Rename OIDCProviderConfig to OIDCProvider.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
This commit is contained in:
Matt Moyer 2020-11-02 16:24:55 -06:00
parent 59263ea733
commit 2b8773aa54
No known key found for this signature in database
GPG Key ID: EAE88AD172C5AE2D
80 changed files with 2448 additions and 2463 deletions

View File

@ -30,8 +30,8 @@ func init() {
// Adds the list of known types to the given scheme. // Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error { func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion, scheme.AddKnownTypes(SchemeGroupVersion,
&OIDCProviderConfig{}, &OIDCProvider{},
&OIDCProviderConfigList{}, &OIDCProviderList{},
) )
metav1.AddToGroupVersion(scheme, SchemeGroupVersion) metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil return nil

View File

@ -9,17 +9,17 @@ import (
) )
// +kubebuilder:validation:Enum=Success;Duplicate;Invalid // +kubebuilder:validation:Enum=Success;Duplicate;Invalid
type OIDCProviderStatus string type OIDCProviderStatusCondition string
const ( const (
SuccessOIDCProviderStatus = OIDCProviderStatus("Success") SuccessOIDCProviderStatusCondition = OIDCProviderStatusCondition("Success")
DuplicateOIDCProviderStatus = OIDCProviderStatus("Duplicate") DuplicateOIDCProviderStatusCondition = OIDCProviderStatusCondition("Duplicate")
SameIssuerHostMustUseSameSecretOIDCProviderStatus = OIDCProviderStatus("SameIssuerHostMustUseSameSecret") SameIssuerHostMustUseSameSecretOIDCProviderStatusCondition = OIDCProviderStatusCondition("SameIssuerHostMustUseSameSecret")
InvalidOIDCProviderStatus = OIDCProviderStatus("Invalid") InvalidOIDCProviderStatusCondition = OIDCProviderStatusCondition("Invalid")
) )
// OIDCProviderConfigSpec is a struct that describes an OIDC Provider. // OIDCProviderSpec is a struct that describes an OIDC Provider.
type OIDCProviderConfigSpec struct { type OIDCProviderSpec struct {
// Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the // Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the
// identifier that it will use for the iss claim in issued JWTs. This field will also be used as // identifier that it will use for the iss claim in issued JWTs. This field will also be used as
// the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is // the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is
@ -54,12 +54,12 @@ type OIDCProviderConfigSpec struct {
SNICertificateSecretName string `json:"sniCertificateSecretName,omitempty"` SNICertificateSecretName string `json:"sniCertificateSecretName,omitempty"`
} }
// OIDCProviderConfigStatus is a struct that describes the actual state of an OIDC Provider. // OIDCProviderStatus is a struct that describes the actual state of an OIDC Provider.
type OIDCProviderConfigStatus struct { type OIDCProviderStatus struct {
// Status holds an enum that describes the state of this OIDC Provider. Note that this Status can // Status holds an enum that describes the state of this OIDC Provider. Note that this Status can
// represent success or failure. // represent success or failure.
// +optional // +optional
Status OIDCProviderStatus `json:"status,omitempty"` Status OIDCProviderStatusCondition `json:"status,omitempty"`
// Message provides human-readable details about the Status. // Message provides human-readable details about the Status.
// +optional // +optional
@ -78,27 +78,25 @@ type OIDCProviderConfigStatus struct {
JWKSSecret corev1.LocalObjectReference `json:"jwksSecret,omitempty"` JWKSSecret corev1.LocalObjectReference `json:"jwksSecret,omitempty"`
} }
// OIDCProviderConfig describes the configuration of an OIDC provider. // OIDCProvider describes the configuration of an OIDC provider.
// +genclient // +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:resource:shortName=opc type OIDCProvider struct {
type OIDCProviderConfig struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"` metav1.ObjectMeta `json:"metadata,omitempty"`
// Spec of the OIDC provider. // Spec of the OIDC provider.
Spec OIDCProviderConfigSpec `json:"spec"` Spec OIDCProviderSpec `json:"spec"`
// Status of the OIDC provider. // Status of the OIDC provider.
Status OIDCProviderConfigStatus `json:"status,omitempty"` Status OIDCProviderStatus `json:"status,omitempty"`
} }
// List of OIDCProviderConfig objects. // List of OIDCProvider objects.
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type OIDCProviderList struct {
type OIDCProviderConfigList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"` metav1.ListMeta `json:"metadata,omitempty"`
Items []OIDCProviderConfig `json:"items"` Items []OIDCProvider `json:"items"`
} }

View File

@ -81,11 +81,11 @@ func startControllers(
controllerManager := controllerlib. controllerManager := controllerlib.
NewManager(). NewManager().
WithController( WithController(
supervisorconfig.NewOIDCProviderConfigWatcherController( supervisorconfig.NewOIDCProviderWatcherController(
issuerManager, issuerManager,
clock.RealClock{}, clock.RealClock{},
pinnipedClient, pinnipedClient,
pinnipedInformers.Config().V1alpha1().OIDCProviderConfigs(), pinnipedInformers.Config().V1alpha1().OIDCProviders(),
controllerlib.WithInformer, controllerlib.WithInformer,
), ),
singletonWorker, singletonWorker,
@ -96,7 +96,7 @@ func startControllers(
kubeClient, kubeClient,
pinnipedClient, pinnipedClient,
kubeInformers.Core().V1().Secrets(), kubeInformers.Core().V1().Secrets(),
pinnipedInformers.Config().V1alpha1().OIDCProviderConfigs(), pinnipedInformers.Config().V1alpha1().OIDCProviders(),
controllerlib.WithInformer, controllerlib.WithInformer,
), ),
singletonWorker, singletonWorker,
@ -105,7 +105,7 @@ func startControllers(
supervisorconfig.NewJWKSObserverController( supervisorconfig.NewJWKSObserverController(
dynamicJWKSProvider, dynamicJWKSProvider,
kubeInformers.Core().V1().Secrets(), kubeInformers.Core().V1().Secrets(),
pinnipedInformers.Config().V1alpha1().OIDCProviderConfigs(), pinnipedInformers.Config().V1alpha1().OIDCProviders(),
controllerlib.WithInformer, controllerlib.WithInformer,
), ),
singletonWorker, singletonWorker,
@ -115,7 +115,7 @@ func startControllers(
dynamicTLSCertProvider, dynamicTLSCertProvider,
cfg.NamesConfig.DefaultTLSCertificateSecret, cfg.NamesConfig.DefaultTLSCertificateSecret,
kubeInformers.Core().V1().Secrets(), kubeInformers.Core().V1().Secrets(),
pinnipedInformers.Config().V1alpha1().OIDCProviderConfigs(), pinnipedInformers.Config().V1alpha1().OIDCProviders(),
controllerlib.WithInformer, controllerlib.WithInformer,
), ),
singletonWorker, singletonWorker,

View File

@ -59,9 +59,8 @@ The most common ways are:
1. Or, define a [TCP LoadBalancer Service](https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer) 1. Or, define a [TCP LoadBalancer Service](https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer)
which is a layer 4 load balancer and does not terminate TLS. In this case, the Supervisor app will need to be which is a layer 4 load balancer and does not terminate TLS. In this case, the Supervisor app will need to be
configured with TLS certificates and will terminate the TLS connection itself (see the section about configured with TLS certificates and will terminate the TLS connection itself (see the section about OIDCProvider
OIDCProviderConfig below). The LoadBalancer Service should be configured to use the HTTPS port 8443 of below). The LoadBalancer Service should be configured to use the HTTPS port 443 of the Supervisor pods as its `targetPort`.
the Supervisor pods as its `targetPort`.
*Warning:* Do not expose the Supervisor's port 8080 to the public. It would not be secure for the OIDC protocol *Warning:* Do not expose the Supervisor's port 8080 to the public. It would not be secure for the OIDC protocol
to use HTTP, because the user's secret OIDC tokens would be transmitted across the network without encryption. to use HTTP, because the user's secret OIDC tokens would be transmitted across the network without encryption.
@ -133,12 +132,12 @@ spec:
### Configuring the Supervisor to Act as an OIDC Provider ### Configuring the Supervisor to Act as an OIDC Provider
The Supervisor can be configured as an OIDC provider by creating `OIDCProviderConfig` resources The Supervisor can be configured as an OIDC provider by creating `OIDCProvider` resources
in the same namespace where the Supervisor app was installed. For example: in the same namespace where the Supervisor app was installed. For example:
```yaml ```yaml
apiVersion: config.supervisor.pinniped.dev/v1alpha1 apiVersion: config.supervisor.pinniped.dev/v1alpha1
kind: OIDCProviderConfig kind: OIDCProvider
metadata: metadata:
name: my-provider name: my-provider
# Assuming that this is the namespace where the supervisor was installed. This is the default in install-supervisor.yaml. # Assuming that this is the namespace where the supervisor was installed. This is the default in install-supervisor.yaml.
@ -155,12 +154,12 @@ spec:
#### Configuring TLS for the Supervisor OIDC Endpoints #### Configuring TLS for the Supervisor OIDC Endpoints
If you have terminated TLS outside the app, for example using an Ingress with TLS certificates, then you do not need to If you have terminated TLS outside the app, for example using an Ingress with TLS certificates, then you do not need to
configure TLS certificates on the OIDCProviderConfig. configure TLS certificates on the OIDCProvider.
If you are using a LoadBalancer Service to expose the Supervisor app outside your cluster, then you will If you are using a LoadBalancer Service to expose the Supervisor app outside your cluster, then you will
also need to configure the Supervisor app to terminate TLS. There are two places to configure TLS certificates: also need to configure the Supervisor app to terminate TLS. There are two places to configure TLS certificates:
1. Each `OIDCProviderConfig` can be configured with TLS certificates, using the `sniCertificateSecretName` field. 1. Each `OIDCProvider` can be configured with TLS certificates, using the `sniCertificateSecretName` field.
1. The default TLS certificate for all OIDC providers can be configured by creating a Secret called 1. The default TLS certificate for all OIDC providers can be configured by creating a Secret called
`pinniped-supervisor-default-tls-certificate` in the same namespace in which the Supervisor was installed. `pinniped-supervisor-default-tls-certificate` in the same namespace in which the Supervisor was installed.

View File

@ -6,22 +6,20 @@ metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.4.0 controller-gen.kubebuilder.io/version: v0.4.0
creationTimestamp: null creationTimestamp: null
name: oidcproviderconfigs.config.supervisor.pinniped.dev name: oidcproviders.config.supervisor.pinniped.dev
spec: spec:
group: config.supervisor.pinniped.dev group: config.supervisor.pinniped.dev
names: names:
kind: OIDCProviderConfig kind: OIDCProvider
listKind: OIDCProviderConfigList listKind: OIDCProviderList
plural: oidcproviderconfigs plural: oidcproviders
shortNames: singular: oidcprovider
- opc
singular: oidcproviderconfig
scope: Namespaced scope: Namespaced
versions: versions:
- name: v1alpha1 - name: v1alpha1
schema: schema:
openAPIV3Schema: openAPIV3Schema:
description: OIDCProviderConfig describes the configuration of an OIDC provider. description: OIDCProvider describes the configuration of an OIDC provider.
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: 'APIVersion defines the versioned schema of this representation

View File

@ -17,7 +17,7 @@ rules:
resources: [secrets] resources: [secrets]
verbs: [create, get, list, patch, update, watch, delete] verbs: [create, get, list, patch, update, watch, delete]
- apiGroups: [config.supervisor.pinniped.dev] - apiGroups: [config.supervisor.pinniped.dev]
resources: [oidcproviderconfigs] resources: [oidcproviders]
verbs: [update, get, list, watch] verbs: [update, get, list, watch]
--- ---
kind: RoleBinding kind: RoleBinding

View File

@ -4,7 +4,7 @@
#@ load("@ytt:overlay", "overlay") #@ load("@ytt:overlay", "overlay")
#@ load("helpers.lib.yaml", "labels") #@ load("helpers.lib.yaml", "labels")
#@overlay/match by=overlay.subset({"kind": "CustomResourceDefinition", "metadata":{"name":"oidcproviderconfigs.config.supervisor.pinniped.dev"}}), expects=1 #@overlay/match by=overlay.subset({"kind": "CustomResourceDefinition", "metadata":{"name":"oidcproviders.config.supervisor.pinniped.dev"}}), expects=1
--- ---
metadata: metadata:
#@overlay/match missing_ok=True #@overlay/match missing_ok=True

View File

@ -217,14 +217,14 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuratio
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcproviderconfig"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcprovider"]
==== OIDCProviderConfig ==== OIDCProvider
OIDCProviderConfig describes the configuration of an OIDC provider. OIDCProvider describes the configuration of an OIDC provider.
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcproviderconfiglist[$$OIDCProviderConfigList$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcproviderlist[$$OIDCProviderList$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
@ -232,21 +232,21 @@ OIDCProviderConfig describes the configuration of an OIDC provider.
| Field | Description | Field | Description
| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. | *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`.
| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcproviderconfigspec[$$OIDCProviderConfigSpec$$]__ | Spec of the OIDC provider. | *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcproviderspec[$$OIDCProviderSpec$$]__ | Spec of the OIDC provider.
| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcproviderconfigstatus[$$OIDCProviderConfigStatus$$]__ | Status of the OIDC provider. | *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcproviderstatus[$$OIDCProviderStatus$$]__ | Status of the OIDC provider.
|=== |===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcproviderconfigspec"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcproviderspec"]
==== OIDCProviderConfigSpec ==== OIDCProviderSpec
OIDCProviderConfigSpec is a struct that describes an OIDC Provider. OIDCProviderSpec is a struct that describes an OIDC Provider.
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcproviderconfig[$$OIDCProviderConfig$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcprovider[$$OIDCProvider$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
@ -262,20 +262,20 @@ OIDCProviderConfigSpec is a struct that describes an OIDC Provider.
|=== |===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcproviderconfigstatus"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcproviderstatus"]
==== OIDCProviderConfigStatus ==== OIDCProviderStatus
OIDCProviderConfigStatus is a struct that describes the actual state of an OIDC Provider. OIDCProviderStatus is a struct that describes the actual state of an OIDC Provider.
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcproviderconfig[$$OIDCProviderConfig$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcprovider[$$OIDCProvider$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
|=== |===
| Field | Description | Field | Description
| *`status`* __OIDCProviderStatus__ | Status holds an enum that describes the state of this OIDC Provider. Note that this Status can represent success or failure. | *`status`* __OIDCProviderStatusCondition__ | Status holds an enum that describes the state of this OIDC Provider. Note that this Status can represent success or failure.
| *`message`* __string__ | Message provides human-readable details about the Status. | *`message`* __string__ | Message provides human-readable details about the Status.
| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#time-v1-meta[$$Time$$]__ | LastUpdateTime holds the time at which the Status was last updated. It is a pointer to get around some undesirable behavior with respect to the empty metav1.Time value (see https://github.com/kubernetes/kubernetes/issues/86811). | *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#time-v1-meta[$$Time$$]__ | LastUpdateTime holds the time at which the Status was last updated. It is a pointer to get around some undesirable behavior with respect to the empty metav1.Time value (see https://github.com/kubernetes/kubernetes/issues/86811).
| *`jwksSecret`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKSSecret holds the name of the secret in which this OIDC Provider's signing/verification keys are stored. If it is empty, then the signing/verification keys are either unknown or they don't exist. | *`jwksSecret`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKSSecret holds the name of the secret in which this OIDC Provider's signing/verification keys are stored. If it is empty, then the signing/verification keys are either unknown or they don't exist.

View File

@ -30,8 +30,8 @@ func init() {
// Adds the list of known types to the given scheme. // Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error { func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion, scheme.AddKnownTypes(SchemeGroupVersion,
&OIDCProviderConfig{}, &OIDCProvider{},
&OIDCProviderConfigList{}, &OIDCProviderList{},
) )
metav1.AddToGroupVersion(scheme, SchemeGroupVersion) metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil return nil

View File

@ -9,17 +9,17 @@ import (
) )
// +kubebuilder:validation:Enum=Success;Duplicate;Invalid // +kubebuilder:validation:Enum=Success;Duplicate;Invalid
type OIDCProviderStatus string type OIDCProviderStatusCondition string
const ( const (
SuccessOIDCProviderStatus = OIDCProviderStatus("Success") SuccessOIDCProviderStatusCondition = OIDCProviderStatusCondition("Success")
DuplicateOIDCProviderStatus = OIDCProviderStatus("Duplicate") DuplicateOIDCProviderStatusCondition = OIDCProviderStatusCondition("Duplicate")
SameIssuerHostMustUseSameSecretOIDCProviderStatus = OIDCProviderStatus("SameIssuerHostMustUseSameSecret") SameIssuerHostMustUseSameSecretOIDCProviderStatusCondition = OIDCProviderStatusCondition("SameIssuerHostMustUseSameSecret")
InvalidOIDCProviderStatus = OIDCProviderStatus("Invalid") InvalidOIDCProviderStatusCondition = OIDCProviderStatusCondition("Invalid")
) )
// OIDCProviderConfigSpec is a struct that describes an OIDC Provider. // OIDCProviderSpec is a struct that describes an OIDC Provider.
type OIDCProviderConfigSpec struct { type OIDCProviderSpec struct {
// Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the // Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the
// identifier that it will use for the iss claim in issued JWTs. This field will also be used as // identifier that it will use for the iss claim in issued JWTs. This field will also be used as
// the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is // the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is
@ -54,12 +54,12 @@ type OIDCProviderConfigSpec struct {
SNICertificateSecretName string `json:"sniCertificateSecretName,omitempty"` SNICertificateSecretName string `json:"sniCertificateSecretName,omitempty"`
} }
// OIDCProviderConfigStatus is a struct that describes the actual state of an OIDC Provider. // OIDCProviderStatus is a struct that describes the actual state of an OIDC Provider.
type OIDCProviderConfigStatus struct { type OIDCProviderStatus struct {
// Status holds an enum that describes the state of this OIDC Provider. Note that this Status can // Status holds an enum that describes the state of this OIDC Provider. Note that this Status can
// represent success or failure. // represent success or failure.
// +optional // +optional
Status OIDCProviderStatus `json:"status,omitempty"` Status OIDCProviderStatusCondition `json:"status,omitempty"`
// Message provides human-readable details about the Status. // Message provides human-readable details about the Status.
// +optional // +optional
@ -78,27 +78,25 @@ type OIDCProviderConfigStatus struct {
JWKSSecret corev1.LocalObjectReference `json:"jwksSecret,omitempty"` JWKSSecret corev1.LocalObjectReference `json:"jwksSecret,omitempty"`
} }
// OIDCProviderConfig describes the configuration of an OIDC provider. // OIDCProvider describes the configuration of an OIDC provider.
// +genclient // +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:resource:shortName=opc type OIDCProvider struct {
type OIDCProviderConfig struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"` metav1.ObjectMeta `json:"metadata,omitempty"`
// Spec of the OIDC provider. // Spec of the OIDC provider.
Spec OIDCProviderConfigSpec `json:"spec"` Spec OIDCProviderSpec `json:"spec"`
// Status of the OIDC provider. // Status of the OIDC provider.
Status OIDCProviderConfigStatus `json:"status,omitempty"` Status OIDCProviderStatus `json:"status,omitempty"`
} }
// List of OIDCProviderConfig objects. // List of OIDCProvider objects.
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type OIDCProviderList struct {
type OIDCProviderConfigList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"` metav1.ListMeta `json:"metadata,omitempty"`
Items []OIDCProviderConfig `json:"items"` Items []OIDCProvider `json:"items"`
} }

View File

@ -12,7 +12,7 @@ import (
) )
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *OIDCProviderConfig) DeepCopyInto(out *OIDCProviderConfig) { func (in *OIDCProvider) DeepCopyInto(out *OIDCProvider) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
@ -21,18 +21,18 @@ func (in *OIDCProviderConfig) DeepCopyInto(out *OIDCProviderConfig) {
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderConfig. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProvider.
func (in *OIDCProviderConfig) DeepCopy() *OIDCProviderConfig { func (in *OIDCProvider) DeepCopy() *OIDCProvider {
if in == nil { if in == nil {
return nil return nil
} }
out := new(OIDCProviderConfig) out := new(OIDCProvider)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *OIDCProviderConfig) DeepCopyObject() runtime.Object { func (in *OIDCProvider) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -40,13 +40,13 @@ func (in *OIDCProviderConfig) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *OIDCProviderConfigList) DeepCopyInto(out *OIDCProviderConfigList) { func (in *OIDCProviderList) DeepCopyInto(out *OIDCProviderList) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta) in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil { if in.Items != nil {
in, out := &in.Items, &out.Items in, out := &in.Items, &out.Items
*out = make([]OIDCProviderConfig, len(*in)) *out = make([]OIDCProvider, len(*in))
for i := range *in { for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i]) (*in)[i].DeepCopyInto(&(*out)[i])
} }
@ -54,18 +54,18 @@ func (in *OIDCProviderConfigList) DeepCopyInto(out *OIDCProviderConfigList) {
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderConfigList. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderList.
func (in *OIDCProviderConfigList) DeepCopy() *OIDCProviderConfigList { func (in *OIDCProviderList) DeepCopy() *OIDCProviderList {
if in == nil { if in == nil {
return nil return nil
} }
out := new(OIDCProviderConfigList) out := new(OIDCProviderList)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *OIDCProviderConfigList) DeepCopyObject() runtime.Object { func (in *OIDCProviderList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -73,23 +73,23 @@ func (in *OIDCProviderConfigList) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *OIDCProviderConfigSpec) DeepCopyInto(out *OIDCProviderConfigSpec) { func (in *OIDCProviderSpec) DeepCopyInto(out *OIDCProviderSpec) {
*out = *in *out = *in
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderConfigSpec. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderSpec.
func (in *OIDCProviderConfigSpec) DeepCopy() *OIDCProviderConfigSpec { func (in *OIDCProviderSpec) DeepCopy() *OIDCProviderSpec {
if in == nil { if in == nil {
return nil return nil
} }
out := new(OIDCProviderConfigSpec) out := new(OIDCProviderSpec)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *OIDCProviderConfigStatus) DeepCopyInto(out *OIDCProviderConfigStatus) { func (in *OIDCProviderStatus) DeepCopyInto(out *OIDCProviderStatus) {
*out = *in *out = *in
if in.LastUpdateTime != nil { if in.LastUpdateTime != nil {
in, out := &in.LastUpdateTime, &out.LastUpdateTime in, out := &in.LastUpdateTime, &out.LastUpdateTime
@ -99,12 +99,12 @@ func (in *OIDCProviderConfigStatus) DeepCopyInto(out *OIDCProviderConfigStatus)
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderConfigStatus. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderStatus.
func (in *OIDCProviderConfigStatus) DeepCopy() *OIDCProviderConfigStatus { func (in *OIDCProviderStatus) DeepCopy() *OIDCProviderStatus {
if in == nil { if in == nil {
return nil return nil
} }
out := new(OIDCProviderConfigStatus) out := new(OIDCProviderStatus)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }

View File

@ -13,7 +13,7 @@ import (
type ConfigV1alpha1Interface interface { type ConfigV1alpha1Interface interface {
RESTClient() rest.Interface RESTClient() rest.Interface
OIDCProviderConfigsGetter OIDCProvidersGetter
} }
// ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. // ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group.
@ -21,8 +21,8 @@ type ConfigV1alpha1Client struct {
restClient rest.Interface restClient rest.Interface
} }
func (c *ConfigV1alpha1Client) OIDCProviderConfigs(namespace string) OIDCProviderConfigInterface { func (c *ConfigV1alpha1Client) OIDCProviders(namespace string) OIDCProviderInterface {
return newOIDCProviderConfigs(c, namespace) return newOIDCProviders(c, namespace)
} }
// NewForConfig creates a new ConfigV1alpha1Client for the given config. // NewForConfig creates a new ConfigV1alpha1Client for the given config.

