id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-18-apis-pinniped-v1alpha1-credentialrequeststatus"]
==== CredentialRequestStatus ==== CredentialRequestStatus
CredentialRequestStatus is the status of a CredentialRequest, returned on responses to the Pinniped API.
.Appears In: .Appears In:
**** ****
@ -288,7 +288,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped aggregated API.
[id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-18-apis-pinniped-v1alpha1-credentialrequesttokencredential"] [id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-18-apis-pinniped-v1alpha1-credentialrequesttokencredential"]
==== CredentialRequestTokenCredential ==== CredentialRequestTokenCredential
CredentialRequestTokenCredential holds a bearer token issued by an upstream identity provider.
.Appears In: .Appears In:
**** ****

View File

@ -13,19 +13,23 @@ const (
TokenCredentialType = CredentialType("token") TokenCredentialType = CredentialType("token")
) )
// CredentialRequestTokenCredential holds a bearer token issued by an upstream identity provider.
type CredentialRequestTokenCredential struct { type CredentialRequestTokenCredential struct {
// Value of the bearer token supplied with the credential request. // Value of the bearer token supplied with the credential request.
Value string `json:"value,omitempty" protobuf:"bytes,1,opt,name=value"` Value string `json:"value,omitempty"`
} }
// CredentialRequestSpec is the specification of a CredentialRequest, expected on requests to the Pinniped API
type CredentialRequestSpec struct { type CredentialRequestSpec struct {
// Type of credential. // Type of credential.
Type CredentialType `json:"type,omitempty" protobuf:"bytes,1,opt,name=type"` Type CredentialType `json:"type,omitempty"`
// Token credential (when Type == TokenCredentialType). // Token credential (when Type == TokenCredentialType).
Token *CredentialRequestTokenCredential `json:"token,omitempty" protobuf:"bytes,2,opt,name=token"` Token *CredentialRequestTokenCredential `json:"token,omitempty"`
} }
// CredentialRequestCredential is the cluster-specific credential returned on a successful CredentialRequest. It
// contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster.
type CredentialRequestCredential struct { type CredentialRequestCredential struct {
// ExpirationTimestamp indicates a time when the provided credentials expire. // ExpirationTimestamp indicates a time when the provided credentials expire.
ExpirationTimestamp metav1.Time `json:"expirationTimestamp,omitempty"` ExpirationTimestamp metav1.Time `json:"expirationTimestamp,omitempty"`
@ -40,6 +44,7 @@ type CredentialRequestCredential struct {
ClientKeyData string `json:"clientKeyData,omitempty"` ClientKeyData string `json:"clientKeyData,omitempty"`
} }
// CredentialRequestStatus is the status of a CredentialRequest, returned on responses to the Pinniped API.
type CredentialRequestStatus struct { type CredentialRequestStatus struct {
// A Credential will be returned for a successful credential request. // A Credential will be returned for a successful credential request.
// +optional // +optional
@ -50,25 +55,25 @@ type CredentialRequestStatus struct {
Message *string `json:"message,omitempty"` Message *string `json:"message,omitempty"`
} }
// CredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential.
// +genclient // +genclient
// +genclient:nonNamespaced // +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type CredentialRequest struct { type CredentialRequest struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` metav1.ObjectMeta `json:"metadata,omitempty"`
Spec CredentialRequestSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` Spec CredentialRequestSpec `json:"spec,omitempty"`
Status CredentialRequestStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` Status CredentialRequestStatus `json:"status,omitempty"`
} }
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// CredentialRequestList is a list of CredentialRequest objects. // CredentialRequestList is a list of CredentialRequest objects.
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type CredentialRequestList struct { type CredentialRequestList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` metav1.ListMeta `json:"metadata,omitempty"`
Items []CredentialRequest `json:"items" protobuf:"bytes,2,rep,name=items"` Items []CredentialRequest `json:"items"`
} }