View File

@ -15,8 +15,8 @@ type FakeConfigV1alpha1 struct {
*testing.Fake *testing.Fake
} }
func (c *FakeConfigV1alpha1) OIDCProviderConfigs(namespace string) v1alpha1.OIDCProviderConfigInterface { func (c *FakeConfigV1alpha1) OIDCProviders(namespace string) v1alpha1.OIDCProviderInterface {
return &FakeOIDCProviderConfigs{c, namespace} return &FakeOIDCProviders{c, namespace}
} }
// RESTClient returns a RESTClient that is used to communicate // RESTClient returns a RESTClient that is used to communicate

View File

@ -0,0 +1,127 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
v1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeOIDCProviders implements OIDCProviderInterface
type FakeOIDCProviders struct {
Fake *FakeConfigV1alpha1
ns string
}
var oidcprovidersResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcproviders"}
var oidcprovidersKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCProvider"}
// Get takes name of the oIDCProvider, and returns the corresponding oIDCProvider object, and an error if there is any.
func (c *FakeOIDCProviders) Get(name string, options v1.GetOptions) (result *v1alpha1.OIDCProvider, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(oidcprovidersResource, c.ns, name), &v1alpha1.OIDCProvider{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProvider), err
}
// List takes label and field selectors, and returns the list of OIDCProviders that match those selectors.
func (c *FakeOIDCProviders) List(opts v1.ListOptions) (result *v1alpha1.OIDCProviderList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(oidcprovidersResource, oidcprovidersKind, c.ns, opts), &v1alpha1.OIDCProviderList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.OIDCProviderList{ListMeta: obj.(*v1alpha1.OIDCProviderList).ListMeta}
for _, item := range obj.(*v1alpha1.OIDCProviderList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested oIDCProviders.
func (c *FakeOIDCProviders) Watch(opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(oidcprovidersResource, c.ns, opts))
}
// Create takes the representation of a oIDCProvider and creates it. Returns the server's representation of the oIDCProvider, and an error, if there is any.
func (c *FakeOIDCProviders) Create(oIDCProvider *v1alpha1.OIDCProvider) (result *v1alpha1.OIDCProvider, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(oidcprovidersResource, c.ns, oIDCProvider), &v1alpha1.OIDCProvider{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProvider), err
}
// Update takes the representation of a oIDCProvider and updates it. Returns the server's representation of the oIDCProvider, and an error, if there is any.
func (c *FakeOIDCProviders) Update(oIDCProvider *v1alpha1.OIDCProvider) (result *v1alpha1.OIDCProvider, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(oidcprovidersResource, c.ns, oIDCProvider), &v1alpha1.OIDCProvider{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProvider), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeOIDCProviders) UpdateStatus(oIDCProvider *v1alpha1.OIDCProvider) (*v1alpha1.OIDCProvider, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(oidcprovidersResource, "status", c.ns, oIDCProvider), &v1alpha1.OIDCProvider{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProvider), err
}
// Delete takes name of the oIDCProvider and deletes it. Returns an error if one occurs.
func (c *FakeOIDCProviders) Delete(name string, options *v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(oidcprovidersResource, c.ns, name), &v1alpha1.OIDCProvider{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeOIDCProviders) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(oidcprovidersResource, c.ns, listOptions)
_, err := c.Fake.Invokes(action, &v1alpha1.OIDCProviderList{})
return err
}
// Patch applies the patch and returns the patched oIDCProvider.
func (c *FakeOIDCProviders) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.OIDCProvider, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(oidcprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCProvider{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProvider), err
}

View File

@ -1,127 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
v1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeOIDCProviderConfigs implements OIDCProviderConfigInterface
type FakeOIDCProviderConfigs struct {
Fake *FakeConfigV1alpha1
ns string
}
var oidcproviderconfigsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcproviderconfigs"}
var oidcproviderconfigsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCProviderConfig"}
// Get takes name of the oIDCProviderConfig, and returns the corresponding oIDCProviderConfig object, and an error if there is any.
func (c *FakeOIDCProviderConfigs) Get(name string, options v1.GetOptions) (result *v1alpha1.OIDCProviderConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(oidcproviderconfigsResource, c.ns, name), &v1alpha1.OIDCProviderConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProviderConfig), err
}
// List takes label and field selectors, and returns the list of OIDCProviderConfigs that match those selectors.
func (c *FakeOIDCProviderConfigs) List(opts v1.ListOptions) (result *v1alpha1.OIDCProviderConfigList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(oidcproviderconfigsResource, oidcproviderconfigsKind, c.ns, opts), &v1alpha1.OIDCProviderConfigList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.OIDCProviderConfigList{ListMeta: obj.(*v1alpha1.OIDCProviderConfigList).ListMeta}
for _, item := range obj.(*v1alpha1.OIDCProviderConfigList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested oIDCProviderConfigs.
func (c *FakeOIDCProviderConfigs) Watch(opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(oidcproviderconfigsResource, c.ns, opts))
}
// Create takes the representation of a oIDCProviderConfig and creates it. Returns the server's representation of the oIDCProviderConfig, and an error, if there is any.
func (c *FakeOIDCProviderConfigs) Create(oIDCProviderConfig *v1alpha1.OIDCProviderConfig) (result *v1alpha1.OIDCProviderConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(oidcproviderconfigsResource, c.ns, oIDCProviderConfig), &v1alpha1.OIDCProviderConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProviderConfig), err
}
// Update takes the representation of a oIDCProviderConfig and updates it. Returns the server's representation of the oIDCProviderConfig, and an error, if there is any.
func (c *FakeOIDCProviderConfigs) Update(oIDCProviderConfig *v1alpha1.OIDCProviderConfig) (result *v1alpha1.OIDCProviderConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(oidcproviderconfigsResource, c.ns, oIDCProviderConfig), &v1alpha1.OIDCProviderConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProviderConfig), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeOIDCProviderConfigs) UpdateStatus(oIDCProviderConfig *v1alpha1.OIDCProviderConfig) (*v1alpha1.OIDCProviderConfig, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(oidcproviderconfigsResource, "status", c.ns, oIDCProviderConfig), &v1alpha1.OIDCProviderConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProviderConfig), err
}
// Delete takes name of the oIDCProviderConfig and deletes it. Returns an error if one occurs.
func (c *FakeOIDCProviderConfigs) Delete(name string, options *v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(oidcproviderconfigsResource, c.ns, name), &v1alpha1.OIDCProviderConfig{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeOIDCProviderConfigs) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(oidcproviderconfigsResource, c.ns, listOptions)
_, err := c.Fake.Invokes(action, &v1alpha1.OIDCProviderConfigList{})
return err
}
// Patch applies the patch and returns the patched oIDCProviderConfig.
func (c *FakeOIDCProviderConfigs) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.OIDCProviderConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(oidcproviderconfigsResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCProviderConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProviderConfig), err
}

View File

@ -5,4 +5,4 @@
package v1alpha1 package v1alpha1
type OIDCProviderConfigExpansion interface{} type OIDCProviderExpansion interface{}

View File

@ -0,0 +1,178 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"time"
v1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.17/client/supervisor/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// OIDCProvidersGetter has a method to return a OIDCProviderInterface.
// A group's client should implement this interface.
type OIDCProvidersGetter interface {
OIDCProviders(namespace string) OIDCProviderInterface
}
// OIDCProviderInterface has methods to work with OIDCProvider resources.
type OIDCProviderInterface interface {
Create(*v1alpha1.OIDCProvider) (*v1alpha1.OIDCProvider, error)
Update(*v1alpha1.OIDCProvider) (*v1alpha1.OIDCProvider, error)
UpdateStatus(*v1alpha1.OIDCProvider) (*v1alpha1.OIDCProvider, error)
Delete(name string, options *v1.DeleteOptions) error
DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
Get(name string, options v1.GetOptions) (*v1alpha1.OIDCProvider, error)
List(opts v1.ListOptions) (*v1alpha1.OIDCProviderList, error)
Watch(opts v1.ListOptions) (watch.Interface, error)
Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.OIDCProvider, err error)
OIDCProviderExpansion
}
// oIDCProviders implements OIDCProviderInterface
type oIDCProviders struct {
client rest.Interface
ns string
}
// newOIDCProviders returns a OIDCProviders
func newOIDCProviders(c *ConfigV1alpha1Client, namespace string) *oIDCProviders {
return &oIDCProviders{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the oIDCProvider, and returns the corresponding oIDCProvider object, and an error if there is any.
func (c *oIDCProviders) Get(name string, options v1.GetOptions) (result *v1alpha1.OIDCProvider, err error) {
result = &v1alpha1.OIDCProvider{}
err = c.client.Get().
Namespace(c.ns).
Resource("oidcproviders").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do().
Into(result)
return
}
// List takes label and field selectors, and returns the list of OIDCProviders that match those selectors.
func (c *oIDCProviders) List(opts v1.ListOptions) (result *v1alpha1.OIDCProviderList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.OIDCProviderList{}
err = c.client.Get().
Namespace(c.ns).
Resource("oidcproviders").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do().
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested oIDCProviders.
func (c *oIDCProviders) Watch(opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("oidcproviders").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch()
}
// Create takes the representation of a oIDCProvider and creates it. Returns the server's representation of the oIDCProvider, and an error, if there is any.
func (c *oIDCProviders) Create(oIDCProvider *v1alpha1.OIDCProvider) (result *v1alpha1.OIDCProvider, err error) {
result = &v1alpha1.OIDCProvider{}
err = c.client.Post().
Namespace(c.ns).
Resource("oidcproviders").
Body(oIDCProvider).
Do().
Into(result)
return
}
// Update takes the representation of a oIDCProvider and updates it. Returns the server's representation of the oIDCProvider, and an error, if there is any.
func (c *oIDCProviders) Update(oIDCProvider *v1alpha1.OIDCProvider) (result *v1alpha1.OIDCProvider, err error) {
result = &v1alpha1.OIDCProvider{}
err = c.client.Put().
Namespace(c.ns).
Resource("oidcproviders").
Name(oIDCProvider.Name).
Body(oIDCProvider).
Do().
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *oIDCProviders) UpdateStatus(oIDCProvider *v1alpha1.OIDCProvider) (result *v1alpha1.OIDCProvider, err error) {
result = &v1alpha1.OIDCProvider{}
err = c.client.Put().
Namespace(c.ns).
Resource("oidcproviders").
Name(oIDCProvider.Name).
SubResource("status").
Body(oIDCProvider).
Do().
Into(result)
return
}
// Delete takes name of the oIDCProvider and deletes it. Returns an error if one occurs.
func (c *oIDCProviders) Delete(name string, options *v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("oidcproviders").
Name(name).
Body(options).
Do().
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *oIDCProviders) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
var timeout time.Duration
if listOptions.TimeoutSeconds != nil {
timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("oidcproviders").
VersionedParams(&listOptions, scheme.ParameterCodec).
Timeout(timeout).
Body(options).
Do().
Error()
}
// Patch applies the patch and returns the patched oIDCProvider.
func (c *oIDCProviders) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.OIDCProvider, err error) {
result = &v1alpha1.OIDCProvider{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("oidcproviders").
SubResource(subresources...).
Name(name).
Body(data).
Do().
Into(result)
return
}

View File

@ -1,178 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"time"
v1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.17/client/supervisor/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// OIDCProviderConfigsGetter has a method to return a OIDCProviderConfigInterface.
// A group's client should implement this interface.
type OIDCProviderConfigsGetter interface {
OIDCProviderConfigs(namespace string) OIDCProviderConfigInterface
}
// OIDCProviderConfigInterface has methods to work with OIDCProviderConfig resources.
type OIDCProviderConfigInterface interface {
Create(*v1alpha1.OIDCProviderConfig) (*v1alpha1.OIDCProviderConfig, error)
Update(*v1alpha1.OIDCProviderConfig) (*v1alpha1.OIDCProviderConfig, error)
UpdateStatus(*v1alpha1.OIDCProviderConfig) (*v1alpha1.OIDCProviderConfig, error)
Delete(name string, options *v1.DeleteOptions) error
DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
Get(name string, options v1.GetOptions) (*v1alpha1.OIDCProviderConfig, error)
List(opts v1.ListOptions) (*v1alpha1.OIDCProviderConfigList, error)
Watch(opts v1.ListOptions) (watch.Interface, error)
Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.OIDCProviderConfig, err error)
OIDCProviderConfigExpansion
}
// oIDCProviderConfigs implements OIDCProviderConfigInterface
type oIDCProviderConfigs struct {
client rest.Interface
ns string
}
// newOIDCProviderConfigs returns a OIDCProviderConfigs
func newOIDCProviderConfigs(c *ConfigV1alpha1Client, namespace string) *oIDCProviderConfigs {
return &oIDCProviderConfigs{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the oIDCProviderConfig, and returns the corresponding oIDCProviderConfig object, and an error if there is any.
func (c *oIDCProviderConfigs) Get(name string, options v1.GetOptions) (result *v1alpha1.OIDCProviderConfig, err error) {
result = &v1alpha1.OIDCProviderConfig{}
err = c.client.Get().
Namespace(c.ns).
Resource("oidcproviderconfigs").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do().
Into(result)
return
}
// List takes label and field selectors, and returns the list of OIDCProviderConfigs that match those selectors.
func (c *oIDCProviderConfigs) List(opts v1.ListOptions) (result *v1alpha1.OIDCProviderConfigList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.OIDCProviderConfigList{}
err = c.client.Get().
Namespace(c.ns).
Resource("oidcproviderconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do().
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested oIDCProviderConfigs.
func (c *oIDCProviderConfigs) Watch(opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("oidcproviderconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch()
}
// Create takes the representation of a oIDCProviderConfig and creates it. Returns the server's representation of the oIDCProviderConfig, and an error, if there is any.
func (c *oIDCProviderConfigs) Create(oIDCProviderConfig *v1alpha1.OIDCProviderConfig) (result *v1alpha1.OIDCProviderConfig, err error) {
result = &v1alpha1.OIDCProviderConfig{}
err = c.client.Post().
Namespace(c.ns).
Resource("oidcproviderconfigs").
Body(oIDCProviderConfig).
Do().
Into(result)
return
}
// Update takes the representation of a oIDCProviderConfig and updates it. Returns the server's representation of the oIDCProviderConfig, and an error, if there is any.
func (c *oIDCProviderConfigs) Update(oIDCProviderConfig *v1alpha1.OIDCProviderConfig) (result *v1alpha1.OIDCProviderConfig, err error) {
result = &v1alpha1.OIDCProviderConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("oidcproviderconfigs").
Name(oIDCProviderConfig.Name).
Body(oIDCProviderConfig).
Do().
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *oIDCProviderConfigs) UpdateStatus(oIDCProviderConfig *v1alpha1.OIDCProviderConfig) (result *v1alpha1.OIDCProviderConfig, err error) {
result = &v1alpha1.OIDCProviderConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("oidcproviderconfigs").
Name(oIDCProviderConfig.Name).
SubResource("status").
Body(oIDCProviderConfig).
Do().
Into(result)
return
}
// Delete takes name of the oIDCProviderConfig and deletes it. Returns an error if one occurs.
func (c *oIDCProviderConfigs) Delete(name string, options *v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("oidcproviderconfigs").
Name(name).
Body(options).
Do().
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *oIDCProviderConfigs) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
var timeout time.Duration
if listOptions.TimeoutSeconds != nil {
timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("oidcproviderconfigs").
VersionedParams(&listOptions, scheme.ParameterCodec).
Timeout(timeout).
Body(options).
Do().
Error()
}
// Patch applies the patch and returns the patched oIDCProviderConfig.
func (c *oIDCProviderConfigs) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.OIDCProviderConfig, err error) {
result = &v1alpha1.OIDCProviderConfig{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("oidcproviderconfigs").
SubResource(subresources...).
Name(name).
Body(data).
Do().
Into(result)
return
}

View File

@ -11,8 +11,8 @@ import (
// Interface provides access to all the informers in this group version. // Interface provides access to all the informers in this group version.
type Interface interface { type Interface interface {
// OIDCProviderConfigs returns a OIDCProviderConfigInformer. // OIDCProviders returns a OIDCProviderInformer.
OIDCProviderConfigs() OIDCProviderConfigInformer OIDCProviders() OIDCProviderInformer
} }
type version struct { type version struct {
@ -26,7 +26,7 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
} }
// OIDCProviderConfigs returns a OIDCProviderConfigInformer. // OIDCProviders returns a OIDCProviderInformer.
func (v *version) OIDCProviderConfigs() OIDCProviderConfigInformer { func (v *version) OIDCProviders() OIDCProviderInformer {
return &oIDCProviderConfigInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} return &oIDCProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
} }

View File

@ -0,0 +1,76 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.17/client/supervisor/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.17/client/supervisor/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.17/client/supervisor/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// OIDCProviderInformer provides access to a shared informer and lister for
// OIDCProviders.
type OIDCProviderInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.OIDCProviderLister
}
type oIDCProviderInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewOIDCProviderInformer constructs a new informer for OIDCProvider type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewOIDCProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredOIDCProviderInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredOIDCProviderInformer constructs a new informer for OIDCProvider type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredOIDCProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().OIDCProviders(namespace).List(options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().OIDCProviders(namespace).Watch(options)
},
},
&configv1alpha1.OIDCProvider{},
resyncPeriod,
indexers,
)
}
func (f *oIDCProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredOIDCProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *oIDCProviderInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.OIDCProvider{}, f.defaultInformer)
}
func (f *oIDCProviderInformer) Lister() v1alpha1.OIDCProviderLister {
return v1alpha1.NewOIDCProviderLister(f.Informer().GetIndexer())
}

View File

@ -1,76 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.17/client/supervisor/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.17/client/supervisor/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.17/client/supervisor/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// OIDCProviderConfigInformer provides access to a shared informer and lister for
// OIDCProviderConfigs.
type OIDCProviderConfigInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.OIDCProviderConfigLister
}
type oIDCProviderConfigInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewOIDCProviderConfigInformer constructs a new informer for OIDCProviderConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewOIDCProviderConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredOIDCProviderConfigInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredOIDCProviderConfigInformer constructs a new informer for OIDCProviderConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredOIDCProviderConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().OIDCProviderConfigs(namespace).List(options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().OIDCProviderConfigs(namespace).Watch(options)
},
},
&configv1alpha1.OIDCProviderConfig{},
resyncPeriod,
indexers,
)
}
func (f *oIDCProviderConfigInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredOIDCProviderConfigInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *oIDCProviderConfigInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.OIDCProviderConfig{}, f.defaultInformer)
}
func (f *oIDCProviderConfigInformer) Lister() v1alpha1.OIDCProviderConfigLister {
return v1alpha1.NewOIDCProviderConfigLister(f.Informer().GetIndexer())
}

View File

@ -40,8 +40,8 @@ func (f *genericInformer) Lister() cache.GenericLister {
func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) {
switch resource { switch resource {
// Group=config.supervisor.pinniped.dev, Version=v1alpha1 // Group=config.supervisor.pinniped.dev, Version=v1alpha1
case v1alpha1.SchemeGroupVersion.WithResource("oidcproviderconfigs"): case v1alpha1.SchemeGroupVersion.WithResource("oidcproviders"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCProviderConfigs().Informer()}, nil return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCProviders().Informer()}, nil
} }

View File

@ -5,10 +5,10 @@
package v1alpha1 package v1alpha1
// OIDCProviderConfigListerExpansion allows custom methods to be added to // OIDCProviderListerExpansion allows custom methods to be added to
// OIDCProviderConfigLister. // OIDCProviderLister.
type OIDCProviderConfigListerExpansion interface{} type OIDCProviderListerExpansion interface{}
// OIDCProviderConfigNamespaceListerExpansion allows custom methods to be added to // OIDCProviderNamespaceListerExpansion allows custom methods to be added to
// OIDCProviderConfigNamespaceLister. // OIDCProviderNamespaceLister.
type OIDCProviderConfigNamespaceListerExpansion interface{} type OIDCProviderNamespaceListerExpansion interface{}

View File

@ -0,0 +1,81 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// OIDCProviderLister helps list OIDCProviders.
type OIDCProviderLister interface {
// List lists all OIDCProviders in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.OIDCProvider, err error)
// OIDCProviders returns an object that can list and get OIDCProviders.
OIDCProviders(namespace string) OIDCProviderNamespaceLister
OIDCProviderListerExpansion
}
// oIDCProviderLister implements the OIDCProviderLister interface.
type oIDCProviderLister struct {
indexer cache.Indexer
}
// NewOIDCProviderLister returns a new OIDCProviderLister.
func NewOIDCProviderLister(indexer cache.Indexer) OIDCProviderLister {
return &oIDCProviderLister{indexer: indexer}
}
// List lists all OIDCProviders in the indexer.
func (s *oIDCProviderLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCProvider, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.OIDCProvider))
})
return ret, err
}
// OIDCProviders returns an object that can list and get OIDCProviders.
func (s *oIDCProviderLister) OIDCProviders(namespace string) OIDCProviderNamespaceLister {
return oIDCProviderNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// OIDCProviderNamespaceLister helps list and get OIDCProviders.
type OIDCProviderNamespaceLister interface {
// List lists all OIDCProviders in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.OIDCProvider, err error)
// Get retrieves the OIDCProvider from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.OIDCProvider, error)
OIDCProviderNamespaceListerExpansion
}
// oIDCProviderNamespaceLister implements the OIDCProviderNamespaceLister
// interface.
type oIDCProviderNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all OIDCProviders in the indexer for a given namespace.
func (s oIDCProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCProvider, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.OIDCProvider))
})
return ret, err
}
// Get retrieves the OIDCProvider from the indexer for a given namespace and name.
func (s oIDCProviderNamespaceLister) Get(name string) (*v1alpha1.OIDCProvider, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("oidcprovider"), name)
}
return obj.(*v1alpha1.OIDCProvider), nil
}

View File

@ -1,81 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// OIDCProviderConfigLister helps list OIDCProviderConfigs.
type OIDCProviderConfigLister interface {
// List lists all OIDCProviderConfigs in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.OIDCProviderConfig, err error)
// OIDCProviderConfigs returns an object that can list and get OIDCProviderConfigs.
OIDCProviderConfigs(namespace string) OIDCProviderConfigNamespaceLister
OIDCProviderConfigListerExpansion
}
// oIDCProviderConfigLister implements the OIDCProviderConfigLister interface.
type oIDCProviderConfigLister struct {
indexer cache.Indexer
}
// NewOIDCProviderConfigLister returns a new OIDCProviderConfigLister.
func NewOIDCProviderConfigLister(indexer cache.Indexer) OIDCProviderConfigLister {
return &oIDCProviderConfigLister{indexer: indexer}
}
// List lists all OIDCProviderConfigs in the indexer.
func (s *oIDCProviderConfigLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCProviderConfig, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.OIDCProviderConfig))
})
return ret, err
}
// OIDCProviderConfigs returns an object that can list and get OIDCProviderConfigs.
func (s *oIDCProviderConfigLister) OIDCProviderConfigs(namespace string) OIDCProviderConfigNamespaceLister {
return oIDCProviderConfigNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// OIDCProviderConfigNamespaceLister helps list and get OIDCProviderConfigs.
type OIDCProviderConfigNamespaceLister interface {
// List lists all OIDCProviderConfigs in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.OIDCProviderConfig, err error)
// Get retrieves the OIDCProviderConfig from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.OIDCProviderConfig, error)
OIDCProviderConfigNamespaceListerExpansion
}
// oIDCProviderConfigNamespaceLister implements the OIDCProviderConfigNamespaceLister
// interface.
type oIDCProviderConfigNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all OIDCProviderConfigs in the indexer for a given namespace.
func (s oIDCProviderConfigNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCProviderConfig, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.OIDCProviderConfig))
})
return ret, err
}
// Get retrieves the OIDCProviderConfig from the indexer for a given namespace and name.
func (s oIDCProviderConfigNamespaceLister) Get(name string) (*v1alpha1.OIDCProviderConfig, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("oidcproviderconfig"), name)
}
return obj.(*v1alpha1.OIDCProviderConfig), nil
}

View File

@ -17,10 +17,10 @@ import (
func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition {
return map[string]common.OpenAPIDefinition{ return map[string]common.OpenAPIDefinition{
"go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderConfig": schema_apis_supervisor_config_v1alpha1_OIDCProviderConfig(ref), "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProvider": schema_apis_supervisor_config_v1alpha1_OIDCProvider(ref),
"go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderConfigList": schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigList(ref), "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderList": schema_apis_supervisor_config_v1alpha1_OIDCProviderList(ref),
"go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderConfigSpec": schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigSpec(ref), "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderSpec": schema_apis_supervisor_config_v1alpha1_OIDCProviderSpec(ref),
"go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderConfigStatus": schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigStatus(ref), "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderStatus": schema_apis_supervisor_config_v1alpha1_OIDCProviderStatus(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref),
@ -75,11 +75,11 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
} }
} }
func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_supervisor_config_v1alpha1_OIDCProvider(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "OIDCProviderConfig describes the configuration of an OIDC provider.", Description: "OIDCProvider describes the configuration of an OIDC provider.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"kind": { "kind": {
@ -104,13 +104,13 @@ func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfig(ref common.Refere
"spec": { "spec": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "Spec of the OIDC provider.", Description: "Spec of the OIDC provider.",
Ref: ref("go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderConfigSpec"), Ref: ref("go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderSpec"),
}, },
}, },
"status": { "status": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "Status of the OIDC provider.", Description: "Status of the OIDC provider.",
Ref: ref("go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderConfigStatus"), Ref: ref("go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderStatus"),
}, },
}, },
}, },
@ -118,14 +118,15 @@ func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfig(ref common.Refere
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderConfigSpec", "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderConfigStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderSpec", "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
} }
} }
func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigList(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_supervisor_config_v1alpha1_OIDCProviderList(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "List of OIDCProvider objects.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"kind": { "kind": {
@ -153,7 +154,7 @@ func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigList(ref common.Re
Items: &spec.SchemaOrArray{ Items: &spec.SchemaOrArray{
Schema: &spec.Schema{ Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Ref: ref("go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderConfig"), Ref: ref("go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProvider"),
}, },
}, },
}, },
@ -164,15 +165,15 @@ func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigList(ref common.Re
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProviderConfig", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1.OIDCProvider", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
} }
} }
func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_supervisor_config_v1alpha1_OIDCProviderSpec(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "OIDCProviderConfigSpec is a struct that describes an OIDC Provider.", Description: "OIDCProviderSpec is a struct that describes an OIDC Provider.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"issuer": { "issuer": {
@ -196,11 +197,11 @@ func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigSpec(ref common.Re
} }
} }
func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_supervisor_config_v1alpha1_OIDCProviderStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "OIDCProviderConfigStatus is a struct that describes the actual state of an OIDC Provider.", Description: "OIDCProviderStatus is a struct that describes the actual state of an OIDC Provider.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"status": { "status": {

View File

@ -6,22 +6,20 @@ metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.4.0 controller-gen.kubebuilder.io/version: v0.4.0
creationTimestamp: null creationTimestamp: null
name: oidcproviderconfigs.config.supervisor.pinniped.dev name: oidcproviders.config.supervisor.pinniped.dev
spec: spec:
group: config.supervisor.pinniped.dev group: config.supervisor.pinniped.dev
names: names:
kind: OIDCProviderConfig kind: OIDCProvider
listKind: OIDCProviderConfigList listKind: OIDCProviderList
plural: oidcproviderconfigs plural: oidcproviders
shortNames: singular: oidcprovider
- opc
singular: oidcproviderconfig
scope: Namespaced scope: Namespaced
versions: versions:
- name: v1alpha1 - name: v1alpha1
schema: schema:
openAPIV3Schema: openAPIV3Schema:
description: OIDCProviderConfig describes the configuration of an OIDC provider. description: OIDCProvider describes the configuration of an OIDC provider.
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: 'APIVersion defines the versioned schema of this representation

View File

@ -217,14 +217,14 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuratio
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcproviderconfig"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcprovider"]
==== OIDCProviderConfig ==== OIDCProvider
OIDCProviderConfig describes the configuration of an OIDC provider. OIDCProvider describes the configuration of an OIDC provider.
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcproviderconfiglist[$$OIDCProviderConfigList$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcproviderlist[$$OIDCProviderList$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
@ -232,21 +232,21 @@ OIDCProviderConfig describes the configuration of an OIDC provider.
| Field | Description | Field | Description
| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. | *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`.
| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcproviderconfigspec[$$OIDCProviderConfigSpec$$]__ | Spec of the OIDC provider. | *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcproviderspec[$$OIDCProviderSpec$$]__ | Spec of the OIDC provider.
| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcproviderconfigstatus[$$OIDCProviderConfigStatus$$]__ | Status of the OIDC provider. | *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcproviderstatus[$$OIDCProviderStatus$$]__ | Status of the OIDC provider.
|=== |===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcproviderconfigspec"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcproviderspec"]
==== OIDCProviderConfigSpec ==== OIDCProviderSpec
OIDCProviderConfigSpec is a struct that describes an OIDC Provider. OIDCProviderSpec is a struct that describes an OIDC Provider.
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcproviderconfig[$$OIDCProviderConfig$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcprovider[$$OIDCProvider$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
@ -262,20 +262,20 @@ OIDCProviderConfigSpec is a struct that describes an OIDC Provider.
|=== |===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcproviderconfigstatus"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcproviderstatus"]
==== OIDCProviderConfigStatus ==== OIDCProviderStatus
OIDCProviderConfigStatus is a struct that describes the actual state of an OIDC Provider. OIDCProviderStatus is a struct that describes the actual state of an OIDC Provider.
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcproviderconfig[$$OIDCProviderConfig$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcprovider[$$OIDCProvider$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
|=== |===
| Field | Description | Field | Description
| *`status`* __OIDCProviderStatus__ | Status holds an enum that describes the state of this OIDC Provider. Note that this Status can represent success or failure. | *`status`* __OIDCProviderStatusCondition__ | Status holds an enum that describes the state of this OIDC Provider. Note that this Status can represent success or failure.
| *`message`* __string__ | Message provides human-readable details about the Status. | *`message`* __string__ | Message provides human-readable details about the Status.
| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#time-v1-meta[$$Time$$]__ | LastUpdateTime holds the time at which the Status was last updated. It is a pointer to get around some undesirable behavior with respect to the empty metav1.Time value (see https://github.com/kubernetes/kubernetes/issues/86811). | *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#time-v1-meta[$$Time$$]__ | LastUpdateTime holds the time at which the Status was last updated. It is a pointer to get around some undesirable behavior with respect to the empty metav1.Time value (see https://github.com/kubernetes/kubernetes/issues/86811).
| *`jwksSecret`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKSSecret holds the name of the secret in which this OIDC Provider's signing/verification keys are stored. If it is empty, then the signing/verification keys are either unknown or they don't exist. | *`jwksSecret`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKSSecret holds the name of the secret in which this OIDC Provider's signing/verification keys are stored. If it is empty, then the signing/verification keys are either unknown or they don't exist.

View File

@ -30,8 +30,8 @@ func init() {
// Adds the list of known types to the given scheme. // Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error { func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion, scheme.AddKnownTypes(SchemeGroupVersion,
&OIDCProviderConfig{}, &OIDCProvider{},
&OIDCProviderConfigList{}, &OIDCProviderList{},
) )
metav1.AddToGroupVersion(scheme, SchemeGroupVersion) metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil return nil

View File

@ -9,17 +9,17 @@ import (
) )
// +kubebuilder:validation:Enum=Success;Duplicate;Invalid // +kubebuilder:validation:Enum=Success;Duplicate;Invalid
type OIDCProviderStatus string type OIDCProviderStatusCondition string
const ( const (
SuccessOIDCProviderStatus = OIDCProviderStatus("Success") SuccessOIDCProviderStatusCondition = OIDCProviderStatusCondition("Success")
DuplicateOIDCProviderStatus = OIDCProviderStatus("Duplicate") DuplicateOIDCProviderStatusCondition = OIDCProviderStatusCondition("Duplicate")
SameIssuerHostMustUseSameSecretOIDCProviderStatus = OIDCProviderStatus("SameIssuerHostMustUseSameSecret") SameIssuerHostMustUseSameSecretOIDCProviderStatusCondition = OIDCProviderStatusCondition("SameIssuerHostMustUseSameSecret")
InvalidOIDCProviderStatus = OIDCProviderStatus("Invalid") InvalidOIDCProviderStatusCondition = OIDCProviderStatusCondition("Invalid")
) )
// OIDCProviderConfigSpec is a struct that describes an OIDC Provider. // OIDCProviderSpec is a struct that describes an OIDC Provider.
type OIDCProviderConfigSpec struct { type OIDCProviderSpec struct {
// Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the // Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the
// identifier that it will use for the iss claim in issued JWTs. This field will also be used as // identifier that it will use for the iss claim in issued JWTs. This field will also be used as
// the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is // the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is
@ -54,12 +54,12 @@ type OIDCProviderConfigSpec struct {
SNICertificateSecretName string `json:"sniCertificateSecretName,omitempty"` SNICertificateSecretName string `json:"sniCertificateSecretName,omitempty"`
} }
// OIDCProviderConfigStatus is a struct that describes the actual state of an OIDC Provider. // OIDCProviderStatus is a struct that describes the actual state of an OIDC Provider.
type OIDCProviderConfigStatus struct { type OIDCProviderStatus struct {
// Status holds an enum that describes the state of this OIDC Provider. Note that this Status can // Status holds an enum that describes the state of this OIDC Provider. Note that this Status can
// represent success or failure. // represent success or failure.
// +optional // +optional
Status OIDCProviderStatus `json:"status,omitempty"` Status OIDCProviderStatusCondition `json:"status,omitempty"`
// Message provides human-readable details about the Status. // Message provides human-readable details about the Status.
// +optional // +optional
@ -78,27 +78,25 @@ type OIDCProviderConfigStatus struct {
JWKSSecret corev1.LocalObjectReference `json:"jwksSecret,omitempty"` JWKSSecret corev1.LocalObjectReference `json:"jwksSecret,omitempty"`
} }
// OIDCProviderConfig describes the configuration of an OIDC provider. // OIDCProvider describes the configuration of an OIDC provider.
// +genclient // +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:resource:shortName=opc type OIDCProvider struct {
type OIDCProviderConfig struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"` metav1.ObjectMeta `json:"metadata,omitempty"`
// Spec of the OIDC provider. // Spec of the OIDC provider.
Spec OIDCProviderConfigSpec `json:"spec"` Spec OIDCProviderSpec `json:"spec"`
// Status of the OIDC provider. // Status of the OIDC provider.
Status OIDCProviderConfigStatus `json:"status,omitempty"` Status OIDCProviderStatus `json:"status,omitempty"`
} }
// List of OIDCProviderConfig objects. // List of OIDCProvider objects.
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type OIDCProviderList struct {
type OIDCProviderConfigList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"` metav1.ListMeta `json:"metadata,omitempty"`
Items []OIDCProviderConfig `json:"items"` Items []OIDCProvider `json:"items"`
} }

View File

@ -12,7 +12,7 @@ import (
) )
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *OIDCProviderConfig) DeepCopyInto(out *OIDCProviderConfig) { func (in *OIDCProvider) DeepCopyInto(out *OIDCProvider) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
@ -21,18 +21,18 @@ func (in *OIDCProviderConfig) DeepCopyInto(out *OIDCProviderConfig) {
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderConfig. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProvider.
func (in *OIDCProviderConfig) DeepCopy() *OIDCProviderConfig { func (in *OIDCProvider) DeepCopy() *OIDCProvider {
if in == nil { if in == nil {
return nil return nil
} }
out := new(OIDCProviderConfig) out := new(OIDCProvider)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *OIDCProviderConfig) DeepCopyObject() runtime.Object { func (in *OIDCProvider) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -40,13 +40,13 @@ func (in *OIDCProviderConfig) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *OIDCProviderConfigList) DeepCopyInto(out *OIDCProviderConfigList) { func (in *OIDCProviderList) DeepCopyInto(out *OIDCProviderList) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta) in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil { if in.Items != nil {
in, out := &in.Items, &out.Items in, out := &in.Items, &out.Items
*out = make([]OIDCProviderConfig, len(*in)) *out = make([]OIDCProvider, len(*in))
for i := range *in { for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i]) (*in)[i].DeepCopyInto(&(*out)[i])
} }
@ -54,18 +54,18 @@ func (in *OIDCProviderConfigList) DeepCopyInto(out *OIDCProviderConfigList) {
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderConfigList. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderList.
func (in *OIDCProviderConfigList) DeepCopy() *OIDCProviderConfigList { func (in *OIDCProviderList) DeepCopy() *OIDCProviderList {
if in == nil { if in == nil {
return nil return nil
} }
out := new(OIDCProviderConfigList) out := new(OIDCProviderList)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *OIDCProviderConfigList) DeepCopyObject() runtime.Object { func (in *OIDCProviderList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -73,23 +73,23 @@ func (in *OIDCProviderConfigList) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *OIDCProviderConfigSpec) DeepCopyInto(out *OIDCProviderConfigSpec) { func (in *OIDCProviderSpec) DeepCopyInto(out *OIDCProviderSpec) {
*out = *in *out = *in
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderConfigSpec. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderSpec.
func (in *OIDCProviderConfigSpec) DeepCopy() *OIDCProviderConfigSpec { func (in *OIDCProviderSpec) DeepCopy() *OIDCProviderSpec {
if in == nil { if in == nil {
return nil return nil
} }
out := new(OIDCProviderConfigSpec) out := new(OIDCProviderSpec)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *OIDCProviderConfigStatus) DeepCopyInto(out *OIDCProviderConfigStatus) { func (in *OIDCProviderStatus) DeepCopyInto(out *OIDCProviderStatus) {
*out = *in *out = *in
if in.LastUpdateTime != nil { if in.LastUpdateTime != nil {
in, out := &in.LastUpdateTime, &out.LastUpdateTime in, out := &in.LastUpdateTime, &out.LastUpdateTime
@ -99,12 +99,12 @@ func (in *OIDCProviderConfigStatus) DeepCopyInto(out *OIDCProviderConfigStatus)
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderConfigStatus. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderStatus.
func (in *OIDCProviderConfigStatus) DeepCopy() *OIDCProviderConfigStatus { func (in *OIDCProviderStatus) DeepCopy() *OIDCProviderStatus {
if in == nil { if in == nil {
return nil return nil
} }
out := new(OIDCProviderConfigStatus) out := new(OIDCProviderStatus)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }

View File

@ -13,7 +13,7 @@ import (
type ConfigV1alpha1Interface interface { type ConfigV1alpha1Interface interface {
RESTClient() rest.Interface RESTClient() rest.Interface
OIDCProviderConfigsGetter OIDCProvidersGetter
} }
// ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. // ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group.
@ -21,8 +21,8 @@ type ConfigV1alpha1Client struct {
restClient rest.Interface restClient rest.Interface
} }
func (c *ConfigV1alpha1Client) OIDCProviderConfigs(namespace string) OIDCProviderConfigInterface { func (c *ConfigV1alpha1Client) OIDCProviders(namespace string) OIDCProviderInterface {
return newOIDCProviderConfigs(c, namespace) return newOIDCProviders(c, namespace)
} }
// NewForConfig creates a new ConfigV1alpha1Client for the given config. // NewForConfig creates a new ConfigV1alpha1Client for the given config.

View File

@ -15,8 +15,8 @@ type FakeConfigV1alpha1 struct {
*testing.Fake *testing.Fake
} }
func (c *FakeConfigV1alpha1) OIDCProviderConfigs(namespace string) v1alpha1.OIDCProviderConfigInterface { func (c *FakeConfigV1alpha1) OIDCProviders(namespace string) v1alpha1.OIDCProviderInterface {
return &FakeOIDCProviderConfigs{c, namespace} return &FakeOIDCProviders{c, namespace}
} }
// RESTClient returns a RESTClient that is used to communicate // RESTClient returns a RESTClient that is used to communicate

View File

@ -0,0 +1,129 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeOIDCProviders implements OIDCProviderInterface
type FakeOIDCProviders struct {
Fake *FakeConfigV1alpha1
ns string
}
var oidcprovidersResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcproviders"}
var oidcprovidersKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCProvider"}
// Get takes name of the oIDCProvider, and returns the corresponding oIDCProvider object, and an error if there is any.
func (c *FakeOIDCProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCProvider, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(oidcprovidersResource, c.ns, name), &v1alpha1.OIDCProvider{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProvider), err
}
// List takes label and field selectors, and returns the list of OIDCProviders that match those selectors.
func (c *FakeOIDCProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCProviderList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(oidcprovidersResource, oidcprovidersKind, c.ns, opts), &v1alpha1.OIDCProviderList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.OIDCProviderList{ListMeta: obj.(*v1alpha1.OIDCProviderList).ListMeta}
for _, item := range obj.(*v1alpha1.OIDCProviderList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested oIDCProviders.
func (c *FakeOIDCProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(oidcprovidersResource, c.ns, opts))
}
// Create takes the representation of a oIDCProvider and creates it. Returns the server's representation of the oIDCProvider, and an error, if there is any.
func (c *FakeOIDCProviders) Create(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCProvider, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(oidcprovidersResource, c.ns, oIDCProvider), &v1alpha1.OIDCProvider{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProvider), err
}
// Update takes the representation of a oIDCProvider and updates it. Returns the server's representation of the oIDCProvider, and an error, if there is any.
func (c *FakeOIDCProviders) Update(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCProvider, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(oidcprovidersResource, c.ns, oIDCProvider), &v1alpha1.OIDCProvider{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProvider), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeOIDCProviders) UpdateStatus(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCProvider, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(oidcprovidersResource, "status", c.ns, oIDCProvider), &v1alpha1.OIDCProvider{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProvider), err
}
// Delete takes name of the oIDCProvider and deletes it. Returns an error if one occurs.
func (c *FakeOIDCProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(oidcprovidersResource, c.ns, name), &v1alpha1.OIDCProvider{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeOIDCProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(oidcprovidersResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.OIDCProviderList{})
return err
}
// Patch applies the patch and returns the patched oIDCProvider.
func (c *FakeOIDCProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCProvider, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(oidcprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCProvider{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProvider), err
}

View File

@ -1,129 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeOIDCProviderConfigs implements OIDCProviderConfigInterface
type FakeOIDCProviderConfigs struct {
Fake *FakeConfigV1alpha1
ns string
}
var oidcproviderconfigsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcproviderconfigs"}
var oidcproviderconfigsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCProviderConfig"}
// Get takes name of the oIDCProviderConfig, and returns the corresponding oIDCProviderConfig object, and an error if there is any.
func (c *FakeOIDCProviderConfigs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCProviderConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(oidcproviderconfigsResource, c.ns, name), &v1alpha1.OIDCProviderConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProviderConfig), err
}
// List takes label and field selectors, and returns the list of OIDCProviderConfigs that match those selectors.
func (c *FakeOIDCProviderConfigs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCProviderConfigList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(oidcproviderconfigsResource, oidcproviderconfigsKind, c.ns, opts), &v1alpha1.OIDCProviderConfigList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.OIDCProviderConfigList{ListMeta: obj.(*v1alpha1.OIDCProviderConfigList).ListMeta}
for _, item := range obj.(*v1alpha1.OIDCProviderConfigList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested oIDCProviderConfigs.
func (c *FakeOIDCProviderConfigs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(oidcproviderconfigsResource, c.ns, opts))
}
// Create takes the representation of a oIDCProviderConfig and creates it. Returns the server's representation of the oIDCProviderConfig, and an error, if there is any.
func (c *FakeOIDCProviderConfigs) Create(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.CreateOptions) (result *v1alpha1.OIDCProviderConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(oidcproviderconfigsResource, c.ns, oIDCProviderConfig), &v1alpha1.OIDCProviderConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProviderConfig), err
}
// Update takes the representation of a oIDCProviderConfig and updates it. Returns the server's representation of the oIDCProviderConfig, and an error, if there is any.
func (c *FakeOIDCProviderConfigs) Update(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.UpdateOptions) (result *v1alpha1.OIDCProviderConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(oidcproviderconfigsResource, c.ns, oIDCProviderConfig), &v1alpha1.OIDCProviderConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProviderConfig), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeOIDCProviderConfigs) UpdateStatus(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.UpdateOptions) (*v1alpha1.OIDCProviderConfig, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(oidcproviderconfigsResource, "status", c.ns, oIDCProviderConfig), &v1alpha1.OIDCProviderConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProviderConfig), err
}
// Delete takes name of the oIDCProviderConfig and deletes it. Returns an error if one occurs.
func (c *FakeOIDCProviderConfigs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(oidcproviderconfigsResource, c.ns, name), &v1alpha1.OIDCProviderConfig{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeOIDCProviderConfigs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(oidcproviderconfigsResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.OIDCProviderConfigList{})
return err
}
// Patch applies the patch and returns the patched oIDCProviderConfig.
func (c *FakeOIDCProviderConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCProviderConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(oidcproviderconfigsResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCProviderConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProviderConfig), err
}

View File

@ -5,4 +5,4 @@
package v1alpha1 package v1alpha1
type OIDCProviderConfigExpansion interface{} type OIDCProviderExpansion interface{}

View File

@ -0,0 +1,182 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.18/client/supervisor/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// OIDCProvidersGetter has a method to return a OIDCProviderInterface.
// A group's client should implement this interface.
type OIDCProvidersGetter interface {
OIDCProviders(namespace string) OIDCProviderInterface
}
// OIDCProviderInterface has methods to work with OIDCProvider resources.
type OIDCProviderInterface interface {
Create(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.CreateOptions) (*v1alpha1.OIDCProvider, error)
Update(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCProvider, error)
UpdateStatus(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCProvider, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCProvider, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCProviderList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCProvider, err error)
OIDCProviderExpansion
}
// oIDCProviders implements OIDCProviderInterface
type oIDCProviders struct {
client rest.Interface
ns string
}
// newOIDCProviders returns a OIDCProviders
func newOIDCProviders(c *ConfigV1alpha1Client, namespace string) *oIDCProviders {
return &oIDCProviders{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the oIDCProvider, and returns the corresponding oIDCProvider object, and an error if there is any.
func (c *oIDCProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCProvider, err error) {
result = &v1alpha1.OIDCProvider{}
err = c.client.Get().
Namespace(c.ns).
Resource("oidcproviders").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of OIDCProviders that match those selectors.
func (c *oIDCProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCProviderList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.OIDCProviderList{}
err = c.client.Get().
Namespace(c.ns).
Resource("oidcproviders").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested oIDCProviders.
func (c *oIDCProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("oidcproviders").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a oIDCProvider and creates it. Returns the server's representation of the oIDCProvider, and an error, if there is any.
func (c *oIDCProviders) Create(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCProvider, err error) {
result = &v1alpha1.OIDCProvider{}
err = c.client.Post().
Namespace(c.ns).
Resource("oidcproviders").
VersionedParams(&opts, scheme.ParameterCodec).
Body(oIDCProvider).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a oIDCProvider and updates it. Returns the server's representation of the oIDCProvider, and an error, if there is any.
func (c *oIDCProviders) Update(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCProvider, err error) {
result = &v1alpha1.OIDCProvider{}
err = c.client.Put().
Namespace(c.ns).
Resource("oidcproviders").
Name(oIDCProvider.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(oIDCProvider).
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *oIDCProviders) UpdateStatus(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCProvider, err error) {
result = &v1alpha1.OIDCProvider{}
err = c.client.Put().
Namespace(c.ns).
Resource("oidcproviders").
Name(oIDCProvider.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(oIDCProvider).
Do(ctx).
Into(result)
return
}
// Delete takes name of the oIDCProvider and deletes it. Returns an error if one occurs.
func (c *oIDCProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("oidcproviders").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *oIDCProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("oidcproviders").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched oIDCProvider.
func (c *oIDCProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCProvider, err error) {
result = &v1alpha1.OIDCProvider{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("oidcproviders").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

View File

@ -1,182 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.18/client/supervisor/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// OIDCProviderConfigsGetter has a method to return a OIDCProviderConfigInterface.
// A group's client should implement this interface.
type OIDCProviderConfigsGetter interface {
OIDCProviderConfigs(namespace string) OIDCProviderConfigInterface
}
// OIDCProviderConfigInterface has methods to work with OIDCProviderConfig resources.
type OIDCProviderConfigInterface interface {
Create(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.CreateOptions) (*v1alpha1.OIDCProviderConfig, error)
Update(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.UpdateOptions) (*v1alpha1.OIDCProviderConfig, error)
UpdateStatus(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.UpdateOptions) (*v1alpha1.OIDCProviderConfig, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCProviderConfig, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCProviderConfigList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCProviderConfig, err error)
OIDCProviderConfigExpansion
}
// oIDCProviderConfigs implements OIDCProviderConfigInterface
type oIDCProviderConfigs struct {
client rest.Interface
ns string
}
// newOIDCProviderConfigs returns a OIDCProviderConfigs
func newOIDCProviderConfigs(c *ConfigV1alpha1Client, namespace string) *oIDCProviderConfigs {
return &oIDCProviderConfigs{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the oIDCProviderConfig, and returns the corresponding oIDCProviderConfig object, and an error if there is any.
func (c *oIDCProviderConfigs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCProviderConfig, err error) {
result = &v1alpha1.OIDCProviderConfig{}
err = c.client.Get().
Namespace(c.ns).
Resource("oidcproviderconfigs").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of OIDCProviderConfigs that match those selectors.
func (c *oIDCProviderConfigs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCProviderConfigList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.OIDCProviderConfigList{}
err = c.client.Get().
Namespace(c.ns).
Resource("oidcproviderconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested oIDCProviderConfigs.
func (c *oIDCProviderConfigs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("oidcproviderconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a oIDCProviderConfig and creates it. Returns the server's representation of the oIDCProviderConfig, and an error, if there is any.
func (c *oIDCProviderConfigs) Create(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.CreateOptions) (result *v1alpha1.OIDCProviderConfig, err error) {
result = &v1alpha1.OIDCProviderConfig{}
err = c.client.Post().
Namespace(c.ns).
Resource("oidcproviderconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Body(oIDCProviderConfig).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a oIDCProviderConfig and updates it. Returns the server's representation of the oIDCProviderConfig, and an error, if there is any.
func (c *oIDCProviderConfigs) Update(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.UpdateOptions) (result *v1alpha1.OIDCProviderConfig, err error) {
result = &v1alpha1.OIDCProviderConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("oidcproviderconfigs").
Name(oIDCProviderConfig.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(oIDCProviderConfig).
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *oIDCProviderConfigs) UpdateStatus(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.UpdateOptions) (result *v1alpha1.OIDCProviderConfig, err error) {
result = &v1alpha1.OIDCProviderConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("oidcproviderconfigs").
Name(oIDCProviderConfig.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(oIDCProviderConfig).
Do(ctx).
Into(result)
return
}
// Delete takes name of the oIDCProviderConfig and deletes it. Returns an error if one occurs.
func (c *oIDCProviderConfigs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("oidcproviderconfigs").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *oIDCProviderConfigs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("oidcproviderconfigs").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched oIDCProviderConfig.
func (c *oIDCProviderConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCProviderConfig, err error) {
result = &v1alpha1.OIDCProviderConfig{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("oidcproviderconfigs").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

View File

@ -11,8 +11,8 @@ import (
// Interface provides access to all the informers in this group version. // Interface provides access to all the informers in this group version.
type Interface interface { type Interface interface {
// OIDCProviderConfigs returns a OIDCProviderConfigInformer. // OIDCProviders returns a OIDCProviderInformer.
OIDCProviderConfigs() OIDCProviderConfigInformer OIDCProviders() OIDCProviderInformer
} }
type version struct { type version struct {
@ -26,7 +26,7 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
} }
// OIDCProviderConfigs returns a OIDCProviderConfigInformer. // OIDCProviders returns a OIDCProviderInformer.
func (v *version) OIDCProviderConfigs() OIDCProviderConfigInformer { func (v *version) OIDCProviders() OIDCProviderInformer {
return &oIDCProviderConfigInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} return &oIDCProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
} }

View File

@ -0,0 +1,77 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.18/client/supervisor/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.18/client/supervisor/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.18/client/supervisor/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// OIDCProviderInformer provides access to a shared informer and lister for
// OIDCProviders.
type OIDCProviderInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.OIDCProviderLister
}
type oIDCProviderInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewOIDCProviderInformer constructs a new informer for OIDCProvider type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewOIDCProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredOIDCProviderInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredOIDCProviderInformer constructs a new informer for OIDCProvider type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredOIDCProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().OIDCProviders(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().OIDCProviders(namespace).Watch(context.TODO(), options)
},
},
&configv1alpha1.OIDCProvider{},
resyncPeriod,
indexers,
)
}
func (f *oIDCProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredOIDCProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *oIDCProviderInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.OIDCProvider{}, f.defaultInformer)
}
func (f *oIDCProviderInformer) Lister() v1alpha1.OIDCProviderLister {
return v1alpha1.NewOIDCProviderLister(f.Informer().GetIndexer())
}

View File

@ -1,77 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.18/client/supervisor/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.18/client/supervisor/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.18/client/supervisor/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// OIDCProviderConfigInformer provides access to a shared informer and lister for
// OIDCProviderConfigs.
type OIDCProviderConfigInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.OIDCProviderConfigLister
}
type oIDCProviderConfigInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewOIDCProviderConfigInformer constructs a new informer for OIDCProviderConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewOIDCProviderConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredOIDCProviderConfigInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredOIDCProviderConfigInformer constructs a new informer for OIDCProviderConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredOIDCProviderConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().OIDCProviderConfigs(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().OIDCProviderConfigs(namespace).Watch(context.TODO(), options)
},
},
&configv1alpha1.OIDCProviderConfig{},
resyncPeriod,
indexers,
)
}
func (f *oIDCProviderConfigInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredOIDCProviderConfigInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *oIDCProviderConfigInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.OIDCProviderConfig{}, f.defaultInformer)
}
func (f *oIDCProviderConfigInformer) Lister() v1alpha1.OIDCProviderConfigLister {
return v1alpha1.NewOIDCProviderConfigLister(f.Informer().GetIndexer())
}

View File

@ -40,8 +40,8 @@ func (f *genericInformer) Lister() cache.GenericLister {
func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) {
switch resource { switch resource {
// Group=config.supervisor.pinniped.dev, Version=v1alpha1 // Group=config.supervisor.pinniped.dev, Version=v1alpha1
case v1alpha1.SchemeGroupVersion.WithResource("oidcproviderconfigs"): case v1alpha1.SchemeGroupVersion.WithResource("oidcproviders"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCProviderConfigs().Informer()}, nil return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCProviders().Informer()}, nil
} }

View File

@ -5,10 +5,10 @@
package v1alpha1 package v1alpha1
// OIDCProviderConfigListerExpansion allows custom methods to be added to // OIDCProviderListerExpansion allows custom methods to be added to
// OIDCProviderConfigLister. // OIDCProviderLister.
type OIDCProviderConfigListerExpansion interface{} type OIDCProviderListerExpansion interface{}
// OIDCProviderConfigNamespaceListerExpansion allows custom methods to be added to // OIDCProviderNamespaceListerExpansion allows custom methods to be added to
// OIDCProviderConfigNamespaceLister. // OIDCProviderNamespaceLister.
type OIDCProviderConfigNamespaceListerExpansion interface{} type OIDCProviderNamespaceListerExpansion interface{}

View File

@ -0,0 +1,81 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// OIDCProviderLister helps list OIDCProviders.
type OIDCProviderLister interface {
// List lists all OIDCProviders in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.OIDCProvider, err error)
// OIDCProviders returns an object that can list and get OIDCProviders.