View File

@ -531,6 +531,7 @@ func schema_118_apis_pinniped_v1alpha1_CredentialRequest(ref common.ReferenceCal
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "CredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"kind": { "kind": {
@ -574,6 +575,7 @@ func schema_118_apis_pinniped_v1alpha1_CredentialRequestCredential(ref common.Re
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "CredentialRequestCredential is the cluster-specific credential returned on a successful CredentialRequest. It contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"expirationTimestamp": { "expirationTimestamp": {
@ -662,6 +664,7 @@ func schema_118_apis_pinniped_v1alpha1_CredentialRequestSpec(ref common.Referenc
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "CredentialRequestSpec is the specification of a CredentialRequest, expected on requests to the Pinniped API",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"type": { "type": {
@ -689,6 +692,7 @@ func schema_118_apis_pinniped_v1alpha1_CredentialRequestStatus(ref common.Refere
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "CredentialRequestStatus is the status of a CredentialRequest, returned on responses to the Pinniped API.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"credential": { "credential": {
@ -716,6 +720,7 @@ func schema_118_apis_pinniped_v1alpha1_CredentialRequestTokenCredential(ref comm
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "CredentialRequestTokenCredential holds a bearer token issued by an upstream identity provider.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"value": { "value": {

View File

@ -210,7 +210,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped aggregated API.
[id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-19-apis-pinniped-v1alpha1-credentialrequest"] [id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-19-apis-pinniped-v1alpha1-credentialrequest"]
==== CredentialRequest ==== CredentialRequest
CredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential.
.Appears In: .Appears In:
**** ****
@ -230,7 +230,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped aggregated API.
[id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-19-apis-pinniped-v1alpha1-credentialrequestcredential"] [id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-19-apis-pinniped-v1alpha1-credentialrequestcredential"]
==== CredentialRequestCredential ==== CredentialRequestCredential
CredentialRequestCredential is the cluster-specific credential returned on a successful CredentialRequest. It contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster.
.Appears In: .Appears In:
**** ****
@ -252,7 +252,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped aggregated API.
[id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-19-apis-pinniped-v1alpha1-credentialrequestspec"] [id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-19-apis-pinniped-v1alpha1-credentialrequestspec"]
==== CredentialRequestSpec ==== CredentialRequestSpec
CredentialRequestSpec is the specification of a CredentialRequest, expected on requests to the Pinniped API
.Appears In: .Appears In:
**** ****
@ -270,7 +270,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped aggregated API.
[id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-19-apis-pinniped-v1alpha1-credentialrequeststatus"] [id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-19-apis-pinniped-v1alpha1-credentialrequeststatus"]
==== CredentialRequestStatus ==== CredentialRequestStatus
CredentialRequestStatus is the status of a CredentialRequest, returned on responses to the Pinniped API.
.Appears In: .Appears In:
**** ****
@ -288,7 +288,7 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped aggregated API.
[id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-19-apis-pinniped-v1alpha1-credentialrequesttokencredential"] [id="{anchor_prefix}-github-com-suzerain-io-pinniped-generated-1-19-apis-pinniped-v1alpha1-credentialrequesttokencredential"]
==== CredentialRequestTokenCredential ==== CredentialRequestTokenCredential
CredentialRequestTokenCredential holds a bearer token issued by an upstream identity provider.
.Appears In: .Appears In:
**** ****