OIDCProviders(namespace string) OIDCProviderNamespaceLister
OIDCProviderListerExpansion
}
// oIDCProviderLister implements the OIDCProviderLister interface.
type oIDCProviderLister struct {
indexer cache.Indexer
}
// NewOIDCProviderLister returns a new OIDCProviderLister.
func NewOIDCProviderLister(indexer cache.Indexer) OIDCProviderLister {
return &oIDCProviderLister{indexer: indexer}
}
// List lists all OIDCProviders in the indexer.
func (s *oIDCProviderLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCProvider, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.OIDCProvider))
})
return ret, err
}
// OIDCProviders returns an object that can list and get OIDCProviders.
func (s *oIDCProviderLister) OIDCProviders(namespace string) OIDCProviderNamespaceLister {
return oIDCProviderNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// OIDCProviderNamespaceLister helps list and get OIDCProviders.
type OIDCProviderNamespaceLister interface {
// List lists all OIDCProviders in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.OIDCProvider, err error)
// Get retrieves the OIDCProvider from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.OIDCProvider, error)
OIDCProviderNamespaceListerExpansion
}
// oIDCProviderNamespaceLister implements the OIDCProviderNamespaceLister
// interface.
type oIDCProviderNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all OIDCProviders in the indexer for a given namespace.
func (s oIDCProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCProvider, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.OIDCProvider))
})
return ret, err
}
// Get retrieves the OIDCProvider from the indexer for a given namespace and name.
func (s oIDCProviderNamespaceLister) Get(name string) (*v1alpha1.OIDCProvider, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("oidcprovider"), name)
}
return obj.(*v1alpha1.OIDCProvider), nil
}

View File

@ -1,81 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// OIDCProviderConfigLister helps list OIDCProviderConfigs.
type OIDCProviderConfigLister interface {
// List lists all OIDCProviderConfigs in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.OIDCProviderConfig, err error)
// OIDCProviderConfigs returns an object that can list and get OIDCProviderConfigs.
OIDCProviderConfigs(namespace string) OIDCProviderConfigNamespaceLister
OIDCProviderConfigListerExpansion
}
// oIDCProviderConfigLister implements the OIDCProviderConfigLister interface.
type oIDCProviderConfigLister struct {
indexer cache.Indexer
}
// NewOIDCProviderConfigLister returns a new OIDCProviderConfigLister.
func NewOIDCProviderConfigLister(indexer cache.Indexer) OIDCProviderConfigLister {
return &oIDCProviderConfigLister{indexer: indexer}
}
// List lists all OIDCProviderConfigs in the indexer.
func (s *oIDCProviderConfigLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCProviderConfig, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.OIDCProviderConfig))
})
return ret, err
}
// OIDCProviderConfigs returns an object that can list and get OIDCProviderConfigs.
func (s *oIDCProviderConfigLister) OIDCProviderConfigs(namespace string) OIDCProviderConfigNamespaceLister {
return oIDCProviderConfigNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// OIDCProviderConfigNamespaceLister helps list and get OIDCProviderConfigs.
type OIDCProviderConfigNamespaceLister interface {
// List lists all OIDCProviderConfigs in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.OIDCProviderConfig, err error)
// Get retrieves the OIDCProviderConfig from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.OIDCProviderConfig, error)
OIDCProviderConfigNamespaceListerExpansion
}
// oIDCProviderConfigNamespaceLister implements the OIDCProviderConfigNamespaceLister
// interface.
type oIDCProviderConfigNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all OIDCProviderConfigs in the indexer for a given namespace.
func (s oIDCProviderConfigNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCProviderConfig, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.OIDCProviderConfig))
})
return ret, err
}
// Get retrieves the OIDCProviderConfig from the indexer for a given namespace and name.
func (s oIDCProviderConfigNamespaceLister) Get(name string) (*v1alpha1.OIDCProviderConfig, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("oidcproviderconfig"), name)
}
return obj.(*v1alpha1.OIDCProviderConfig), nil
}

View File

@ -17,10 +17,10 @@ import (
func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition {
return map[string]common.OpenAPIDefinition{ return map[string]common.OpenAPIDefinition{
"go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderConfig": schema_apis_supervisor_config_v1alpha1_OIDCProviderConfig(ref), "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProvider": schema_apis_supervisor_config_v1alpha1_OIDCProvider(ref),
"go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderConfigList": schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigList(ref), "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderList": schema_apis_supervisor_config_v1alpha1_OIDCProviderList(ref),
"go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderConfigSpec": schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigSpec(ref), "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderSpec": schema_apis_supervisor_config_v1alpha1_OIDCProviderSpec(ref),
"go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderConfigStatus": schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigStatus(ref), "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderStatus": schema_apis_supervisor_config_v1alpha1_OIDCProviderStatus(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref),
@ -75,11 +75,11 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
} }
} }
func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_supervisor_config_v1alpha1_OIDCProvider(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "OIDCProviderConfig describes the configuration of an OIDC provider.", Description: "OIDCProvider describes the configuration of an OIDC provider.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"kind": { "kind": {
@ -104,13 +104,13 @@ func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfig(ref common.Refere
"spec": { "spec": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "Spec of the OIDC provider.", Description: "Spec of the OIDC provider.",
Ref: ref("go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderConfigSpec"), Ref: ref("go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderSpec"),
}, },
}, },
"status": { "status": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "Status of the OIDC provider.", Description: "Status of the OIDC provider.",
Ref: ref("go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderConfigStatus"), Ref: ref("go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderStatus"),
}, },
}, },
}, },
@ -118,14 +118,15 @@ func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfig(ref common.Refere
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderConfigSpec", "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderConfigStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderSpec", "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
} }
} }
func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigList(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_supervisor_config_v1alpha1_OIDCProviderList(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "List of OIDCProvider objects.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"kind": { "kind": {
@ -153,7 +154,7 @@ func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigList(ref common.Re
Items: &spec.SchemaOrArray{ Items: &spec.SchemaOrArray{
Schema: &spec.Schema{ Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Ref: ref("go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderConfig"), Ref: ref("go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProvider"),
}, },
}, },
}, },
@ -164,15 +165,15 @@ func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigList(ref common.Re
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProviderConfig", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1.OIDCProvider", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
} }
} }
func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_supervisor_config_v1alpha1_OIDCProviderSpec(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "OIDCProviderConfigSpec is a struct that describes an OIDC Provider.", Description: "OIDCProviderSpec is a struct that describes an OIDC Provider.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"issuer": { "issuer": {
@ -196,11 +197,11 @@ func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigSpec(ref common.Re
} }
} }
func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_supervisor_config_v1alpha1_OIDCProviderStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "OIDCProviderConfigStatus is a struct that describes the actual state of an OIDC Provider.", Description: "OIDCProviderStatus is a struct that describes the actual state of an OIDC Provider.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"status": { "status": {

View File

@ -6,22 +6,20 @@ metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.4.0 controller-gen.kubebuilder.io/version: v0.4.0
creationTimestamp: null creationTimestamp: null
name: oidcproviderconfigs.config.supervisor.pinniped.dev name: oidcproviders.config.supervisor.pinniped.dev
spec: spec:
group: config.supervisor.pinniped.dev group: config.supervisor.pinniped.dev
names: names:
kind: OIDCProviderConfig kind: OIDCProvider
listKind: OIDCProviderConfigList listKind: OIDCProviderList
plural: oidcproviderconfigs plural: oidcproviders
shortNames: singular: oidcprovider
- opc
singular: oidcproviderconfig
scope: Namespaced scope: Namespaced
versions: versions:
- name: v1alpha1 - name: v1alpha1
schema: schema:
openAPIV3Schema: openAPIV3Schema:
description: OIDCProviderConfig describes the configuration of an OIDC provider. description: OIDCProvider describes the configuration of an OIDC provider.
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: 'APIVersion defines the versioned schema of this representation

View File

@ -217,14 +217,14 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuratio
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcproviderconfig"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcprovider"]
==== OIDCProviderConfig ==== OIDCProvider
OIDCProviderConfig describes the configuration of an OIDC provider. OIDCProvider describes the configuration of an OIDC provider.
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcproviderconfiglist[$$OIDCProviderConfigList$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcproviderlist[$$OIDCProviderList$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
@ -232,21 +232,21 @@ OIDCProviderConfig describes the configuration of an OIDC provider.
| Field | Description | Field | Description
| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. | *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`.
| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcproviderconfigspec[$$OIDCProviderConfigSpec$$]__ | Spec of the OIDC provider. | *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcproviderspec[$$OIDCProviderSpec$$]__ | Spec of the OIDC provider.
| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcproviderconfigstatus[$$OIDCProviderConfigStatus$$]__ | Status of the OIDC provider. | *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcproviderstatus[$$OIDCProviderStatus$$]__ | Status of the OIDC provider.
|=== |===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcproviderconfigspec"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcproviderspec"]
==== OIDCProviderConfigSpec ==== OIDCProviderSpec
OIDCProviderConfigSpec is a struct that describes an OIDC Provider. OIDCProviderSpec is a struct that describes an OIDC Provider.
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcproviderconfig[$$OIDCProviderConfig$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcprovider[$$OIDCProvider$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
@ -262,20 +262,20 @@ OIDCProviderConfigSpec is a struct that describes an OIDC Provider.
|=== |===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcproviderconfigstatus"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcproviderstatus"]
==== OIDCProviderConfigStatus ==== OIDCProviderStatus
OIDCProviderConfigStatus is a struct that describes the actual state of an OIDC Provider. OIDCProviderStatus is a struct that describes the actual state of an OIDC Provider.
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcproviderconfig[$$OIDCProviderConfig$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcprovider[$$OIDCProvider$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
|=== |===
| Field | Description | Field | Description
| *`status`* __OIDCProviderStatus__ | Status holds an enum that describes the state of this OIDC Provider. Note that this Status can represent success or failure. | *`status`* __OIDCProviderStatusCondition__ | Status holds an enum that describes the state of this OIDC Provider. Note that this Status can represent success or failure.
| *`message`* __string__ | Message provides human-readable details about the Status. | *`message`* __string__ | Message provides human-readable details about the Status.
| *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#time-v1-meta[$$Time$$]__ | LastUpdateTime holds the time at which the Status was last updated. It is a pointer to get around some undesirable behavior with respect to the empty metav1.Time value (see https://github.com/kubernetes/kubernetes/issues/86811). | *`lastUpdateTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#time-v1-meta[$$Time$$]__ | LastUpdateTime holds the time at which the Status was last updated. It is a pointer to get around some undesirable behavior with respect to the empty metav1.Time value (see https://github.com/kubernetes/kubernetes/issues/86811).
| *`jwksSecret`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKSSecret holds the name of the secret in which this OIDC Provider's signing/verification keys are stored. If it is empty, then the signing/verification keys are either unknown or they don't exist. | *`jwksSecret`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#localobjectreference-v1-core[$$LocalObjectReference$$]__ | JWKSSecret holds the name of the secret in which this OIDC Provider's signing/verification keys are stored. If it is empty, then the signing/verification keys are either unknown or they don't exist.

View File

@ -30,8 +30,8 @@ func init() {
// Adds the list of known types to the given scheme. // Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error { func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion, scheme.AddKnownTypes(SchemeGroupVersion,
&OIDCProviderConfig{}, &OIDCProvider{},
&OIDCProviderConfigList{}, &OIDCProviderList{},
) )
metav1.AddToGroupVersion(scheme, SchemeGroupVersion) metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil return nil

View File

@ -9,17 +9,17 @@ import (
) )
// +kubebuilder:validation:Enum=Success;Duplicate;Invalid // +kubebuilder:validation:Enum=Success;Duplicate;Invalid
type OIDCProviderStatus string type OIDCProviderStatusCondition string
const ( const (
SuccessOIDCProviderStatus = OIDCProviderStatus("Success") SuccessOIDCProviderStatusCondition = OIDCProviderStatusCondition("Success")
DuplicateOIDCProviderStatus = OIDCProviderStatus("Duplicate") DuplicateOIDCProviderStatusCondition = OIDCProviderStatusCondition("Duplicate")
SameIssuerHostMustUseSameSecretOIDCProviderStatus = OIDCProviderStatus("SameIssuerHostMustUseSameSecret") SameIssuerHostMustUseSameSecretOIDCProviderStatusCondition = OIDCProviderStatusCondition("SameIssuerHostMustUseSameSecret")
InvalidOIDCProviderStatus = OIDCProviderStatus("Invalid") InvalidOIDCProviderStatusCondition = OIDCProviderStatusCondition("Invalid")
) )
// OIDCProviderConfigSpec is a struct that describes an OIDC Provider. // OIDCProviderSpec is a struct that describes an OIDC Provider.
type OIDCProviderConfigSpec struct { type OIDCProviderSpec struct {
// Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the // Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the
// identifier that it will use for the iss claim in issued JWTs. This field will also be used as // identifier that it will use for the iss claim in issued JWTs. This field will also be used as
// the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is // the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is
@ -54,12 +54,12 @@ type OIDCProviderConfigSpec struct {
SNICertificateSecretName string `json:"sniCertificateSecretName,omitempty"` SNICertificateSecretName string `json:"sniCertificateSecretName,omitempty"`
} }
// OIDCProviderConfigStatus is a struct that describes the actual state of an OIDC Provider. // OIDCProviderStatus is a struct that describes the actual state of an OIDC Provider.
type OIDCProviderConfigStatus struct { type OIDCProviderStatus struct {
// Status holds an enum that describes the state of this OIDC Provider. Note that this Status can // Status holds an enum that describes the state of this OIDC Provider. Note that this Status can
// represent success or failure. // represent success or failure.
// +optional // +optional
Status OIDCProviderStatus `json:"status,omitempty"` Status OIDCProviderStatusCondition `json:"status,omitempty"`
// Message provides human-readable details about the Status. // Message provides human-readable details about the Status.
// +optional // +optional
@ -78,27 +78,25 @@ type OIDCProviderConfigStatus struct {
JWKSSecret corev1.LocalObjectReference `json:"jwksSecret,omitempty"` JWKSSecret corev1.LocalObjectReference `json:"jwksSecret,omitempty"`
} }
// OIDCProviderConfig describes the configuration of an OIDC provider. // OIDCProvider describes the configuration of an OIDC provider.
// +genclient // +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:resource:shortName=opc type OIDCProvider struct {
type OIDCProviderConfig struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"` metav1.ObjectMeta `json:"metadata,omitempty"`
// Spec of the OIDC provider. // Spec of the OIDC provider.
Spec OIDCProviderConfigSpec `json:"spec"` Spec OIDCProviderSpec `json:"spec"`
// Status of the OIDC provider. // Status of the OIDC provider.
Status OIDCProviderConfigStatus `json:"status,omitempty"` Status OIDCProviderStatus `json:"status,omitempty"`
} }
// List of OIDCProviderConfig objects. // List of OIDCProvider objects.
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type OIDCProviderList struct {
type OIDCProviderConfigList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"` metav1.ListMeta `json:"metadata,omitempty"`
Items []OIDCProviderConfig `json:"items"` Items []OIDCProvider `json:"items"`
} }

View File

@ -12,7 +12,7 @@ import (
) )
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *OIDCProviderConfig) DeepCopyInto(out *OIDCProviderConfig) { func (in *OIDCProvider) DeepCopyInto(out *OIDCProvider) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
@ -21,18 +21,18 @@ func (in *OIDCProviderConfig) DeepCopyInto(out *OIDCProviderConfig) {
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderConfig. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProvider.
func (in *OIDCProviderConfig) DeepCopy() *OIDCProviderConfig { func (in *OIDCProvider) DeepCopy() *OIDCProvider {
if in == nil { if in == nil {
return nil return nil
} }
out := new(OIDCProviderConfig) out := new(OIDCProvider)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *OIDCProviderConfig) DeepCopyObject() runtime.Object { func (in *OIDCProvider) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -40,13 +40,13 @@ func (in *OIDCProviderConfig) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *OIDCProviderConfigList) DeepCopyInto(out *OIDCProviderConfigList) { func (in *OIDCProviderList) DeepCopyInto(out *OIDCProviderList) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta) in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil { if in.Items != nil {
in, out := &in.Items, &out.Items in, out := &in.Items, &out.Items
*out = make([]OIDCProviderConfig, len(*in)) *out = make([]OIDCProvider, len(*in))
for i := range *in { for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i]) (*in)[i].DeepCopyInto(&(*out)[i])
} }
@ -54,18 +54,18 @@ func (in *OIDCProviderConfigList) DeepCopyInto(out *OIDCProviderConfigList) {
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderConfigList. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderList.
func (in *OIDCProviderConfigList) DeepCopy() *OIDCProviderConfigList { func (in *OIDCProviderList) DeepCopy() *OIDCProviderList {
if in == nil { if in == nil {
return nil return nil
} }
out := new(OIDCProviderConfigList) out := new(OIDCProviderList)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *OIDCProviderConfigList) DeepCopyObject() runtime.Object { func (in *OIDCProviderList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -73,23 +73,23 @@ func (in *OIDCProviderConfigList) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *OIDCProviderConfigSpec) DeepCopyInto(out *OIDCProviderConfigSpec) { func (in *OIDCProviderSpec) DeepCopyInto(out *OIDCProviderSpec) {
*out = *in *out = *in
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderConfigSpec. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderSpec.
func (in *OIDCProviderConfigSpec) DeepCopy() *OIDCProviderConfigSpec { func (in *OIDCProviderSpec) DeepCopy() *OIDCProviderSpec {
if in == nil { if in == nil {
return nil return nil
} }
out := new(OIDCProviderConfigSpec) out := new(OIDCProviderSpec)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *OIDCProviderConfigStatus) DeepCopyInto(out *OIDCProviderConfigStatus) { func (in *OIDCProviderStatus) DeepCopyInto(out *OIDCProviderStatus) {
*out = *in *out = *in
if in.LastUpdateTime != nil { if in.LastUpdateTime != nil {
in, out := &in.LastUpdateTime, &out.LastUpdateTime in, out := &in.LastUpdateTime, &out.LastUpdateTime
@ -99,12 +99,12 @@ func (in *OIDCProviderConfigStatus) DeepCopyInto(out *OIDCProviderConfigStatus)
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderConfigStatus. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderStatus.
func (in *OIDCProviderConfigStatus) DeepCopy() *OIDCProviderConfigStatus { func (in *OIDCProviderStatus) DeepCopy() *OIDCProviderStatus {
if in == nil { if in == nil {
return nil return nil
} }
out := new(OIDCProviderConfigStatus) out := new(OIDCProviderStatus)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }

View File

@ -13,7 +13,7 @@ import (
type ConfigV1alpha1Interface interface { type ConfigV1alpha1Interface interface {
RESTClient() rest.Interface RESTClient() rest.Interface
OIDCProviderConfigsGetter OIDCProvidersGetter
} }
// ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. // ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group.
@ -21,8 +21,8 @@ type ConfigV1alpha1Client struct {
restClient rest.Interface restClient rest.Interface
} }
func (c *ConfigV1alpha1Client) OIDCProviderConfigs(namespace string) OIDCProviderConfigInterface { func (c *ConfigV1alpha1Client) OIDCProviders(namespace string) OIDCProviderInterface {
return newOIDCProviderConfigs(c, namespace) return newOIDCProviders(c, namespace)
} }
// NewForConfig creates a new ConfigV1alpha1Client for the given config. // NewForConfig creates a new ConfigV1alpha1Client for the given config.

View File

@ -15,8 +15,8 @@ type FakeConfigV1alpha1 struct {
*testing.Fake *testing.Fake
} }
func (c *FakeConfigV1alpha1) OIDCProviderConfigs(namespace string) v1alpha1.OIDCProviderConfigInterface { func (c *FakeConfigV1alpha1) OIDCProviders(namespace string) v1alpha1.OIDCProviderInterface {
return &FakeOIDCProviderConfigs{c, namespace} return &FakeOIDCProviders{c, namespace}
} }
// RESTClient returns a RESTClient that is used to communicate // RESTClient returns a RESTClient that is used to communicate

View File

@ -0,0 +1,129 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeOIDCProviders implements OIDCProviderInterface
type FakeOIDCProviders struct {
Fake *FakeConfigV1alpha1
ns string
}
var oidcprovidersResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcproviders"}
var oidcprovidersKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCProvider"}
// Get takes name of the oIDCProvider, and returns the corresponding oIDCProvider object, and an error if there is any.
func (c *FakeOIDCProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCProvider, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(oidcprovidersResource, c.ns, name), &v1alpha1.OIDCProvider{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProvider), err
}
// List takes label and field selectors, and returns the list of OIDCProviders that match those selectors.
func (c *FakeOIDCProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCProviderList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(oidcprovidersResource, oidcprovidersKind, c.ns, opts), &v1alpha1.OIDCProviderList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.OIDCProviderList{ListMeta: obj.(*v1alpha1.OIDCProviderList).ListMeta}
for _, item := range obj.(*v1alpha1.OIDCProviderList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested oIDCProviders.
func (c *FakeOIDCProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(oidcprovidersResource, c.ns, opts))
}
// Create takes the representation of a oIDCProvider and creates it. Returns the server's representation of the oIDCProvider, and an error, if there is any.
func (c *FakeOIDCProviders) Create(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCProvider, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(oidcprovidersResource, c.ns, oIDCProvider), &v1alpha1.OIDCProvider{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProvider), err
}
// Update takes the representation of a oIDCProvider and updates it. Returns the server's representation of the oIDCProvider, and an error, if there is any.
func (c *FakeOIDCProviders) Update(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCProvider, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(oidcprovidersResource, c.ns, oIDCProvider), &v1alpha1.OIDCProvider{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProvider), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeOIDCProviders) UpdateStatus(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCProvider, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(oidcprovidersResource, "status", c.ns, oIDCProvider), &v1alpha1.OIDCProvider{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProvider), err
}
// Delete takes name of the oIDCProvider and deletes it. Returns an error if one occurs.
func (c *FakeOIDCProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(oidcprovidersResource, c.ns, name), &v1alpha1.OIDCProvider{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeOIDCProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(oidcprovidersResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.OIDCProviderList{})
return err
}
// Patch applies the patch and returns the patched oIDCProvider.
func (c *FakeOIDCProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCProvider, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(oidcprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCProvider{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProvider), err
}

View File

@ -1,129 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeOIDCProviderConfigs implements OIDCProviderConfigInterface
type FakeOIDCProviderConfigs struct {
Fake *FakeConfigV1alpha1
ns string
}
var oidcproviderconfigsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcproviderconfigs"}
var oidcproviderconfigsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCProviderConfig"}
// Get takes name of the oIDCProviderConfig, and returns the corresponding oIDCProviderConfig object, and an error if there is any.
func (c *FakeOIDCProviderConfigs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCProviderConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(oidcproviderconfigsResource, c.ns, name), &v1alpha1.OIDCProviderConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProviderConfig), err
}
// List takes label and field selectors, and returns the list of OIDCProviderConfigs that match those selectors.
func (c *FakeOIDCProviderConfigs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCProviderConfigList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(oidcproviderconfigsResource, oidcproviderconfigsKind, c.ns, opts), &v1alpha1.OIDCProviderConfigList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.OIDCProviderConfigList{ListMeta: obj.(*v1alpha1.OIDCProviderConfigList).ListMeta}
for _, item := range obj.(*v1alpha1.OIDCProviderConfigList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested oIDCProviderConfigs.
func (c *FakeOIDCProviderConfigs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(oidcproviderconfigsResource, c.ns, opts))
}
// Create takes the representation of a oIDCProviderConfig and creates it. Returns the server's representation of the oIDCProviderConfig, and an error, if there is any.
func (c *FakeOIDCProviderConfigs) Create(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.CreateOptions) (result *v1alpha1.OIDCProviderConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(oidcproviderconfigsResource, c.ns, oIDCProviderConfig), &v1alpha1.OIDCProviderConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProviderConfig), err
}
// Update takes the representation of a oIDCProviderConfig and updates it. Returns the server's representation of the oIDCProviderConfig, and an error, if there is any.
func (c *FakeOIDCProviderConfigs) Update(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.UpdateOptions) (result *v1alpha1.OIDCProviderConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(oidcproviderconfigsResource, c.ns, oIDCProviderConfig), &v1alpha1.OIDCProviderConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProviderConfig), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeOIDCProviderConfigs) UpdateStatus(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.UpdateOptions) (*v1alpha1.OIDCProviderConfig, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(oidcproviderconfigsResource, "status", c.ns, oIDCProviderConfig), &v1alpha1.OIDCProviderConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProviderConfig), err
}
// Delete takes name of the oIDCProviderConfig and deletes it. Returns an error if one occurs.
func (c *FakeOIDCProviderConfigs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(oidcproviderconfigsResource, c.ns, name), &v1alpha1.OIDCProviderConfig{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeOIDCProviderConfigs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(oidcproviderconfigsResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.OIDCProviderConfigList{})
return err
}
// Patch applies the patch and returns the patched oIDCProviderConfig.
func (c *FakeOIDCProviderConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCProviderConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(oidcproviderconfigsResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCProviderConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.OIDCProviderConfig), err
}

View File

@ -5,4 +5,4 @@
package v1alpha1 package v1alpha1
type OIDCProviderConfigExpansion interface{} type OIDCProviderExpansion interface{}

View File

@ -0,0 +1,182 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.19/client/supervisor/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// OIDCProvidersGetter has a method to return a OIDCProviderInterface.
// A group's client should implement this interface.
type OIDCProvidersGetter interface {
OIDCProviders(namespace string) OIDCProviderInterface
}
// OIDCProviderInterface has methods to work with OIDCProvider resources.
type OIDCProviderInterface interface {
Create(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.CreateOptions) (*v1alpha1.OIDCProvider, error)
Update(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCProvider, error)
UpdateStatus(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.UpdateOptions) (*v1alpha1.OIDCProvider, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCProvider, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCProviderList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCProvider, err error)
OIDCProviderExpansion
}
// oIDCProviders implements OIDCProviderInterface
type oIDCProviders struct {
client rest.Interface
ns string
}
// newOIDCProviders returns a OIDCProviders
func newOIDCProviders(c *ConfigV1alpha1Client, namespace string) *oIDCProviders {
return &oIDCProviders{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the oIDCProvider, and returns the corresponding oIDCProvider object, and an error if there is any.
func (c *oIDCProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCProvider, err error) {
result = &v1alpha1.OIDCProvider{}
err = c.client.Get().
Namespace(c.ns).
Resource("oidcproviders").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of OIDCProviders that match those selectors.
func (c *oIDCProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCProviderList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.OIDCProviderList{}
err = c.client.Get().
Namespace(c.ns).
Resource("oidcproviders").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested oIDCProviders.
func (c *oIDCProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("oidcproviders").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a oIDCProvider and creates it. Returns the server's representation of the oIDCProvider, and an error, if there is any.
func (c *oIDCProviders) Create(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.CreateOptions) (result *v1alpha1.OIDCProvider, err error) {
result = &v1alpha1.OIDCProvider{}
err = c.client.Post().
Namespace(c.ns).
Resource("oidcproviders").
VersionedParams(&opts, scheme.ParameterCodec).
Body(oIDCProvider).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a oIDCProvider and updates it. Returns the server's representation of the oIDCProvider, and an error, if there is any.
func (c *oIDCProviders) Update(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCProvider, err error) {
result = &v1alpha1.OIDCProvider{}
err = c.client.Put().
Namespace(c.ns).
Resource("oidcproviders").
Name(oIDCProvider.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(oIDCProvider).
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *oIDCProviders) UpdateStatus(ctx context.Context, oIDCProvider *v1alpha1.OIDCProvider, opts v1.UpdateOptions) (result *v1alpha1.OIDCProvider, err error) {
result = &v1alpha1.OIDCProvider{}
err = c.client.Put().
Namespace(c.ns).
Resource("oidcproviders").
Name(oIDCProvider.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(oIDCProvider).
Do(ctx).
Into(result)
return
}
// Delete takes name of the oIDCProvider and deletes it. Returns an error if one occurs.
func (c *oIDCProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("oidcproviders").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *oIDCProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("oidcproviders").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched oIDCProvider.
func (c *oIDCProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCProvider, err error) {
result = &v1alpha1.OIDCProvider{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("oidcproviders").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

View File

@ -1,182 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.19/client/supervisor/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// OIDCProviderConfigsGetter has a method to return a OIDCProviderConfigInterface.
// A group's client should implement this interface.
type OIDCProviderConfigsGetter interface {
OIDCProviderConfigs(namespace string) OIDCProviderConfigInterface
}
// OIDCProviderConfigInterface has methods to work with OIDCProviderConfig resources.
type OIDCProviderConfigInterface interface {
Create(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.CreateOptions) (*v1alpha1.OIDCProviderConfig, error)
Update(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.UpdateOptions) (*v1alpha1.OIDCProviderConfig, error)
UpdateStatus(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.UpdateOptions) (*v1alpha1.OIDCProviderConfig, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.OIDCProviderConfig, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.OIDCProviderConfigList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCProviderConfig, err error)
OIDCProviderConfigExpansion
}
// oIDCProviderConfigs implements OIDCProviderConfigInterface
type oIDCProviderConfigs struct {
client rest.Interface
ns string
}
// newOIDCProviderConfigs returns a OIDCProviderConfigs
func newOIDCProviderConfigs(c *ConfigV1alpha1Client, namespace string) *oIDCProviderConfigs {
return &oIDCProviderConfigs{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the oIDCProviderConfig, and returns the corresponding oIDCProviderConfig object, and an error if there is any.
func (c *oIDCProviderConfigs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCProviderConfig, err error) {
result = &v1alpha1.OIDCProviderConfig{}
err = c.client.Get().
Namespace(c.ns).
Resource("oidcproviderconfigs").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of OIDCProviderConfigs that match those selectors.
func (c *oIDCProviderConfigs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCProviderConfigList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.OIDCProviderConfigList{}
err = c.client.Get().
Namespace(c.ns).
Resource("oidcproviderconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested oIDCProviderConfigs.
func (c *oIDCProviderConfigs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("oidcproviderconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a oIDCProviderConfig and creates it. Returns the server's representation of the oIDCProviderConfig, and an error, if there is any.
func (c *oIDCProviderConfigs) Create(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.CreateOptions) (result *v1alpha1.OIDCProviderConfig, err error) {
result = &v1alpha1.OIDCProviderConfig{}
err = c.client.Post().
Namespace(c.ns).
Resource("oidcproviderconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Body(oIDCProviderConfig).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a oIDCProviderConfig and updates it. Returns the server's representation of the oIDCProviderConfig, and an error, if there is any.
func (c *oIDCProviderConfigs) Update(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.UpdateOptions) (result *v1alpha1.OIDCProviderConfig, err error) {
result = &v1alpha1.OIDCProviderConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("oidcproviderconfigs").
Name(oIDCProviderConfig.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(oIDCProviderConfig).
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *oIDCProviderConfigs) UpdateStatus(ctx context.Context, oIDCProviderConfig *v1alpha1.OIDCProviderConfig, opts v1.UpdateOptions) (result *v1alpha1.OIDCProviderConfig, err error) {
result = &v1alpha1.OIDCProviderConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("oidcproviderconfigs").
Name(oIDCProviderConfig.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(oIDCProviderConfig).
Do(ctx).
Into(result)
return
}
// Delete takes name of the oIDCProviderConfig and deletes it. Returns an error if one occurs.
func (c *oIDCProviderConfigs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("oidcproviderconfigs").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *oIDCProviderConfigs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("oidcproviderconfigs").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched oIDCProviderConfig.
func (c *oIDCProviderConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCProviderConfig, err error) {
result = &v1alpha1.OIDCProviderConfig{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("oidcproviderconfigs").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

View File

@ -11,8 +11,8 @@ import (
// Interface provides access to all the informers in this group version. // Interface provides access to all the informers in this group version.
type Interface interface { type Interface interface {
// OIDCProviderConfigs returns a OIDCProviderConfigInformer. // OIDCProviders returns a OIDCProviderInformer.
OIDCProviderConfigs() OIDCProviderConfigInformer OIDCProviders() OIDCProviderInformer
} }
type version struct { type version struct {
@ -26,7 +26,7 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
} }
// OIDCProviderConfigs returns a OIDCProviderConfigInformer. // OIDCProviders returns a OIDCProviderInformer.
func (v *version) OIDCProviderConfigs() OIDCProviderConfigInformer { func (v *version) OIDCProviders() OIDCProviderInformer {
return &oIDCProviderConfigInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} return &oIDCProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
} }

View File

@ -0,0 +1,77 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.19/client/supervisor/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.19/client/supervisor/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.19/client/supervisor/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// OIDCProviderInformer provides access to a shared informer and lister for
// OIDCProviders.
type OIDCProviderInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.OIDCProviderLister
}
type oIDCProviderInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewOIDCProviderInformer constructs a new informer for OIDCProvider type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewOIDCProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredOIDCProviderInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredOIDCProviderInformer constructs a new informer for OIDCProvider type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredOIDCProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().OIDCProviders(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().OIDCProviders(namespace).Watch(context.TODO(), options)
},
},
&configv1alpha1.OIDCProvider{},
resyncPeriod,
indexers,
)
}
func (f *oIDCProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredOIDCProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *oIDCProviderInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.OIDCProvider{}, f.defaultInformer)
}
func (f *oIDCProviderInformer) Lister() v1alpha1.OIDCProviderLister {
return v1alpha1.NewOIDCProviderLister(f.Informer().GetIndexer())
}

View File

@ -1,77 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.19/client/supervisor/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.19/client/supervisor/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.19/client/supervisor/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// OIDCProviderConfigInformer provides access to a shared informer and lister for
// OIDCProviderConfigs.
type OIDCProviderConfigInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.OIDCProviderConfigLister
}
type oIDCProviderConfigInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewOIDCProviderConfigInformer constructs a new informer for OIDCProviderConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewOIDCProviderConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredOIDCProviderConfigInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredOIDCProviderConfigInformer constructs a new informer for OIDCProviderConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredOIDCProviderConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().OIDCProviderConfigs(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().OIDCProviderConfigs(namespace).Watch(context.TODO(), options)
},
},
&configv1alpha1.OIDCProviderConfig{},
resyncPeriod,
indexers,
)
}
func (f *oIDCProviderConfigInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredOIDCProviderConfigInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *oIDCProviderConfigInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.OIDCProviderConfig{}, f.defaultInformer)
}
func (f *oIDCProviderConfigInformer) Lister() v1alpha1.OIDCProviderConfigLister {
return v1alpha1.NewOIDCProviderConfigLister(f.Informer().GetIndexer())
}

View File

@ -40,8 +40,8 @@ func (f *genericInformer) Lister() cache.GenericLister {
func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) {
switch resource { switch resource {
// Group=config.supervisor.pinniped.dev, Version=v1alpha1 // Group=config.supervisor.pinniped.dev, Version=v1alpha1
case v1alpha1.SchemeGroupVersion.WithResource("oidcproviderconfigs"): case v1alpha1.SchemeGroupVersion.WithResource("oidcproviders"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCProviderConfigs().Informer()}, nil return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCProviders().Informer()}, nil
} }

View File

@ -5,10 +5,10 @@
package v1alpha1 package v1alpha1
// OIDCProviderConfigListerExpansion allows custom methods to be added to // OIDCProviderListerExpansion allows custom methods to be added to
// OIDCProviderConfigLister. // OIDCProviderLister.
type OIDCProviderConfigListerExpansion interface{} type OIDCProviderListerExpansion interface{}
// OIDCProviderConfigNamespaceListerExpansion allows custom methods to be added to // OIDCProviderNamespaceListerExpansion allows custom methods to be added to
// OIDCProviderConfigNamespaceLister. // OIDCProviderNamespaceLister.
type OIDCProviderConfigNamespaceListerExpansion interface{} type OIDCProviderNamespaceListerExpansion interface{}

View File

@ -0,0 +1,86 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// OIDCProviderLister helps list OIDCProviders.
// All objects returned here must be treated as read-only.
type OIDCProviderLister interface {
// List lists all OIDCProviders in the indexer.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v1alpha1.OIDCProvider, err error)
// OIDCProviders returns an object that can list and get OIDCProviders.
OIDCProviders(namespace string) OIDCProviderNamespaceLister
OIDCProviderListerExpansion
}
// oIDCProviderLister implements the OIDCProviderLister interface.
type oIDCProviderLister struct {
indexer cache.Indexer
}
// NewOIDCProviderLister returns a new OIDCProviderLister.
func NewOIDCProviderLister(indexer cache.Indexer) OIDCProviderLister {
return &oIDCProviderLister{indexer: indexer}
}
// List lists all OIDCProviders in the indexer.
func (s *oIDCProviderLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCProvider, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.OIDCProvider))
})
return ret, err
}
// OIDCProviders returns an object that can list and get OIDCProviders.
func (s *oIDCProviderLister) OIDCProviders(namespace string) OIDCProviderNamespaceLister {
return oIDCProviderNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// OIDCProviderNamespaceLister helps list and get OIDCProviders.
// All objects returned here must be treated as read-only.
type OIDCProviderNamespaceLister interface {
// List lists all OIDCProviders in the indexer for a given namespace.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v1alpha1.OIDCProvider, err error)
// Get retrieves the OIDCProvider from the indexer for a given namespace and name.
// Objects returned here must be treated as read-only.
Get(name string) (*v1alpha1.OIDCProvider, error)
OIDCProviderNamespaceListerExpansion
}
// oIDCProviderNamespaceLister implements the OIDCProviderNamespaceLister
// interface.
type oIDCProviderNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all OIDCProviders in the indexer for a given namespace.
func (s oIDCProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCProvider, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.OIDCProvider))
})
return ret, err
}
// Get retrieves the OIDCProvider from the indexer for a given namespace and name.
func (s oIDCProviderNamespaceLister) Get(name string) (*v1alpha1.OIDCProvider, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("oidcprovider"), name)
}
return obj.(*v1alpha1.OIDCProvider), nil
}

View File

@ -1,86 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// OIDCProviderConfigLister helps list OIDCProviderConfigs.
// All objects returned here must be treated as read-only.
type OIDCProviderConfigLister interface {
// List lists all OIDCProviderConfigs in the indexer.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v1alpha1.OIDCProviderConfig, err error)
// OIDCProviderConfigs returns an object that can list and get OIDCProviderConfigs.
OIDCProviderConfigs(namespace string) OIDCProviderConfigNamespaceLister
OIDCProviderConfigListerExpansion
}
// oIDCProviderConfigLister implements the OIDCProviderConfigLister interface.
type oIDCProviderConfigLister struct {
indexer cache.Indexer
}
// NewOIDCProviderConfigLister returns a new OIDCProviderConfigLister.
func NewOIDCProviderConfigLister(indexer cache.Indexer) OIDCProviderConfigLister {
return &oIDCProviderConfigLister{indexer: indexer}
}
// List lists all OIDCProviderConfigs in the indexer.
func (s *oIDCProviderConfigLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCProviderConfig, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.OIDCProviderConfig))
})
return ret, err
}
// OIDCProviderConfigs returns an object that can list and get OIDCProviderConfigs.
func (s *oIDCProviderConfigLister) OIDCProviderConfigs(namespace string) OIDCProviderConfigNamespaceLister {
return oIDCProviderConfigNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// OIDCProviderConfigNamespaceLister helps list and get OIDCProviderConfigs.
// All objects returned here must be treated as read-only.
type OIDCProviderConfigNamespaceLister interface {
// List lists all OIDCProviderConfigs in the indexer for a given namespace.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v1alpha1.OIDCProviderConfig, err error)
// Get retrieves the OIDCProviderConfig from the indexer for a given namespace and name.
// Objects returned here must be treated as read-only.
Get(name string) (*v1alpha1.OIDCProviderConfig, error)
OIDCProviderConfigNamespaceListerExpansion
}
// oIDCProviderConfigNamespaceLister implements the OIDCProviderConfigNamespaceLister
// interface.
type oIDCProviderConfigNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all OIDCProviderConfigs in the indexer for a given namespace.
func (s oIDCProviderConfigNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCProviderConfig, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.OIDCProviderConfig))
})
return ret, err
}
// Get retrieves the OIDCProviderConfig from the indexer for a given namespace and name.
func (s oIDCProviderConfigNamespaceLister) Get(name string) (*v1alpha1.OIDCProviderConfig, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("oidcproviderconfig"), name)
}
return obj.(*v1alpha1.OIDCProviderConfig), nil
}

View File

@ -17,10 +17,10 @@ import (
func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition {
return map[string]common.OpenAPIDefinition{ return map[string]common.OpenAPIDefinition{
"go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderConfig": schema_apis_supervisor_config_v1alpha1_OIDCProviderConfig(ref), "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProvider": schema_apis_supervisor_config_v1alpha1_OIDCProvider(ref),
"go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderConfigList": schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigList(ref), "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderList": schema_apis_supervisor_config_v1alpha1_OIDCProviderList(ref),
"go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderConfigSpec": schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigSpec(ref), "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderSpec": schema_apis_supervisor_config_v1alpha1_OIDCProviderSpec(ref),
"go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderConfigStatus": schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigStatus(ref), "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderStatus": schema_apis_supervisor_config_v1alpha1_OIDCProviderStatus(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref),
@ -76,11 +76,11 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
} }
} }
func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_supervisor_config_v1alpha1_OIDCProvider(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "OIDCProviderConfig describes the configuration of an OIDC provider.", Description: "OIDCProvider describes the configuration of an OIDC provider.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"kind": { "kind": {
@ -105,13 +105,13 @@ func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfig(ref common.Refere
"spec": { "spec": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "Spec of the OIDC provider.", Description: "Spec of the OIDC provider.",
Ref: ref("go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderConfigSpec"), Ref: ref("go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderSpec"),
}, },
}, },
"status": { "status": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "Status of the OIDC provider.", Description: "Status of the OIDC provider.",
Ref: ref("go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderConfigStatus"), Ref: ref("go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderStatus"),
}, },
}, },
}, },
@ -119,14 +119,15 @@ func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfig(ref common.Refere
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderConfigSpec", "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderConfigStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderSpec", "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
} }
} }
func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigList(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_supervisor_config_v1alpha1_OIDCProviderList(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "List of OIDCProvider objects.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"kind": { "kind": {
@ -154,7 +155,7 @@ func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigList(ref common.Re
Items: &spec.SchemaOrArray{ Items: &spec.SchemaOrArray{
Schema: &spec.Schema{ Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Ref: ref("go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderConfig"), Ref: ref("go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProvider"),
}, },
}, },
}, },
@ -165,15 +166,15 @@ func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigList(ref common.Re
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProviderConfig", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1.OIDCProvider", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
} }
} }
func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_supervisor_config_v1alpha1_OIDCProviderSpec(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "OIDCProviderConfigSpec is a struct that describes an OIDC Provider.", Description: "OIDCProviderSpec is a struct that describes an OIDC Provider.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"issuer": { "issuer": {
@ -197,11 +198,11 @@ func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigSpec(ref common.Re
} }
} }
func schema_apis_supervisor_config_v1alpha1_OIDCProviderConfigStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_supervisor_config_v1alpha1_OIDCProviderStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "OIDCProviderConfigStatus is a struct that describes the actual state of an OIDC Provider.", Description: "OIDCProviderStatus is a struct that describes the actual state of an OIDC Provider.",
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"status": { "status": {

View File

@ -6,22 +6,20 @@ metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.4.0 controller-gen.kubebuilder.io/version: v0.4.0
creationTimestamp: null creationTimestamp: null
name: oidcproviderconfigs.config.supervisor.pinniped.dev name: oidcproviders.config.supervisor.pinniped.dev
spec: spec:
group: config.supervisor.pinniped.dev group: config.supervisor.pinniped.dev
names: names:
kind: OIDCProviderConfig kind: OIDCProvider
listKind: OIDCProviderConfigList listKind: OIDCProviderList
plural: oidcproviderconfigs plural: oidcproviders
shortNames: singular: oidcprovider
- opc
singular: oidcproviderconfig
scope: Namespaced scope: Namespaced
versions: versions:
- name: v1alpha1 - name: v1alpha1
schema: schema:
openAPIV3Schema: openAPIV3Schema:
description: OIDCProviderConfig describes the configuration of an OIDC provider. description: OIDCProvider describes the configuration of an OIDC provider.
properties: properties:
apiVersion: apiVersion:
description: 'APIVersion defines the versioned schema of this representation description: 'APIVersion defines the versioned schema of this representation

View File

@ -111,7 +111,7 @@ k8s_resource(
new_name='supervisor', # this is the name that will appear in the tilt UI new_name='supervisor', # this is the name that will appear in the tilt UI
objects=[ objects=[
# these are the objects that would otherwise appear in the "uncategorized" tab in the tilt UI # these are the objects that would otherwise appear in the "uncategorized" tab in the tilt UI
'oidcproviderconfigs.config.supervisor.pinniped.dev:customresourcedefinition', 'oidcproviders.config.supervisor.pinniped.dev:customresourcedefinition',
'pinniped-supervisor-static-config:configmap', 'pinniped-supervisor-static-config:configmap',
'supervisor:namespace', 'supervisor:namespace',
'pinniped-supervisor:role', 'pinniped-supervisor:role',

View File

@ -19,7 +19,7 @@ import (
type jwksObserverController struct { type jwksObserverController struct {
issuerToJWKSSetter IssuerToJWKSMapSetter issuerToJWKSSetter IssuerToJWKSMapSetter
oidcProviderConfigInformer v1alpha1.OIDCProviderConfigInformer oidcProviderInformer v1alpha1.OIDCProviderInformer
secretInformer corev1informers.SecretInformer secretInformer corev1informers.SecretInformer
} }
@ -27,7 +27,7 @@ type IssuerToJWKSMapSetter interface {
SetIssuerToJWKSMap(issuerToJWKSMap map[string]*jose.JSONWebKeySet) SetIssuerToJWKSMap(issuerToJWKSMap map[string]*jose.JSONWebKeySet)
} }
// Returns a controller which watches all of the OIDCProviderConfigs and their corresponding Secrets // Returns a controller which watches all of the OIDCProviders and their corresponding Secrets
// and fills an in-memory cache of the JWKS info for each currently configured issuer. // and fills an in-memory cache of the JWKS info for each currently configured issuer.