View File

@ -13,19 +13,23 @@ const (
TokenCredentialType = CredentialType("token") TokenCredentialType = CredentialType("token")
) )
// CredentialRequestTokenCredential holds a bearer token issued by an upstream identity provider.
type CredentialRequestTokenCredential struct { type CredentialRequestTokenCredential struct {
// Value of the bearer token supplied with the credential request. // Value of the bearer token supplied with the credential request.
Value string `json:"value,omitempty" protobuf:"bytes,1,opt,name=value"` Value string `json:"value,omitempty"`
} }
// CredentialRequestSpec is the specification of a CredentialRequest, expected on requests to the Pinniped API
type CredentialRequestSpec struct { type CredentialRequestSpec struct {
// Type of credential. // Type of credential.
Type CredentialType `json:"type,omitempty" protobuf:"bytes,1,opt,name=type"` Type CredentialType `json:"type,omitempty"`
// Token credential (when Type == TokenCredentialType). // Token credential (when Type == TokenCredentialType).
Token *CredentialRequestTokenCredential `json:"token,omitempty" protobuf:"bytes,2,opt,name=token"` Token *CredentialRequestTokenCredential `json:"token,omitempty"`
} }
// CredentialRequestCredential is the cluster-specific credential returned on a successful CredentialRequest. It
// contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster.
type CredentialRequestCredential struct { type CredentialRequestCredential struct {
// ExpirationTimestamp indicates a time when the provided credentials expire. // ExpirationTimestamp indicates a time when the provided credentials expire.
ExpirationTimestamp metav1.Time `json:"expirationTimestamp,omitempty"` ExpirationTimestamp metav1.Time `json:"expirationTimestamp,omitempty"`
@ -40,6 +44,7 @@ type CredentialRequestCredential struct {
ClientKeyData string `json:"clientKeyData,omitempty"` ClientKeyData string `json:"clientKeyData,omitempty"`
} }
// CredentialRequestStatus is the status of a CredentialRequest, returned on responses to the Pinniped API.
type CredentialRequestStatus struct { type CredentialRequestStatus struct {
// A Credential will be returned for a successful credential request. // A Credential will be returned for a successful credential request.
// +optional // +optional
@ -50,25 +55,25 @@ type CredentialRequestStatus struct {
Message *string `json:"message,omitempty"` Message *string `json:"message,omitempty"`
} }
// CredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential.
// +genclient // +genclient
// +genclient:nonNamespaced // +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type CredentialRequest struct { type CredentialRequest struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` metav1.ObjectMeta `json:"metadata,omitempty"`
Spec CredentialRequestSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` Spec CredentialRequestSpec `json:"spec,omitempty"`
Status CredentialRequestStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` Status CredentialRequestStatus `json:"status,omitempty"`
} }
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// CredentialRequestList is a list of CredentialRequest objects. // CredentialRequestList is a list of CredentialRequest objects.
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type CredentialRequestList struct { type CredentialRequestList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` metav1.ListMeta `json:"metadata,omitempty"`
Items []CredentialRequest `json:"items" protobuf:"bytes,2,rep,name=items"` Items []CredentialRequest `json:"items"`
} }

View File

@ -532,6 +532,7 @@ func schema_119_apis_pinniped_v1alpha1_CredentialRequest(ref common.ReferenceCal
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "CredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"kind": { "kind": {
@ -575,6 +576,7 @@ func schema_119_apis_pinniped_v1alpha1_CredentialRequestCredential(ref common.Re
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "CredentialRequestCredential is the cluster-specific credential returned on a successful CredentialRequest. It contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"expirationTimestamp": { "expirationTimestamp": {
@ -663,6 +665,7 @@ func schema_119_apis_pinniped_v1alpha1_CredentialRequestSpec(ref common.Referenc
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "CredentialRequestSpec is the specification of a CredentialRequest, expected on requests to the Pinniped API",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"type": { "type": {
@ -690,6 +693,7 @@ func schema_119_apis_pinniped_v1alpha1_CredentialRequestStatus(ref common.Refere
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "CredentialRequestStatus is the status of a CredentialRequest, returned on responses to the Pinniped API.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"credential": { "credential": {
@ -717,6 +721,7 @@ func schema_119_apis_pinniped_v1alpha1_CredentialRequestTokenCredential(ref comm
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "CredentialRequestTokenCredential holds a bearer token issued by an upstream identity provider.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"value": { "value": {