// This controller assumes that the informers passed to it are already scoped down to the // This controller assumes that the informers passed to it are already scoped down to the
// appropriate namespace. It also assumes that the IssuerToJWKSMapSetter passed to it has an // appropriate namespace. It also assumes that the IssuerToJWKSMapSetter passed to it has an
@ -35,7 +35,7 @@ type IssuerToJWKSMapSetter interface {
func NewJWKSObserverController( func NewJWKSObserverController(
issuerToJWKSSetter IssuerToJWKSMapSetter, issuerToJWKSSetter IssuerToJWKSMapSetter,
secretInformer corev1informers.SecretInformer, secretInformer corev1informers.SecretInformer,
oidcProviderConfigInformer v1alpha1.OIDCProviderConfigInformer, oidcProviderInformer v1alpha1.OIDCProviderInformer,
withInformer pinnipedcontroller.WithInformerOptionFunc, withInformer pinnipedcontroller.WithInformerOptionFunc,
) controllerlib.Controller { ) controllerlib.Controller {
return controllerlib.New( return controllerlib.New(
@ -43,7 +43,7 @@ func NewJWKSObserverController(
Name: "jwks-observer-controller", Name: "jwks-observer-controller",
Syncer: &jwksObserverController{ Syncer: &jwksObserverController{
issuerToJWKSSetter: issuerToJWKSSetter, issuerToJWKSSetter: issuerToJWKSSetter,
oidcProviderConfigInformer: oidcProviderConfigInformer, oidcProviderInformer: oidcProviderInformer,
secretInformer: secretInformer, secretInformer: secretInformer,
}, },
}, },
@ -53,7 +53,7 @@ func NewJWKSObserverController(
controllerlib.InformerOption{}, controllerlib.InformerOption{},
), ),
withInformer( withInformer(
oidcProviderConfigInformer, oidcProviderInformer,
pinnipedcontroller.MatchAnythingFilter(), pinnipedcontroller.MatchAnythingFilter(),
controllerlib.InformerOption{}, controllerlib.InformerOption{},
), ),
@ -62,9 +62,9 @@ func NewJWKSObserverController(
func (c *jwksObserverController) Sync(ctx controllerlib.Context) error { func (c *jwksObserverController) Sync(ctx controllerlib.Context) error {
ns := ctx.Key.Namespace ns := ctx.Key.Namespace
allProviders, err := c.oidcProviderConfigInformer.Lister().OIDCProviderConfigs(ns).List(labels.Everything()) allProviders, err := c.oidcProviderInformer.Lister().OIDCProviders(ns).List(labels.Everything())
if err != nil { if err != nil {
return fmt.Errorf("failed to list OIDCProviderConfigs: %w", err) return fmt.Errorf("failed to list OIDCProviders: %w", err)
} }
// Rebuild the whole map on any change to any Secret or OIDCProvider, because either can have changes that // Rebuild the whole map on any change to any Secret or OIDCProvider, because either can have changes that

View File

@ -31,22 +31,22 @@ func TestJWKSObserverControllerInformerFilters(t *testing.T) {
r *require.Assertions r *require.Assertions
observableWithInformerOption *testutil.ObservableWithInformerOption observableWithInformerOption *testutil.ObservableWithInformerOption
secretsInformerFilter controllerlib.Filter secretsInformerFilter controllerlib.Filter
oidcProviderConfigInformerFilter controllerlib.Filter oidcProviderInformerFilter controllerlib.Filter
) )
it.Before(func() { it.Before(func() {
r = require.New(t) r = require.New(t)
observableWithInformerOption = testutil.NewObservableWithInformerOption() observableWithInformerOption = testutil.NewObservableWithInformerOption()
secretsInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().Secrets() secretsInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().Secrets()
oidcProviderConfigInformer := pinnipedinformers.NewSharedInformerFactory(nil, 0).Config().V1alpha1().OIDCProviderConfigs() oidcProviderInformer := pinnipedinformers.NewSharedInformerFactory(nil, 0).Config().V1alpha1().OIDCProviders()
_ = NewJWKSObserverController( _ = NewJWKSObserverController(
nil, nil,
secretsInformer, secretsInformer,
oidcProviderConfigInformer, oidcProviderInformer,
observableWithInformerOption.WithInformer, // make it possible to observe the behavior of the Filters observableWithInformerOption.WithInformer, // make it possible to observe the behavior of the Filters
) )
secretsInformerFilter = observableWithInformerOption.GetFilterForInformer(secretsInformer) secretsInformerFilter = observableWithInformerOption.GetFilterForInformer(secretsInformer)
oidcProviderConfigInformerFilter = observableWithInformerOption.GetFilterForInformer(oidcProviderConfigInformer) oidcProviderInformerFilter = observableWithInformerOption.GetFilterForInformer(oidcProviderInformer)
}) })
when("watching Secret objects", func() { when("watching Secret objects", func() {
@ -71,19 +71,19 @@ func TestJWKSObserverControllerInformerFilters(t *testing.T) {
}) })
}) })
when("watching OIDCProviderConfig objects", func() { when("watching OIDCProvider objects", func() {
var ( var (
subject controllerlib.Filter subject controllerlib.Filter
provider, otherProvider *v1alpha1.OIDCProviderConfig provider, otherProvider *v1alpha1.OIDCProvider
) )
it.Before(func() { it.Before(func() {
subject = oidcProviderConfigInformerFilter subject = oidcProviderInformerFilter
provider = &v1alpha1.OIDCProviderConfig{ObjectMeta: metav1.ObjectMeta{Name: "any-name", Namespace: "any-namespace"}} provider = &v1alpha1.OIDCProvider{ObjectMeta: metav1.ObjectMeta{Name: "any-name", Namespace: "any-namespace"}}
otherProvider = &v1alpha1.OIDCProviderConfig{ObjectMeta: metav1.ObjectMeta{Name: "any-other-name", Namespace: "any-other-namespace"}} otherProvider = &v1alpha1.OIDCProvider{ObjectMeta: metav1.ObjectMeta{Name: "any-other-name", Namespace: "any-other-namespace"}}
}) })
when("any OIDCProviderConfig changes", func() { when("any OIDCProvider changes", func() {
it("returns true to trigger the sync method", func() { it("returns true to trigger the sync method", func() {
r.True(subject.Add(provider)) r.True(subject.Add(provider))
r.True(subject.Update(provider, otherProvider)) r.True(subject.Update(provider, otherProvider))
@ -129,7 +129,7 @@ func TestJWKSObserverControllerSync(t *testing.T) {
subject = NewJWKSObserverController( subject = NewJWKSObserverController(
issuerToJWKSSetter, issuerToJWKSSetter,
kubeInformers.Core().V1().Secrets(), kubeInformers.Core().V1().Secrets(),
pinnipedInformers.Config().V1alpha1().OIDCProviderConfigs(), pinnipedInformers.Config().V1alpha1().OIDCProviders(),
controllerlib.WithInformer, controllerlib.WithInformer,
) )
@ -173,7 +173,7 @@ func TestJWKSObserverControllerSync(t *testing.T) {
timeoutContextCancel() timeoutContextCancel()
}) })
when("there are no OIDCProviderConfigs and no JWKS Secrets yet", func() { when("there are no OIDCProviders and no JWKS Secrets yet", func() {
it("sets the issuerToJWKSSetter's map to be empty", func() { it("sets the issuerToJWKSSetter's map to be empty", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
@ -184,55 +184,55 @@ func TestJWKSObserverControllerSync(t *testing.T) {
}) })
}) })
when("there are OIDCProviderConfigs where some have corresponding JWKS Secrets and some don't", func() { when("there are OIDCProviders where some have corresponding JWKS Secrets and some don't", func() {
var ( var (
expectedJWK1, expectedJWK2 string expectedJWK1, expectedJWK2 string
) )
it.Before(func() { it.Before(func() {
oidcProviderConfigWithoutSecret1 := &v1alpha1.OIDCProviderConfig{ oidcProviderWithoutSecret1 := &v1alpha1.OIDCProvider{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: "no-secret-oidcproviderconfig1", Name: "no-secret-oidcprovider1",
Namespace: installedInNamespace, Namespace: installedInNamespace,
}, },
Spec: v1alpha1.OIDCProviderConfigSpec{Issuer: "https://no-secret-issuer1.com"}, Spec: v1alpha1.OIDCProviderSpec{Issuer: "https://no-secret-issuer1.com"},
Status: v1alpha1.OIDCProviderConfigStatus{}, // no JWKSSecret field Status: v1alpha1.OIDCProviderStatus{}, // no JWKSSecret field
} }
oidcProviderConfigWithoutSecret2 := &v1alpha1.OIDCProviderConfig{ oidcProviderWithoutSecret2 := &v1alpha1.OIDCProvider{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: "no-secret-oidcproviderconfig2", Name: "no-secret-oidcprovider2",
Namespace: installedInNamespace, Namespace: installedInNamespace,
}, },
Spec: v1alpha1.OIDCProviderConfigSpec{Issuer: "https://no-secret-issuer2.com"}, Spec: v1alpha1.OIDCProviderSpec{Issuer: "https://no-secret-issuer2.com"},
// no Status field // no Status field
} }
oidcProviderConfigWithBadSecret := &v1alpha1.OIDCProviderConfig{ oidcProviderWithBadSecret := &v1alpha1.OIDCProvider{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: "bad-secret-oidcproviderconfig", Name: "bad-secret-oidcprovider",
Namespace: installedInNamespace, Namespace: installedInNamespace,
}, },
Spec: v1alpha1.OIDCProviderConfigSpec{Issuer: "https://bad-secret-issuer.com"}, Spec: v1alpha1.OIDCProviderSpec{Issuer: "https://bad-secret-issuer.com"},
Status: v1alpha1.OIDCProviderConfigStatus{ Status: v1alpha1.OIDCProviderStatus{
JWKSSecret: corev1.LocalObjectReference{Name: "bad-jwks-secret-name"}, JWKSSecret: corev1.LocalObjectReference{Name: "bad-jwks-secret-name"},
}, },
} }
oidcProviderConfigWithGoodSecret1 := &v1alpha1.OIDCProviderConfig{ oidcProviderWithGoodSecret1 := &v1alpha1.OIDCProvider{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: "good-secret-oidcproviderconfig1", Name: "good-secret-oidcprovider1",
Namespace: installedInNamespace, Namespace: installedInNamespace,
}, },
Spec: v1alpha1.OIDCProviderConfigSpec{Issuer: "https://issuer-with-good-secret1.com"}, Spec: v1alpha1.OIDCProviderSpec{Issuer: "https://issuer-with-good-secret1.com"},
Status: v1alpha1.OIDCProviderConfigStatus{ Status: v1alpha1.OIDCProviderStatus{
JWKSSecret: corev1.LocalObjectReference{Name: "good-jwks-secret-name1"}, JWKSSecret: corev1.LocalObjectReference{Name: "good-jwks-secret-name1"},
}, },
} }
oidcProviderConfigWithGoodSecret2 := &v1alpha1.OIDCProviderConfig{ oidcProviderWithGoodSecret2 := &v1alpha1.OIDCProvider{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: "good-secret-oidcproviderconfig2", Name: "good-secret-oidcprovider2",
Namespace: installedInNamespace, Namespace: installedInNamespace,
}, },
Spec: v1alpha1.OIDCProviderConfigSpec{Issuer: "https://issuer-with-good-secret2.com"}, Spec: v1alpha1.OIDCProviderSpec{Issuer: "https://issuer-with-good-secret2.com"},
Status: v1alpha1.OIDCProviderConfigStatus{ Status: v1alpha1.OIDCProviderStatus{
JWKSSecret: corev1.LocalObjectReference{Name: "good-jwks-secret-name2"}, JWKSSecret: corev1.LocalObjectReference{Name: "good-jwks-secret-name2"},
}, },
} }
@ -267,11 +267,11 @@ func TestJWKSObserverControllerSync(t *testing.T) {
}, },
Data: map[string][]byte{"junk": nil}, Data: map[string][]byte{"junk": nil},
} }
r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderConfigWithoutSecret1)) r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderWithoutSecret1))
r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderConfigWithoutSecret2)) r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderWithoutSecret2))
r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderConfigWithBadSecret)) r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderWithBadSecret))
r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderConfigWithGoodSecret1)) r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderWithGoodSecret1))
r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderConfigWithGoodSecret2)) r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderWithGoodSecret2))
r.NoError(kubeInformerClient.Tracker().Add(goodJWKSSecret1)) r.NoError(kubeInformerClient.Tracker().Add(goodJWKSSecret1))
r.NoError(kubeInformerClient.Tracker().Add(goodJWKSSecret2)) r.NoError(kubeInformerClient.Tracker().Add(goodJWKSSecret2))
r.NoError(kubeInformerClient.Tracker().Add(badJWKSSecret)) r.NoError(kubeInformerClient.Tracker().Add(badJWKSSecret))

View File

@ -42,7 +42,7 @@ const (
) )
const ( const (
opcKind = "OIDCProviderConfig" opcKind = "OIDCProvider"
) )
// generateKey is stubbed out for the purpose of testing. The default behavior is to generate an EC key. // generateKey is stubbed out for the purpose of testing. The default behavior is to generate an EC key.
@ -59,7 +59,7 @@ type jwksWriterController struct {
jwksSecretLabels map[string]string jwksSecretLabels map[string]string
pinnipedClient pinnipedclientset.Interface pinnipedClient pinnipedclientset.Interface
kubeClient kubernetes.Interface kubeClient kubernetes.Interface
opcInformer configinformers.OIDCProviderConfigInformer opcInformer configinformers.OIDCProviderInformer
secretInformer corev1informers.SecretInformer secretInformer corev1informers.SecretInformer
} }
@ -70,7 +70,7 @@ func NewJWKSWriterController(
kubeClient kubernetes.Interface, kubeClient kubernetes.Interface,
pinnipedClient pinnipedclientset.Interface, pinnipedClient pinnipedclientset.Interface,
secretInformer corev1informers.SecretInformer, secretInformer corev1informers.SecretInformer,
opcInformer configinformers.OIDCProviderConfigInformer, opcInformer configinformers.OIDCProviderInformer,
withInformer pinnipedcontroller.WithInformerOptionFunc, withInformer pinnipedcontroller.WithInformerOptionFunc,
) controllerlib.Controller { ) controllerlib.Controller {
return controllerlib.New( return controllerlib.New(
@ -118,11 +118,11 @@ func NewJWKSWriterController(
// Sync implements controllerlib.Syncer. // Sync implements controllerlib.Syncer.
func (c *jwksWriterController) Sync(ctx controllerlib.Context) error { func (c *jwksWriterController) Sync(ctx controllerlib.Context) error {
opc, err := c.opcInformer.Lister().OIDCProviderConfigs(ctx.Key.Namespace).Get(ctx.Key.Name) opc, err := c.opcInformer.Lister().OIDCProviders(ctx.Key.Namespace).Get(ctx.Key.Name)
notFound := k8serrors.IsNotFound(err) notFound := k8serrors.IsNotFound(err)
if err != nil && !notFound { if err != nil && !notFound {
return fmt.Errorf( return fmt.Errorf(
"failed to get %s/%s OIDCProviderConfig: %w", "failed to get %s/%s OIDCProvider: %w",
ctx.Key.Namespace, ctx.Key.Namespace,
ctx.Key.Name, ctx.Key.Name,
err, err,
@ -133,8 +133,8 @@ func (c *jwksWriterController) Sync(ctx controllerlib.Context) error {
// The corresponding secret to this OPC should have been garbage collected since it should have // The corresponding secret to this OPC should have been garbage collected since it should have
// had this OPC as its owner. // had this OPC as its owner.
klog.InfoS( klog.InfoS(
"oidcproviderconfig deleted", "oidcprovider deleted",
"oidcproviderconfig", "oidcprovider",
klog.KRef(ctx.Key.Namespace, ctx.Key.Name), klog.KRef(ctx.Key.Namespace, ctx.Key.Name),
) )
return nil return nil
@ -148,7 +148,7 @@ func (c *jwksWriterController) Sync(ctx controllerlib.Context) error {
// Secret is up to date - we are good to go. // Secret is up to date - we are good to go.
klog.InfoS( klog.InfoS(
"secret is up to date", "secret is up to date",
"oidcproviderconfig", "oidcprovider",
klog.KRef(ctx.Key.Namespace, ctx.Key.Name), klog.KRef(ctx.Key.Namespace, ctx.Key.Name),
) )
return nil return nil
@ -172,12 +172,12 @@ func (c *jwksWriterController) Sync(ctx controllerlib.Context) error {
if err := c.updateOPC(ctx.Context, newOPC); err != nil { if err := c.updateOPC(ctx.Context, newOPC); err != nil {
return fmt.Errorf("cannot update opc: %w", err) return fmt.Errorf("cannot update opc: %w", err)
} }
klog.InfoS("updated oidcproviderconfig", "oidcproviderconfig", klog.KObj(newOPC)) klog.InfoS("updated oidcprovider", "oidcprovider", klog.KObj(newOPC))
return nil return nil
} }
func (c *jwksWriterController) secretNeedsUpdate(opc *configv1alpha1.OIDCProviderConfig) (bool, error) { func (c *jwksWriterController) secretNeedsUpdate(opc *configv1alpha1.OIDCProvider) (bool, error) {
if opc.Status.JWKSSecret.Name == "" { if opc.Status.JWKSSecret.Name == "" {
// If the OPC says it doesn't have a secret associated with it, then let's create one. // If the OPC says it doesn't have a secret associated with it, then let's create one.
return true, nil return true, nil
@ -202,7 +202,7 @@ func (c *jwksWriterController) secretNeedsUpdate(opc *configv1alpha1.OIDCProvide
return false, nil return false, nil
} }
func (c *jwksWriterController) generateSecret(opc *configv1alpha1.OIDCProviderConfig) (*corev1.Secret, error) { func (c *jwksWriterController) generateSecret(opc *configv1alpha1.OIDCProvider) (*corev1.Secret, error) {
// Note! This is where we could potentially add more handling of OPC spec fields which tell us how // Note! This is where we could potentially add more handling of OPC spec fields which tell us how
// this OIDC provider should sign and verify ID tokens (e.g., hardcoded token secret, gRPC // this OIDC provider should sign and verify ID tokens (e.g., hardcoded token secret, gRPC
// connection to KMS, etc). // connection to KMS, etc).
@ -291,9 +291,9 @@ func (c *jwksWriterController) createOrUpdateSecret(
func (c *jwksWriterController) updateOPC( func (c *jwksWriterController) updateOPC(
ctx context.Context, ctx context.Context,
newOPC *configv1alpha1.OIDCProviderConfig, newOPC *configv1alpha1.OIDCProvider,
) error { ) error {
opcClient := c.pinnipedClient.ConfigV1alpha1().OIDCProviderConfigs(newOPC.Namespace) opcClient := c.pinnipedClient.ConfigV1alpha1().OIDCProviders(newOPC.Namespace)
return retry.RetryOnConflict(retry.DefaultRetry, func() error { return retry.RetryOnConflict(retry.DefaultRetry, func() error {
oldOPC, err := opcClient.Get(ctx, newOPC.Name, metav1.GetOptions{}) oldOPC, err := opcClient.Get(ctx, newOPC.Name, metav1.GetOptions{})
if err != nil { if err != nil {

View File

@ -54,7 +54,7 @@ func TestJWKSWriterControllerFilterSecret(t *testing.T) {
Namespace: "some-namespace", Namespace: "some-namespace",
OwnerReferences: []metav1.OwnerReference{ OwnerReferences: []metav1.OwnerReference{
{ {
Kind: "OIDCProviderConfig", Kind: "OIDCProvider",
Name: "some-name", Name: "some-name",
Controller: boolPtr(true), Controller: boolPtr(true),
}, },
@ -85,7 +85,7 @@ func TestJWKSWriterControllerFilterSecret(t *testing.T) {
OwnerReferences: []metav1.OwnerReference{ OwnerReferences: []metav1.OwnerReference{
{ {
APIVersion: configv1alpha1.SchemeGroupVersion.String(), APIVersion: configv1alpha1.SchemeGroupVersion.String(),
Kind: "OIDCProviderConfig", Kind: "OIDCProvider",
Name: "some-name", Name: "some-name",
}, },
}, },
@ -100,7 +100,7 @@ func TestJWKSWriterControllerFilterSecret(t *testing.T) {
OwnerReferences: []metav1.OwnerReference{ OwnerReferences: []metav1.OwnerReference{
{ {
APIVersion: configv1alpha1.SchemeGroupVersion.String(), APIVersion: configv1alpha1.SchemeGroupVersion.String(),
Kind: "OIDCProviderConfig", Kind: "OIDCProvider",
Name: "some-name", Name: "some-name",
Controller: boolPtr(true), Controller: boolPtr(true),
}, },
@ -123,7 +123,7 @@ func TestJWKSWriterControllerFilterSecret(t *testing.T) {
}, },
{ {
APIVersion: configv1alpha1.SchemeGroupVersion.String(), APIVersion: configv1alpha1.SchemeGroupVersion.String(),
Kind: "OIDCProviderConfig", Kind: "OIDCProvider",
Name: "some-name", Name: "some-name",
Controller: boolPtr(true), Controller: boolPtr(true),
}, },
@ -148,7 +148,7 @@ func TestJWKSWriterControllerFilterSecret(t *testing.T) {
opcInformer := pinnipedinformers.NewSharedInformerFactory( opcInformer := pinnipedinformers.NewSharedInformerFactory(
pinnipedfake.NewSimpleClientset(), pinnipedfake.NewSimpleClientset(),
0, 0,
).Config().V1alpha1().OIDCProviderConfigs() ).Config().V1alpha1().OIDCProviders()
withInformer := testutil.NewObservableWithInformerOption() withInformer := testutil.NewObservableWithInformerOption()
_ = NewJWKSWriterController( _ = NewJWKSWriterController(
nil, // labels, not needed nil, // labels, not needed
@ -175,7 +175,7 @@ func TestJWKSWriterControllerFilterOPC(t *testing.T) {
tests := []struct { tests := []struct {
name string name string
opc configv1alpha1.OIDCProviderConfig opc configv1alpha1.OIDCProvider
wantAdd bool wantAdd bool
wantUpdate bool wantUpdate bool
wantDelete bool wantDelete bool
@ -183,7 +183,7 @@ func TestJWKSWriterControllerFilterOPC(t *testing.T) {
}{ }{
{ {
name: "anything goes", name: "anything goes",
opc: configv1alpha1.OIDCProviderConfig{}, opc: configv1alpha1.OIDCProvider{},
wantAdd: true, wantAdd: true,
wantUpdate: true, wantUpdate: true,
wantDelete: true, wantDelete: true,
@ -202,7 +202,7 @@ func TestJWKSWriterControllerFilterOPC(t *testing.T) {
opcInformer := pinnipedinformers.NewSharedInformerFactory( opcInformer := pinnipedinformers.NewSharedInformerFactory(
pinnipedfake.NewSimpleClientset(), pinnipedfake.NewSimpleClientset(),
0, 0,
).Config().V1alpha1().OIDCProviderConfigs() ).Config().V1alpha1().OIDCProviders()
withInformer := testutil.NewObservableWithInformerOption() withInformer := testutil.NewObservableWithInformerOption()
_ = NewJWKSWriterController( _ = NewJWKSWriterController(
nil, // labels, not needed nil, // labels, not needed
@ -213,7 +213,7 @@ func TestJWKSWriterControllerFilterOPC(t *testing.T) {
withInformer.WithInformer, withInformer.WithInformer,
) )
unrelated := configv1alpha1.OIDCProviderConfig{} unrelated := configv1alpha1.OIDCProvider{}
filter := withInformer.GetFilterForInformer(opcInformer) filter := withInformer.GetFilterForInformer(opcInformer)
require.Equal(t, test.wantAdd, filter.Add(&test.opc)) require.Equal(t, test.wantAdd, filter.Add(&test.opc))
require.Equal(t, test.wantUpdate, filter.Update(&unrelated, &test.opc)) require.Equal(t, test.wantUpdate, filter.Update(&unrelated, &test.opc))
@ -239,16 +239,16 @@ func TestJWKSWriterControllerSync(t *testing.T) {
opcGVR := schema.GroupVersionResource{ opcGVR := schema.GroupVersionResource{
Group: configv1alpha1.SchemeGroupVersion.Group, Group: configv1alpha1.SchemeGroupVersion.Group,
Version: configv1alpha1.SchemeGroupVersion.Version, Version: configv1alpha1.SchemeGroupVersion.Version,
Resource: "oidcproviderconfigs", Resource: "oidcproviders",
} }
goodOPC := &configv1alpha1.OIDCProviderConfig{ goodOPC := &configv1alpha1.OIDCProvider{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: "good-opc", Name: "good-opc",
Namespace: namespace, Namespace: namespace,
UID: "good-opc-uid", UID: "good-opc-uid",
}, },
Spec: configv1alpha1.OIDCProviderConfigSpec{ Spec: configv1alpha1.OIDCProviderSpec{
Issuer: "https://some-issuer.com", Issuer: "https://some-issuer.com",
}, },
} }
@ -273,7 +273,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
OwnerReferences: []metav1.OwnerReference{ OwnerReferences: []metav1.OwnerReference{
{ {
APIVersion: opcGVR.GroupVersion().String(), APIVersion: opcGVR.GroupVersion().String(),
Kind: "OIDCProviderConfig", Kind: "OIDCProvider",
Name: goodOPC.Name, Name: goodOPC.Name,
UID: goodOPC.UID, UID: goodOPC.UID,
BlockOwnerDeletion: boolPtr(true), BlockOwnerDeletion: boolPtr(true),
@ -300,7 +300,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
secrets []*corev1.Secret secrets []*corev1.Secret
configKubeClient func(*kubernetesfake.Clientset) configKubeClient func(*kubernetesfake.Clientset)
configPinnipedClient func(*pinnipedfake.Clientset) configPinnipedClient func(*pinnipedfake.Clientset)
opcs []*configv1alpha1.OIDCProviderConfig opcs []*configv1alpha1.OIDCProvider
generateKeyErr error generateKeyErr error
wantGenerateKeyCount int wantGenerateKeyCount int
wantSecretActions []kubetesting.Action wantSecretActions []kubetesting.Action
@ -310,7 +310,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "new opc with no secret", name: "new opc with no secret",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPC, goodOPC,
}, },
wantGenerateKeyCount: 1, wantGenerateKeyCount: 1,
@ -326,7 +326,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "opc without status with existing secret", name: "opc without status with existing secret",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPC, goodOPC,
}, },
secrets: []*corev1.Secret{ secrets: []*corev1.Secret{
@ -344,7 +344,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "existing opc with no secret", name: "existing opc with no secret",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPCWithStatus, goodOPCWithStatus,
}, },
wantGenerateKeyCount: 1, wantGenerateKeyCount: 1,
@ -359,7 +359,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "existing opc with existing secret", name: "existing opc with existing secret",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPCWithStatus, goodOPCWithStatus,
}, },
secrets: []*corev1.Secret{ secrets: []*corev1.Secret{
@ -374,7 +374,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "missing jwk in secret", name: "missing jwk in secret",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPCWithStatus, goodOPCWithStatus,
}, },
secrets: []*corev1.Secret{ secrets: []*corev1.Secret{
@ -392,7 +392,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "missing jwks in secret", name: "missing jwks in secret",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPCWithStatus, goodOPCWithStatus,
}, },
secrets: []*corev1.Secret{ secrets: []*corev1.Secret{
@ -410,7 +410,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "invalid jwk JSON in secret", name: "invalid jwk JSON in secret",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPCWithStatus, goodOPCWithStatus,
}, },
secrets: []*corev1.Secret{ secrets: []*corev1.Secret{
@ -428,7 +428,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "invalid jwks JSON in secret", name: "invalid jwks JSON in secret",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPCWithStatus, goodOPCWithStatus,
}, },
secrets: []*corev1.Secret{ secrets: []*corev1.Secret{
@ -446,7 +446,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "public jwk in secret", name: "public jwk in secret",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPCWithStatus, goodOPCWithStatus,
}, },
secrets: []*corev1.Secret{ secrets: []*corev1.Secret{
@ -464,7 +464,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "private jwks in secret", name: "private jwks in secret",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPCWithStatus, goodOPCWithStatus,
}, },
secrets: []*corev1.Secret{ secrets: []*corev1.Secret{
@ -482,7 +482,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "invalid jwk key in secret", name: "invalid jwk key in secret",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPCWithStatus, goodOPCWithStatus,
}, },
secrets: []*corev1.Secret{ secrets: []*corev1.Secret{
@ -500,7 +500,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "invalid jwks key in secret", name: "invalid jwks key in secret",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPCWithStatus, goodOPCWithStatus,
}, },
secrets: []*corev1.Secret{ secrets: []*corev1.Secret{
@ -518,7 +518,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "missing active jwks in secret", name: "missing active jwks in secret",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPCWithStatus, goodOPCWithStatus,
}, },
secrets: []*corev1.Secret{ secrets: []*corev1.Secret{
@ -536,7 +536,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "generate key fails", name: "generate key fails",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPCWithStatus, goodOPCWithStatus,
}, },
generateKeyErr: errors.New("some generate error"), generateKeyErr: errors.New("some generate error"),
@ -545,7 +545,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "get secret fails", name: "get secret fails",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPC, goodOPC,
}, },
configKubeClient: func(client *kubernetesfake.Clientset) { configKubeClient: func(client *kubernetesfake.Clientset) {
@ -558,7 +558,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "create secret fails", name: "create secret fails",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPC, goodOPC,
}, },
configKubeClient: func(client *kubernetesfake.Clientset) { configKubeClient: func(client *kubernetesfake.Clientset) {
@ -571,7 +571,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "update secret fails", name: "update secret fails",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPC, goodOPC,
}, },
secrets: []*corev1.Secret{ secrets: []*corev1.Secret{
@ -587,11 +587,11 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "get opc fails", name: "get opc fails",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPC, goodOPC,
}, },
configPinnipedClient: func(client *pinnipedfake.Clientset) { configPinnipedClient: func(client *pinnipedfake.Clientset) {
client.PrependReactor("get", "oidcproviderconfigs", func(_ kubetesting.Action) (bool, runtime.Object, error) { client.PrependReactor("get", "oidcproviders", func(_ kubetesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("some get error") return true, nil, errors.New("some get error")
}) })
}, },
@ -600,11 +600,11 @@ func TestJWKSWriterControllerSync(t *testing.T) {
{ {
name: "update opc fails", name: "update opc fails",
key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name}, key: controllerlib.Key{Namespace: goodOPC.Namespace, Name: goodOPC.Name},
opcs: []*configv1alpha1.OIDCProviderConfig{ opcs: []*configv1alpha1.OIDCProvider{
goodOPC, goodOPC,
}, },
configPinnipedClient: func(client *pinnipedfake.Clientset) { configPinnipedClient: func(client *pinnipedfake.Clientset) {
client.PrependReactor("update", "oidcproviderconfigs", func(_ kubetesting.Action) (bool, runtime.Object, error) { client.PrependReactor("update", "oidcproviders", func(_ kubetesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("some update error") return true, nil, errors.New("some update error")
}) })
}, },
@ -661,7 +661,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
kubeAPIClient, kubeAPIClient,
pinnipedAPIClient, pinnipedAPIClient,
kubeInformers.Core().V1().Secrets(), kubeInformers.Core().V1().Secrets(),
pinnipedInformers.Config().V1alpha1().OIDCProviderConfigs(), pinnipedInformers.Config().V1alpha1().OIDCProviders(),
controllerlib.WithInformer, controllerlib.WithInformer,
) )

View File

@ -32,26 +32,26 @@ type ProvidersSetter interface {
SetProviders(oidcProviders ...*provider.OIDCProvider) SetProviders(oidcProviders ...*provider.OIDCProvider)
} }
type oidcProviderConfigWatcherController struct { type oidcProviderWatcherController struct {
providerSetter ProvidersSetter providerSetter ProvidersSetter
clock clock.Clock clock clock.Clock
client pinnipedclientset.Interface client pinnipedclientset.Interface
opcInformer configinformers.OIDCProviderConfigInformer opcInformer configinformers.OIDCProviderInformer
} }
// NewOIDCProviderConfigWatcherController creates a controllerlib.Controller that watches // NewOIDCProviderWatcherController creates a controllerlib.Controller that watches
// OIDCProviderConfig objects and notifies a callback object of the collection of provider configs. // OIDCProvider objects and notifies a callback object of the collection of provider configs.
func NewOIDCProviderConfigWatcherController( func NewOIDCProviderWatcherController(
providerSetter ProvidersSetter, providerSetter ProvidersSetter,
clock clock.Clock, clock clock.Clock,
client pinnipedclientset.Interface, client pinnipedclientset.Interface,
opcInformer configinformers.OIDCProviderConfigInformer, opcInformer configinformers.OIDCProviderInformer,
withInformer pinnipedcontroller.WithInformerOptionFunc, withInformer pinnipedcontroller.WithInformerOptionFunc,
) controllerlib.Controller { ) controllerlib.Controller {
return controllerlib.New( return controllerlib.New(
controllerlib.Config{ controllerlib.Config{
Name: "OIDCProviderConfigWatcherController", Name: "OIDCProviderWatcherController",
Syncer: &oidcProviderConfigWatcherController{ Syncer: &oidcProviderWatcherController{
providerSetter: providerSetter, providerSetter: providerSetter,
clock: clock, clock: clock,
client: client, client: client,
@ -67,7 +67,7 @@ func NewOIDCProviderConfigWatcherController(
} }
// Sync implements controllerlib.Syncer. // Sync implements controllerlib.Syncer.
func (c *oidcProviderConfigWatcherController) Sync(ctx controllerlib.Context) error { func (c *oidcProviderWatcherController) Sync(ctx controllerlib.Context) error {
all, err := c.opcInformer.Lister().List(labels.Everything()) all, err := c.opcInformer.Lister().List(labels.Everything())
if err != nil { if err != nil {
return err return err
@ -82,7 +82,7 @@ func (c *oidcProviderConfigWatcherController) Sync(ctx controllerlib.Context) er
} }
// Make a map of issuer hostnames -> set of unique secret names. This will help us complain when // Make a map of issuer hostnames -> set of unique secret names. This will help us complain when
// multiple OIDCProviderConfigs have the same issuer hostname (excluding port) but specify // multiple OIDCProviders have the same issuer hostname (excluding port) but specify
// different TLS serving Secrets. Doesn't make sense to have the one address use more than one // different TLS serving Secrets. Doesn't make sense to have the one address use more than one
// TLS cert. Ignore ports because SNI information on the incoming requests is not going to include // TLS cert. Ignore ports because SNI information on the incoming requests is not going to include
// port numbers. Also make a helper function for forming keys into this map. // port numbers. Also make a helper function for forming keys into this map.
@ -118,7 +118,7 @@ func (c *oidcProviderConfigWatcherController) Sync(ctx controllerlib.Context) er
ctx.Context, ctx.Context,
opc.Namespace, opc.Namespace,
opc.Name, opc.Name,
configv1alpha1.DuplicateOIDCProviderStatus, configv1alpha1.DuplicateOIDCProviderStatusCondition,
"Duplicate issuer: "+opc.Spec.Issuer, "Duplicate issuer: "+opc.Spec.Issuer,
); err != nil { ); err != nil {
errs.Add(fmt.Errorf("could not update status: %w", err)) errs.Add(fmt.Errorf("could not update status: %w", err))
@ -133,7 +133,7 @@ func (c *oidcProviderConfigWatcherController) Sync(ctx controllerlib.Context) er
ctx.Context, ctx.Context,
opc.Namespace, opc.Namespace,
opc.Name, opc.Name,
configv1alpha1.SameIssuerHostMustUseSameSecretOIDCProviderStatus, configv1alpha1.SameIssuerHostMustUseSameSecretOIDCProviderStatusCondition,
"Issuers with the same DNS hostname (address not including port) must use the same secretName: "+issuerURLToHostnameKey(issuerURL), "Issuers with the same DNS hostname (address not including port) must use the same secretName: "+issuerURLToHostnameKey(issuerURL),
); err != nil { ); err != nil {
errs.Add(fmt.Errorf("could not update status: %w", err)) errs.Add(fmt.Errorf("could not update status: %w", err))
@ -147,7 +147,7 @@ func (c *oidcProviderConfigWatcherController) Sync(ctx controllerlib.Context) er
ctx.Context, ctx.Context,
opc.Namespace, opc.Namespace,
opc.Name, opc.Name,
configv1alpha1.InvalidOIDCProviderStatus, configv1alpha1.InvalidOIDCProviderStatusCondition,
"Invalid: "+err.Error(), "Invalid: "+err.Error(),
); err != nil { ); err != nil {
errs.Add(fmt.Errorf("could not update status: %w", err)) errs.Add(fmt.Errorf("could not update status: %w", err))
@ -159,7 +159,7 @@ func (c *oidcProviderConfigWatcherController) Sync(ctx controllerlib.Context) er
ctx.Context, ctx.Context,
opc.Namespace, opc.Namespace,
opc.Name, opc.Name,
configv1alpha1.SuccessOIDCProviderStatus, configv1alpha1.SuccessOIDCProviderStatusCondition,
"Provider successfully created", "Provider successfully created",
); err != nil { ); err != nil {
errs.Add(fmt.Errorf("could not update status: %w", err)) errs.Add(fmt.Errorf("could not update status: %w", err))
@ -173,14 +173,14 @@ func (c *oidcProviderConfigWatcherController) Sync(ctx controllerlib.Context) er
return errs.ErrOrNil() return errs.ErrOrNil()
} }
func (c *oidcProviderConfigWatcherController) updateStatus( func (c *oidcProviderWatcherController) updateStatus(
ctx context.Context, ctx context.Context,
namespace, name string, namespace, name string,
status configv1alpha1.OIDCProviderStatus, status configv1alpha1.OIDCProviderStatusCondition,
message string, message string,
) error { ) error {
return retry.RetryOnConflict(retry.DefaultRetry, func() error { return retry.RetryOnConflict(retry.DefaultRetry, func() error {
opc, err := c.client.ConfigV1alpha1().OIDCProviderConfigs(namespace).Get(ctx, name, metav1.GetOptions{}) opc, err := c.client.ConfigV1alpha1().OIDCProviders(namespace).Get(ctx, name, metav1.GetOptions{})
if err != nil { if err != nil {
return fmt.Errorf("get failed: %w", err) return fmt.Errorf("get failed: %w", err)
} }
@ -201,7 +201,7 @@ func (c *oidcProviderConfigWatcherController) updateStatus(
opc.Status.Status = status opc.Status.Status = status
opc.Status.Message = message opc.Status.Message = message
opc.Status.LastUpdateTime = timePtr(metav1.NewTime(c.clock.Now())) opc.Status.LastUpdateTime = timePtr(metav1.NewTime(c.clock.Now()))
_, err = c.client.ConfigV1alpha1().OIDCProviderConfigs(namespace).Update(ctx, opc, metav1.UpdateOptions{}) _, err = c.client.ConfigV1alpha1().OIDCProviders(namespace).Update(ctx, opc, metav1.UpdateOptions{})
return err return err
}) })
} }

View File

@ -21,7 +21,7 @@ import (
type tlsCertObserverController struct { type tlsCertObserverController struct {
issuerTLSCertSetter IssuerTLSCertSetter issuerTLSCertSetter IssuerTLSCertSetter
defaultTLSCertificateSecretName string defaultTLSCertificateSecretName string
oidcProviderConfigInformer v1alpha1.OIDCProviderConfigInformer oidcProviderInformer v1alpha1.OIDCProviderInformer
secretInformer corev1informers.SecretInformer secretInformer corev1informers.SecretInformer
} }
@ -34,7 +34,7 @@ func NewTLSCertObserverController(
issuerTLSCertSetter IssuerTLSCertSetter, issuerTLSCertSetter IssuerTLSCertSetter,
defaultTLSCertificateSecretName string, defaultTLSCertificateSecretName string,
secretInformer corev1informers.SecretInformer, secretInformer corev1informers.SecretInformer,
oidcProviderConfigInformer v1alpha1.OIDCProviderConfigInformer, oidcProviderInformer v1alpha1.OIDCProviderInformer,
withInformer pinnipedcontroller.WithInformerOptionFunc, withInformer pinnipedcontroller.WithInformerOptionFunc,
) controllerlib.Controller { ) controllerlib.Controller {
return controllerlib.New( return controllerlib.New(
@ -43,7 +43,7 @@ func NewTLSCertObserverController(
Syncer: &tlsCertObserverController{ Syncer: &tlsCertObserverController{
issuerTLSCertSetter: issuerTLSCertSetter, issuerTLSCertSetter: issuerTLSCertSetter,
defaultTLSCertificateSecretName: defaultTLSCertificateSecretName, defaultTLSCertificateSecretName: defaultTLSCertificateSecretName,
oidcProviderConfigInformer: oidcProviderConfigInformer, oidcProviderInformer: oidcProviderInformer,
secretInformer: secretInformer, secretInformer: secretInformer,
}, },
}, },
@ -53,7 +53,7 @@ func NewTLSCertObserverController(
controllerlib.InformerOption{}, controllerlib.InformerOption{},
), ),
withInformer( withInformer(
oidcProviderConfigInformer, oidcProviderInformer,
pinnipedcontroller.MatchAnythingFilter(), pinnipedcontroller.MatchAnythingFilter(),
controllerlib.InformerOption{}, controllerlib.InformerOption{},
), ),
@ -62,9 +62,9 @@ func NewTLSCertObserverController(
func (c *tlsCertObserverController) Sync(ctx controllerlib.Context) error { func (c *tlsCertObserverController) Sync(ctx controllerlib.Context) error {
ns := ctx.Key.Namespace ns := ctx.Key.Namespace
allProviders, err := c.oidcProviderConfigInformer.Lister().OIDCProviderConfigs(ns).List(labels.Everything()) allProviders, err := c.oidcProviderInformer.Lister().OIDCProviders(ns).List(labels.Everything())
if err != nil { if err != nil {
return fmt.Errorf("failed to list OIDCProviderConfigs: %w", err) return fmt.Errorf("failed to list OIDCProviders: %w", err)
} }
// Rebuild the whole map on any change to any Secret or OIDCProvider, because either can have changes that // Rebuild the whole map on any change to any Secret or OIDCProvider, because either can have changes that

View File

@ -32,23 +32,23 @@ func TestTLSCertObserverControllerInformerFilters(t *testing.T) {
r *require.Assertions r *require.Assertions
observableWithInformerOption *testutil.ObservableWithInformerOption observableWithInformerOption *testutil.ObservableWithInformerOption
secretsInformerFilter controllerlib.Filter secretsInformerFilter controllerlib.Filter
oidcProviderConfigInformerFilter controllerlib.Filter oidcProviderInformerFilter controllerlib.Filter
) )
it.Before(func() { it.Before(func() {
r = require.New(t) r = require.New(t)
observableWithInformerOption = testutil.NewObservableWithInformerOption() observableWithInformerOption = testutil.NewObservableWithInformerOption()
secretsInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().Secrets() secretsInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().Secrets()
oidcProviderConfigInformer := pinnipedinformers.NewSharedInformerFactory(nil, 0).Config().V1alpha1().OIDCProviderConfigs() oidcProviderInformer := pinnipedinformers.NewSharedInformerFactory(nil, 0).Config().V1alpha1().OIDCProviders()
_ = NewTLSCertObserverController( _ = NewTLSCertObserverController(
nil, nil,
"", // don't care about the secret name for this test "", // don't care about the secret name for this test
secretsInformer, secretsInformer,
oidcProviderConfigInformer, oidcProviderInformer,
observableWithInformerOption.WithInformer, // make it possible to observe the behavior of the Filters observableWithInformerOption.WithInformer, // make it possible to observe the behavior of the Filters
) )
secretsInformerFilter = observableWithInformerOption.GetFilterForInformer(secretsInformer) secretsInformerFilter = observableWithInformerOption.GetFilterForInformer(secretsInformer)
oidcProviderConfigInformerFilter = observableWithInformerOption.GetFilterForInformer(oidcProviderConfigInformer) oidcProviderInformerFilter = observableWithInformerOption.GetFilterForInformer(oidcProviderInformer)
}) })
when("watching Secret objects", func() { when("watching Secret objects", func() {
@ -73,19 +73,19 @@ func TestTLSCertObserverControllerInformerFilters(t *testing.T) {
}) })
}) })
when("watching OIDCProviderConfig objects", func() { when("watching OIDCProvider objects", func() {
var ( var (
subject controllerlib.Filter subject controllerlib.Filter
provider, otherProvider *v1alpha1.OIDCProviderConfig provider, otherProvider *v1alpha1.OIDCProvider
) )
it.Before(func() { it.Before(func() {
subject = oidcProviderConfigInformerFilter subject = oidcProviderInformerFilter
provider = &v1alpha1.OIDCProviderConfig{ObjectMeta: metav1.ObjectMeta{Name: "any-name", Namespace: "any-namespace"}} provider = &v1alpha1.OIDCProvider{ObjectMeta: metav1.ObjectMeta{Name: "any-name", Namespace: "any-namespace"}}
otherProvider = &v1alpha1.OIDCProviderConfig{ObjectMeta: metav1.ObjectMeta{Name: "any-other-name", Namespace: "any-other-namespace"}} otherProvider = &v1alpha1.OIDCProvider{ObjectMeta: metav1.ObjectMeta{Name: "any-other-name", Namespace: "any-other-namespace"}}
}) })
when("any OIDCProviderConfig changes", func() { when("any OIDCProvider changes", func() {
it("returns true to trigger the sync method", func() { it("returns true to trigger the sync method", func() {
r.True(subject.Add(provider)) r.True(subject.Add(provider))
r.True(subject.Update(provider, otherProvider)) r.True(subject.Update(provider, otherProvider))
@ -142,7 +142,7 @@ func TestTLSCertObserverControllerSync(t *testing.T) {
issuerTLSCertSetter, issuerTLSCertSetter,
defaultTLSSecretName, defaultTLSSecretName,
kubeInformers.Core().V1().Secrets(), kubeInformers.Core().V1().Secrets(),
pinnipedInformers.Config().V1alpha1().OIDCProviderConfigs(), pinnipedInformers.Config().V1alpha1().OIDCProviders(),
controllerlib.WithInformer, controllerlib.WithInformer,
) )
@ -192,7 +192,7 @@ func TestTLSCertObserverControllerSync(t *testing.T) {
timeoutContextCancel() timeoutContextCancel()
}) })
when("there are no OIDCProviderConfigs and no TLS Secrets yet", func() { when("there are no OIDCProviders and no TLS Secrets yet", func() {
it("sets the issuerTLSCertSetter's map to be empty", func() { it("sets the issuerTLSCertSetter's map to be empty", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
@ -205,36 +205,36 @@ func TestTLSCertObserverControllerSync(t *testing.T) {
}) })
}) })
when("there are OIDCProviderConfigs where some have corresponding TLS Secrets and some don't", func() { when("there are OIDCProviders where some have corresponding TLS Secrets and some don't", func() {
var ( var (
expectedCertificate1, expectedCertificate2 tls.Certificate expectedCertificate1, expectedCertificate2 tls.Certificate
) )
it.Before(func() { it.Before(func() {
var err error var err error
oidcProviderConfigWithoutSecret1 := &v1alpha1.OIDCProviderConfig{ oidcProviderWithoutSecret1 := &v1alpha1.OIDCProvider{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: "no-secret-oidcproviderconfig1", Name: "no-secret-oidcprovider1",
Namespace: installedInNamespace, Namespace: installedInNamespace,
}, },
Spec: v1alpha1.OIDCProviderConfigSpec{Issuer: "https://no-secret-issuer1.com"}, // no SNICertificateSecretName field Spec: v1alpha1.OIDCProviderSpec{Issuer: "https://no-secret-issuer1.com"}, // no SNICertificateSecretName field
} }
oidcProviderConfigWithoutSecret2 := &v1alpha1.OIDCProviderConfig{ oidcProviderWithoutSecret2 := &v1alpha1.OIDCProvider{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: "no-secret-oidcproviderconfig2", Name: "no-secret-oidcprovider2",
Namespace: installedInNamespace, Namespace: installedInNamespace,
}, },
Spec: v1alpha1.OIDCProviderConfigSpec{ Spec: v1alpha1.OIDCProviderSpec{
Issuer: "https://no-secret-issuer2.com", Issuer: "https://no-secret-issuer2.com",
SNICertificateSecretName: "", SNICertificateSecretName: "",
}, },
} }
oidcProviderConfigWithBadSecret := &v1alpha1.OIDCProviderConfig{ oidcProviderWithBadSecret := &v1alpha1.OIDCProvider{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: "bad-secret-oidcproviderconfig", Name: "bad-secret-oidcprovider",
Namespace: installedInNamespace, Namespace: installedInNamespace,
}, },
Spec: v1alpha1.OIDCProviderConfigSpec{ Spec: v1alpha1.OIDCProviderSpec{
Issuer: "https://bad-secret-issuer.com", Issuer: "https://bad-secret-issuer.com",
SNICertificateSecretName: "bad-tls-secret-name", SNICertificateSecretName: "bad-tls-secret-name",
}, },
@ -243,31 +243,31 @@ func TestTLSCertObserverControllerSync(t *testing.T) {
invalidIssuerURL := ":/host//path" invalidIssuerURL := ":/host//path"
_, err = url.Parse(invalidIssuerURL) //nolint:staticcheck // Yes, this URL is intentionally invalid. _, err = url.Parse(invalidIssuerURL) //nolint:staticcheck // Yes, this URL is intentionally invalid.
r.Error(err) r.Error(err)
oidcProviderConfigWithBadIssuer := &v1alpha1.OIDCProviderConfig{ oidcProviderWithBadIssuer := &v1alpha1.OIDCProvider{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: "bad-issuer-oidcproviderconfig", Name: "bad-issuer-oidcprovider",
Namespace: installedInNamespace, Namespace: installedInNamespace,
}, },
Spec: v1alpha1.OIDCProviderConfigSpec{Issuer: invalidIssuerURL}, Spec: v1alpha1.OIDCProviderSpec{Issuer: invalidIssuerURL},
} }
oidcProviderConfigWithGoodSecret1 := &v1alpha1.OIDCProviderConfig{ oidcProviderWithGoodSecret1 := &v1alpha1.OIDCProvider{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: "good-secret-oidcproviderconfig1", Name: "good-secret-oidcprovider1",
Namespace: installedInNamespace, Namespace: installedInNamespace,
}, },
// Issuer hostname should be treated in a case-insensitive way and SNI ignores port numbers. Test without a port number. // Issuer hostname should be treated in a case-insensitive way and SNI ignores port numbers. Test without a port number.
Spec: v1alpha1.OIDCProviderConfigSpec{ Spec: v1alpha1.OIDCProviderSpec{
Issuer: "https://www.iSSuer-wiTh-goOd-secRet1.cOm/path", Issuer: "https://www.iSSuer-wiTh-goOd-secRet1.cOm/path",
SNICertificateSecretName: "good-tls-secret-name1", SNICertificateSecretName: "good-tls-secret-name1",
}, },
} }
oidcProviderConfigWithGoodSecret2 := &v1alpha1.OIDCProviderConfig{ oidcProviderWithGoodSecret2 := &v1alpha1.OIDCProvider{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: "good-secret-oidcproviderconfig2", Name: "good-secret-oidcprovider2",
Namespace: installedInNamespace, Namespace: installedInNamespace,
}, },
// Issuer hostname should be treated in a case-insensitive way and SNI ignores port numbers. Test with a port number. // Issuer hostname should be treated in a case-insensitive way and SNI ignores port numbers. Test with a port number.
Spec: v1alpha1.OIDCProviderConfigSpec{ Spec: v1alpha1.OIDCProviderSpec{
Issuer: "https://www.issUEr-WIth-gOOd-seCret2.com:1234/path", Issuer: "https://www.issUEr-WIth-gOOd-seCret2.com:1234/path",
SNICertificateSecretName: "good-tls-secret-name2", SNICertificateSecretName: "good-tls-secret-name2",
}, },
@ -296,12 +296,12 @@ func TestTLSCertObserverControllerSync(t *testing.T) {
ObjectMeta: metav1.ObjectMeta{Name: "bad-tls-secret-name", Namespace: installedInNamespace}, ObjectMeta: metav1.ObjectMeta{Name: "bad-tls-secret-name", Namespace: installedInNamespace},
Data: map[string][]byte{"junk": nil}, Data: map[string][]byte{"junk": nil},
} }
r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderConfigWithoutSecret1)) r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderWithoutSecret1))
r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderConfigWithoutSecret2)) r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderWithoutSecret2))
r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderConfigWithBadSecret)) r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderWithBadSecret))
r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderConfigWithBadIssuer)) r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderWithBadIssuer))
r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderConfigWithGoodSecret1)) r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderWithGoodSecret1))
r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderConfigWithGoodSecret2)) r.NoError(pinnipedInformerClient.Tracker().Add(oidcProviderWithGoodSecret2))
r.NoError(kubeInformerClient.Tracker().Add(goodTLSSecret1)) r.NoError(kubeInformerClient.Tracker().Add(goodTLSSecret1))
r.NoError(kubeInformerClient.Tracker().Add(goodTLSSecret2)) r.NoError(kubeInformerClient.Tracker().Add(goodTLSSecret2))
r.NoError(kubeInformerClient.Tracker().Add(badTLSSecret)) r.NoError(kubeInformerClient.Tracker().Add(badTLSSecret))

View File

@ -71,12 +71,11 @@ func TestGetAPIResourceList(t *testing.T) {
resourceByVersion: map[string][]metav1.APIResource{ resourceByVersion: map[string][]metav1.APIResource{
"config.supervisor.pinniped.dev/v1alpha1": { "config.supervisor.pinniped.dev/v1alpha1": {
{ {
Name: "oidcproviderconfigs", Name: "oidcproviders",
SingularName: "oidcproviderconfig", SingularName: "oidcprovider",
Namespaced: true, Namespaced: true,
Kind: "OIDCProviderConfig", Kind: "OIDCProvider",
Verbs: []string{"delete", "deletecollection", "get", "list", "patch", "create", "update", "watch"}, Verbs: []string{"delete", "deletecollection", "get", "list", "patch", "create", "update", "watch"},
ShortNames: []string{"opc"},
}, },
}, },
}, },

View File

@ -48,7 +48,7 @@ func TestSupervisorOIDCDiscovery(t *testing.T) {
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute) ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
defer cancel() defer cancel()
temporarilyRemoveAllOIDCProviderConfigsAndDefaultTLSCertSecret(ctx, t, ns, defaultTLSCertSecretName(env), client, library.NewClientset(t)) temporarilyRemoveAllOIDCProvidersAndDefaultTLSCertSecret(ctx, t, ns, defaultTLSCertSecretName(env), client, library.NewClientset(t))
tests := []struct { tests := []struct {
Scheme string Scheme string
@ -69,7 +69,7 @@ func TestSupervisorOIDCDiscovery(t *testing.T) {
continue continue
} }
// Test that there is no default discovery endpoint available when there are no OIDCProviderConfigs. // Test that there is no default discovery endpoint available when there are no OIDCProviders.
requireDiscoveryEndpointsAreNotFound(t, scheme, addr, caBundle, fmt.Sprintf("%s://%s", scheme, addr)) requireDiscoveryEndpointsAreNotFound(t, scheme, addr, caBundle, fmt.Sprintf("%s://%s", scheme, addr))
// Define several unique issuer strings. Always use https in the issuer name even when we are accessing the http port. // Define several unique issuer strings. Always use https in the issuer name even when we are accessing the http port.
@ -81,48 +81,48 @@ func TestSupervisorOIDCDiscovery(t *testing.T) {
issuer6 := fmt.Sprintf("https://%s/issuer6", addr) issuer6 := fmt.Sprintf("https://%s/issuer6", addr)
badIssuer := fmt.Sprintf("https://%s/badIssuer?cannot-use=queries", addr) badIssuer := fmt.Sprintf("https://%s/badIssuer?cannot-use=queries", addr)
// When OIDCProviderConfig are created in sequence they each cause a discovery endpoint to appear only for as long as the OIDCProviderConfig exists. // When OIDCProvider are created in sequence they each cause a discovery endpoint to appear only for as long as the OIDCProvider exists.
config1, jwks1 := requireCreatingOIDCProviderConfigCausesDiscoveryEndpointsToAppear(ctx, t, scheme, addr, caBundle, issuer1, client) config1, jwks1 := requireCreatingOIDCProviderCausesDiscoveryEndpointsToAppear(ctx, t, scheme, addr, caBundle, issuer1, client)
requireDeletingOIDCProviderConfigCausesDiscoveryEndpointsToDisappear(t, config1, client, ns, scheme, addr, caBundle, issuer1) requireDeletingOIDCProviderCausesDiscoveryEndpointsToDisappear(t, config1, client, ns, scheme, addr, caBundle, issuer1)
config2, jwks2 := requireCreatingOIDCProviderConfigCausesDiscoveryEndpointsToAppear(ctx, t, scheme, addr, caBundle, issuer2, client) config2, jwks2 := requireCreatingOIDCProviderCausesDiscoveryEndpointsToAppear(ctx, t, scheme, addr, caBundle, issuer2, client)
requireDeletingOIDCProviderConfigCausesDiscoveryEndpointsToDisappear(t, config2, client, ns, scheme, addr, caBundle, issuer2) requireDeletingOIDCProviderCausesDiscoveryEndpointsToDisappear(t, config2, client, ns, scheme, addr, caBundle, issuer2)
// The auto-created JWK's were different from each other. // The auto-created JWK's were different from each other.
require.NotEqual(t, jwks1.Keys[0]["x"], jwks2.Keys[0]["x"]) require.NotEqual(t, jwks1.Keys[0]["x"], jwks2.Keys[0]["x"])
require.NotEqual(t, jwks1.Keys[0]["y"], jwks2.Keys[0]["y"]) require.NotEqual(t, jwks1.Keys[0]["y"], jwks2.Keys[0]["y"])
// When multiple OIDCProviderConfigs exist at the same time they each serve a unique discovery endpoint. // When multiple OIDCProviders exist at the same time they each serve a unique discovery endpoint.
config3, jwks3 := requireCreatingOIDCProviderConfigCausesDiscoveryEndpointsToAppear(ctx, t, scheme, addr, caBundle, issuer3, client) config3, jwks3 := requireCreatingOIDCProviderCausesDiscoveryEndpointsToAppear(ctx, t, scheme, addr, caBundle, issuer3, client)
config4, jwks4 := requireCreatingOIDCProviderConfigCausesDiscoveryEndpointsToAppear(ctx, t, scheme, addr, caBundle, issuer4, client) config4, jwks4 := requireCreatingOIDCProviderCausesDiscoveryEndpointsToAppear(ctx, t, scheme, addr, caBundle, issuer4, client)
requireDiscoveryEndpointsAreWorking(t, scheme, addr, caBundle, issuer3, nil) // discovery for issuer3 is still working after issuer4 started working requireDiscoveryEndpointsAreWorking(t, scheme, addr, caBundle, issuer3, nil) // discovery for issuer3 is still working after issuer4 started working
// The auto-created JWK's were different from each other. // The auto-created JWK's were different from each other.
require.NotEqual(t, jwks3.Keys[0]["x"], jwks4.Keys[0]["x"]) require.NotEqual(t, jwks3.Keys[0]["x"], jwks4.Keys[0]["x"])
require.NotEqual(t, jwks3.Keys[0]["y"], jwks4.Keys[0]["y"]) require.NotEqual(t, jwks3.Keys[0]["y"], jwks4.Keys[0]["y"])
// Editing a provider to change the issuer name updates the endpoints that are being served. // Editing a provider to change the issuer name updates the endpoints that are being served.
updatedConfig4 := editOIDCProviderConfigIssuerName(t, config4, client, ns, issuer5) updatedConfig4 := editOIDCProviderIssuerName(t, config4, client, ns, issuer5)
requireDiscoveryEndpointsAreNotFound(t, scheme, addr, caBundle, issuer4) requireDiscoveryEndpointsAreNotFound(t, scheme, addr, caBundle, issuer4)
jwks5 := requireDiscoveryEndpointsAreWorking(t, scheme, addr, caBundle, issuer5, nil) jwks5 := requireDiscoveryEndpointsAreWorking(t, scheme, addr, caBundle, issuer5, nil)
// The JWK did not change when the issuer name was updated. // The JWK did not change when the issuer name was updated.
require.Equal(t, jwks4.Keys[0], jwks5.Keys[0]) require.Equal(t, jwks4.Keys[0], jwks5.Keys[0])
// When they are deleted they stop serving discovery endpoints. // When they are deleted they stop serving discovery endpoints.
requireDeletingOIDCProviderConfigCausesDiscoveryEndpointsToDisappear(t, config3, client, ns, scheme, addr, caBundle, issuer3) requireDeletingOIDCProviderCausesDiscoveryEndpointsToDisappear(t, config3, client, ns, scheme, addr, caBundle, issuer3)
requireDeletingOIDCProviderConfigCausesDiscoveryEndpointsToDisappear(t, updatedConfig4, client, ns, scheme, addr, caBundle, issuer5) requireDeletingOIDCProviderCausesDiscoveryEndpointsToDisappear(t, updatedConfig4, client, ns, scheme, addr, caBundle, issuer5)
// When the same issuer is added twice, both issuers are marked as duplicates, and neither provider is serving. // When the same issuer is added twice, both issuers are marked as duplicates, and neither provider is serving.
config6Duplicate1, _ := requireCreatingOIDCProviderConfigCausesDiscoveryEndpointsToAppear(ctx, t, scheme, addr, caBundle, issuer6, client) config6Duplicate1, _ := requireCreatingOIDCProviderCausesDiscoveryEndpointsToAppear(ctx, t, scheme, addr, caBundle, issuer6, client)
config6Duplicate2 := library.CreateTestOIDCProvider(ctx, t, issuer6, "") config6Duplicate2 := library.CreateTestOIDCProvider(ctx, t, issuer6, "")
requireStatus(t, client, ns, config6Duplicate1.Name, v1alpha1.DuplicateOIDCProviderStatus) requireStatus(t, client, ns, config6Duplicate1.Name, v1alpha1.DuplicateOIDCProviderStatusCondition)
requireStatus(t, client, ns, config6Duplicate2.Name, v1alpha1.DuplicateOIDCProviderStatus) requireStatus(t, client, ns, config6Duplicate2.Name, v1alpha1.DuplicateOIDCProviderStatusCondition)
requireDiscoveryEndpointsAreNotFound(t, scheme, addr, caBundle, issuer6) requireDiscoveryEndpointsAreNotFound(t, scheme, addr, caBundle, issuer6)
// If we delete the first duplicate issuer, the second duplicate issuer starts serving. // If we delete the first duplicate issuer, the second duplicate issuer starts serving.
requireDelete(t, client, ns, config6Duplicate1.Name) requireDelete(t, client, ns, config6Duplicate1.Name)
requireWellKnownEndpointIsWorking(t, scheme, addr, caBundle, issuer6, nil) requireWellKnownEndpointIsWorking(t, scheme, addr, caBundle, issuer6, nil)
requireStatus(t, client, ns, config6Duplicate2.Name, v1alpha1.SuccessOIDCProviderStatus) requireStatus(t, client, ns, config6Duplicate2.Name, v1alpha1.SuccessOIDCProviderStatusCondition)
// When we finally delete all issuers, the endpoint should be down. // When we finally delete all issuers, the endpoint should be down.
requireDeletingOIDCProviderConfigCausesDiscoveryEndpointsToDisappear(t, config6Duplicate2, client, ns, scheme, addr, caBundle, issuer6) requireDeletingOIDCProviderCausesDiscoveryEndpointsToDisappear(t, config6Duplicate2, client, ns, scheme, addr, caBundle, issuer6)
// Only test this for http endpoints because https endpoints are going through an Ingress, // Only test this for http endpoints because https endpoints are going through an Ingress,
// and while it is possible to configure an Ingress to serve multiple hostnames with matching TLS certs // and while it is possible to configure an Ingress to serve multiple hostnames with matching TLS certs
@ -131,15 +131,15 @@ func TestSupervisorOIDCDiscovery(t *testing.T) {
if scheme == "http" { if scheme == "http" {
// "Host" headers can be used to send requests to discovery endpoints when the public address is different from the issuer name. // "Host" headers can be used to send requests to discovery endpoints when the public address is different from the issuer name.
issuer7 := "https://some-issuer-host-and-port-that-doesnt-match-public-supervisor-address.com:2684/issuer7" issuer7 := "https://some-issuer-host-and-port-that-doesnt-match-public-supervisor-address.com:2684/issuer7"
config7, _ := requireCreatingOIDCProviderConfigCausesDiscoveryEndpointsToAppear(ctx, t, scheme, addr, caBundle, issuer7, client) config7, _ := requireCreatingOIDCProviderCausesDiscoveryEndpointsToAppear(ctx, t, scheme, addr, caBundle, issuer7, client)
requireDeletingOIDCProviderConfigCausesDiscoveryEndpointsToDisappear(t, config7, client, ns, scheme, addr, caBundle, issuer7) requireDeletingOIDCProviderCausesDiscoveryEndpointsToDisappear(t, config7, client, ns, scheme, addr, caBundle, issuer7)
} }
// When we create a provider with an invalid issuer, the status is set to invalid. // When we create a provider with an invalid issuer, the status is set to invalid.
badConfig := library.CreateTestOIDCProvider(ctx, t, badIssuer, "") badConfig := library.CreateTestOIDCProvider(ctx, t, badIssuer, "")
requireStatus(t, client, ns, badConfig.Name, v1alpha1.InvalidOIDCProviderStatus) requireStatus(t, client, ns, badConfig.Name, v1alpha1.InvalidOIDCProviderStatusCondition)
requireDiscoveryEndpointsAreNotFound(t, scheme, addr, caBundle, badIssuer) requireDiscoveryEndpointsAreNotFound(t, scheme, addr, caBundle, badIssuer)
requireDeletingOIDCProviderConfigCausesDiscoveryEndpointsToDisappear(t, badConfig, client, ns, scheme, addr, caBundle, badIssuer) requireDeletingOIDCProviderCausesDiscoveryEndpointsToDisappear(t, badConfig, client, ns, scheme, addr, caBundle, badIssuer)
} }
} }
@ -152,7 +152,7 @@ func TestSupervisorTLSTerminationWithSNI(t *testing.T) {
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute) ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
defer cancel() defer cancel()
temporarilyRemoveAllOIDCProviderConfigsAndDefaultTLSCertSecret(ctx, t, ns, defaultTLSCertSecretName(env), pinnipedClient, kubeClient) temporarilyRemoveAllOIDCProvidersAndDefaultTLSCertSecret(ctx, t, ns, defaultTLSCertSecretName(env), pinnipedClient, kubeClient)
scheme := "https" scheme := "https"
address := env.SupervisorHTTPSAddress // hostname and port for direct access to the supervisor's port 8443 address := env.SupervisorHTTPSAddress // hostname and port for direct access to the supervisor's port 8443
@ -161,9 +161,9 @@ func TestSupervisorTLSTerminationWithSNI(t *testing.T) {
issuer1 := fmt.Sprintf("%s://%s/issuer1", scheme, address) issuer1 := fmt.Sprintf("%s://%s/issuer1", scheme, address)
sniCertificateSecretName1 := "integration-test-sni-cert-1" sniCertificateSecretName1 := "integration-test-sni-cert-1"
// Create an OIDCProviderConfig with an sniCertificateSecretName. // Create an OIDCProvider with an sniCertificateSecretName.
oidcProviderConfig1 := library.CreateTestOIDCProvider(ctx, t, issuer1, sniCertificateSecretName1) oidcProvider1 := library.CreateTestOIDCProvider(ctx, t, issuer1, sniCertificateSecretName1)
requireStatus(t, pinnipedClient, oidcProviderConfig1.Namespace, oidcProviderConfig1.Name, v1alpha1.SuccessOIDCProviderStatus) requireStatus(t, pinnipedClient, oidcProvider1.Namespace, oidcProvider1.Name, v1alpha1.SuccessOIDCProviderStatusCondition)
// The sniCertificateSecretName Secret does not exist, so the endpoints should fail with TLS errors. // The sniCertificateSecretName Secret does not exist, so the endpoints should fail with TLS errors.
requireEndpointHasTLSErrorBecauseCertificatesAreNotReady(t, issuer1) requireEndpointHasTLSErrorBecauseCertificatesAreNotReady(t, issuer1)
@ -176,10 +176,10 @@ func TestSupervisorTLSTerminationWithSNI(t *testing.T) {
// Update the config to take away the sniCertificateSecretName. // Update the config to take away the sniCertificateSecretName.
sniCertificateSecretName1update := "integration-test-sni-cert-1-update" sniCertificateSecretName1update := "integration-test-sni-cert-1-update"
oidcProviderConfig1LatestVersion, err := pinnipedClient.ConfigV1alpha1().OIDCProviderConfigs(ns).Get(ctx, oidcProviderConfig1.Name, metav1.GetOptions{}) oidcProvider1LatestVersion, err := pinnipedClient.ConfigV1alpha1().OIDCProviders(ns).Get(ctx, oidcProvider1.Name, metav1.GetOptions{})
require.NoError(t, err) require.NoError(t, err)
oidcProviderConfig1LatestVersion.Spec.SNICertificateSecretName = sniCertificateSecretName1update oidcProvider1LatestVersion.Spec.SNICertificateSecretName = sniCertificateSecretName1update
_, err = pinnipedClient.ConfigV1alpha1().OIDCProviderConfigs(ns).Update(ctx, oidcProviderConfig1LatestVersion, metav1.UpdateOptions{}) _, err = pinnipedClient.ConfigV1alpha1().OIDCProviders(ns).Update(ctx, oidcProvider1LatestVersion, metav1.UpdateOptions{})
require.NoError(t, err) require.NoError(t, err)
// The the endpoints should fail with TLS errors again. // The the endpoints should fail with TLS errors again.
@ -197,9 +197,9 @@ func TestSupervisorTLSTerminationWithSNI(t *testing.T) {
issuer2 := fmt.Sprintf("%s://%s:%s/issuer2", scheme, hostname2, hostnamePort2) issuer2 := fmt.Sprintf("%s://%s:%s/issuer2", scheme, hostname2, hostnamePort2)
sniCertificateSecretName2 := "integration-test-sni-cert-2" sniCertificateSecretName2 := "integration-test-sni-cert-2"
// Create an OIDCProviderConfig with an sniCertificateSecretName. // Create an OIDCProvider with an sniCertificateSecretName.
oidcProviderConfig2 := library.CreateTestOIDCProvider(ctx, t, issuer2, sniCertificateSecretName2) oidcProvider2 := library.CreateTestOIDCProvider(ctx, t, issuer2, sniCertificateSecretName2)
requireStatus(t, pinnipedClient, oidcProviderConfig2.Namespace, oidcProviderConfig2.Name, v1alpha1.SuccessOIDCProviderStatus) requireStatus(t, pinnipedClient, oidcProvider2.Namespace, oidcProvider2.Name, v1alpha1.SuccessOIDCProviderStatusCondition)
// Create the Secret. // Create the Secret.
ca2 := createTLSCertificateSecret(ctx, t, ns, hostname2, nil, sniCertificateSecretName2, kubeClient) ca2 := createTLSCertificateSecret(ctx, t, ns, hostname2, nil, sniCertificateSecretName2, kubeClient)
@ -219,7 +219,7 @@ func TestSupervisorTLSTerminationWithDefaultCerts(t *testing.T) {
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute) ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
defer cancel() defer cancel()
temporarilyRemoveAllOIDCProviderConfigsAndDefaultTLSCertSecret(ctx, t, ns, defaultTLSCertSecretName(env), pinnipedClient, kubeClient) temporarilyRemoveAllOIDCProvidersAndDefaultTLSCertSecret(ctx, t, ns, defaultTLSCertSecretName(env), pinnipedClient, kubeClient)
scheme := "https" scheme := "https"
address := env.SupervisorHTTPSAddress // hostname and port for direct access to the supervisor's port 8443 address := env.SupervisorHTTPSAddress // hostname and port for direct access to the supervisor's port 8443
@ -240,9 +240,9 @@ func TestSupervisorTLSTerminationWithDefaultCerts(t *testing.T) {
issuerUsingIPAddress := fmt.Sprintf("%s://%s/issuer1", scheme, ipWithPort) issuerUsingIPAddress := fmt.Sprintf("%s://%s/issuer1", scheme, ipWithPort)
issuerUsingHostname := fmt.Sprintf("%s://%s/issuer1", scheme, address) issuerUsingHostname := fmt.Sprintf("%s://%s/issuer1", scheme, address)
// Create an OIDCProviderConfig without an sniCertificateSecretName. // Create an OIDCProvider without an sniCertificateSecretName.
oidcProviderConfig1 := library.CreateTestOIDCProvider(ctx, t, issuerUsingIPAddress, "") oidcProvider1 := library.CreateTestOIDCProvider(ctx, t, issuerUsingIPAddress, "")
requireStatus(t, pinnipedClient, oidcProviderConfig1.Namespace, oidcProviderConfig1.Name, v1alpha1.SuccessOIDCProviderStatus) requireStatus(t, pinnipedClient, oidcProvider1.Namespace, oidcProvider1.Name, v1alpha1.SuccessOIDCProviderStatusCondition)
// There is no default TLS cert and the sniCertificateSecretName was not set, so the endpoints should fail with TLS errors. // There is no default TLS cert and the sniCertificateSecretName was not set, so the endpoints should fail with TLS errors.
requireEndpointHasTLSErrorBecauseCertificatesAreNotReady(t, issuerUsingIPAddress) requireEndpointHasTLSErrorBecauseCertificatesAreNotReady(t, issuerUsingIPAddress)
@ -253,10 +253,10 @@ func TestSupervisorTLSTerminationWithDefaultCerts(t *testing.T) {
// Now that the Secret exists, we should be able to access the endpoints by IP address using the CA. // Now that the Secret exists, we should be able to access the endpoints by IP address using the CA.
_ = requireDiscoveryEndpointsAreWorking(t, scheme, ipWithPort, string(defaultCA.Bundle()), issuerUsingIPAddress, nil) _ = requireDiscoveryEndpointsAreWorking(t, scheme, ipWithPort, string(defaultCA.Bundle()), issuerUsingIPAddress, nil)
// Create an OIDCProviderConfig with an sniCertificateSecretName. // Create an OIDCProvider with an sniCertificateSecretName.
sniCertificateSecretName := "integration-test-sni-cert-1" sniCertificateSecretName := "integration-test-sni-cert-1"
oidcProviderConfig2 := library.CreateTestOIDCProvider(ctx, t, issuerUsingHostname, sniCertificateSecretName) oidcProvider2 := library.CreateTestOIDCProvider(ctx, t, issuerUsingHostname, sniCertificateSecretName)
requireStatus(t, pinnipedClient, oidcProviderConfig2.Namespace, oidcProviderConfig2.Name, v1alpha1.SuccessOIDCProviderStatus) requireStatus(t, pinnipedClient, oidcProvider2.Namespace, oidcProvider2.Name, v1alpha1.SuccessOIDCProviderStatusCondition)
// Create the Secret. // Create the Secret.
sniCA := createTLSCertificateSecret(ctx, t, ns, hostname, nil, sniCertificateSecretName, kubeClient) sniCA := createTLSCertificateSecret(ctx, t, ns, hostname, nil, sniCertificateSecretName, kubeClient)
@ -312,7 +312,7 @@ func createTLSCertificateSecret(ctx context.Context, t *testing.T, ns string, ho
return ca return ca
} }
func temporarilyRemoveAllOIDCProviderConfigsAndDefaultTLSCertSecret( func temporarilyRemoveAllOIDCProvidersAndDefaultTLSCertSecret(
ctx context.Context, ctx context.Context,
t *testing.T, t *testing.T,
ns string, ns string,
@ -320,11 +320,11 @@ func temporarilyRemoveAllOIDCProviderConfigsAndDefaultTLSCertSecret(
pinnipedClient pinnipedclientset.Interface, pinnipedClient pinnipedclientset.Interface,
kubeClient kubernetes.Interface, kubeClient kubernetes.Interface,
) { ) {
// Temporarily remove any existing OIDCProviderConfigs from the cluster so we can test from a clean slate. // Temporarily remove any existing OIDCProviders from the cluster so we can test from a clean slate.
originalConfigList, err := pinnipedClient.ConfigV1alpha1().OIDCProviderConfigs(ns).List(ctx, metav1.ListOptions{}) originalConfigList, err := pinnipedClient.ConfigV1alpha1().OIDCProviders(ns).List(ctx, metav1.ListOptions{})
require.NoError(t, err) require.NoError(t, err)
for _, config := range originalConfigList.Items { for _, config := range originalConfigList.Items {
err := pinnipedClient.ConfigV1alpha1().OIDCProviderConfigs(ns).Delete(ctx, config.Name, metav1.DeleteOptions{}) err := pinnipedClient.ConfigV1alpha1().OIDCProviders(ns).Delete(ctx, config.Name, metav1.DeleteOptions{})
require.NoError(t, err) require.NoError(t, err)
} }
@ -339,7 +339,7 @@ func temporarilyRemoveAllOIDCProviderConfigsAndDefaultTLSCertSecret(
require.NoError(t, err) require.NoError(t, err)
} }
// When this test has finished, recreate any OIDCProviderConfigs and default secret that had existed on the cluster before this test. // When this test has finished, recreate any OIDCProviders and default secret that had existed on the cluster before this test.
t.Cleanup(func() { t.Cleanup(func() {
cleanupCtx, cancel := context.WithTimeout(context.Background(), 2*time.Minute) cleanupCtx, cancel := context.WithTimeout(context.Background(), 2*time.Minute)
defer cancel() defer cancel()
@ -347,7 +347,7 @@ func temporarilyRemoveAllOIDCProviderConfigsAndDefaultTLSCertSecret(
for _, config := range originalConfigList.Items { for _, config := range originalConfigList.Items {
thisConfig := config thisConfig := config
thisConfig.ResourceVersion = "" // Get rid of resource version since we can't create an object with one. thisConfig.ResourceVersion = "" // Get rid of resource version since we can't create an object with one.
_, err := pinnipedClient.ConfigV1alpha1().OIDCProviderConfigs(ns).Create(cleanupCtx, &thisConfig, metav1.CreateOptions{}) _, err := pinnipedClient.ConfigV1alpha1().OIDCProviders(ns).Create(cleanupCtx, &thisConfig, metav1.CreateOptions{})
require.NoError(t, err) require.NoError(t, err)
} }
@ -420,18 +420,18 @@ func requireEndpointHasTLSErrorBecauseCertificatesAreNotReady(t *testing.T, url
require.EqualError(t, err, fmt.Sprintf(`Get "%s": remote error: tls: unrecognized name`, url)) require.EqualError(t, err, fmt.Sprintf(`Get "%s": remote error: tls: unrecognized name`, url))
} }
func requireCreatingOIDCProviderConfigCausesDiscoveryEndpointsToAppear( func requireCreatingOIDCProviderCausesDiscoveryEndpointsToAppear(
ctx context.Context, ctx context.Context,
t *testing.T, t *testing.T,
supervisorScheme, supervisorAddress, supervisorCABundle string, supervisorScheme, supervisorAddress, supervisorCABundle string,
issuerName string, issuerName string,
client pinnipedclientset.Interface, client pinnipedclientset.Interface,
) (*v1alpha1.OIDCProviderConfig, *ExpectedJWKSResponseFormat) { ) (*v1alpha1.OIDCProvider, *ExpectedJWKSResponseFormat) {
t.Helper() t.Helper()
newOIDCProviderConfig := library.CreateTestOIDCProvider(ctx, t, issuerName, "") newOIDCProvider := library.CreateTestOIDCProvider(ctx, t, issuerName, "")
jwksResult := requireDiscoveryEndpointsAreWorking(t, supervisorScheme, supervisorAddress, supervisorCABundle, issuerName, nil) jwksResult := requireDiscoveryEndpointsAreWorking(t, supervisorScheme, supervisorAddress, supervisorCABundle, issuerName, nil)
requireStatus(t, client, newOIDCProviderConfig.Namespace, newOIDCProviderConfig.Name, v1alpha1.SuccessOIDCProviderStatus) requireStatus(t, client, newOIDCProvider.Namespace, newOIDCProvider.Name, v1alpha1.SuccessOIDCProviderStatusCondition)
return newOIDCProviderConfig, jwksResult return newOIDCProvider, jwksResult
} }
func requireDiscoveryEndpointsAreWorking(t *testing.T, supervisorScheme, supervisorAddress, supervisorCABundle, issuerName string, dnsOverrides map[string]string) *ExpectedJWKSResponseFormat { func requireDiscoveryEndpointsAreWorking(t *testing.T, supervisorScheme, supervisorAddress, supervisorCABundle, issuerName string, dnsOverrides map[string]string) *ExpectedJWKSResponseFormat {
@ -440,9 +440,9 @@ func requireDiscoveryEndpointsAreWorking(t *testing.T, supervisorScheme, supervi
return jwksResult return jwksResult
} }
func requireDeletingOIDCProviderConfigCausesDiscoveryEndpointsToDisappear( func requireDeletingOIDCProviderCausesDiscoveryEndpointsToDisappear(
t *testing.T, t *testing.T,
existingOIDCProviderConfig *v1alpha1.OIDCProviderConfig, existingOIDCProvider *v1alpha1.OIDCProvider,
client pinnipedclientset.Interface, client pinnipedclientset.Interface,
ns string, ns string,
supervisorScheme, supervisorAddress, supervisorCABundle string, supervisorScheme, supervisorAddress, supervisorCABundle string,
@ -452,8 +452,8 @@ func requireDeletingOIDCProviderConfigCausesDiscoveryEndpointsToDisappear(
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute) ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute)
defer cancel() defer cancel()
// Delete the OIDCProviderConfig. // Delete the OIDCProvider.
err := client.ConfigV1alpha1().OIDCProviderConfigs(ns).Delete(ctx, existingOIDCProviderConfig.Name, metav1.DeleteOptions{}) err := client.ConfigV1alpha1().OIDCProviders(ns).Delete(ctx, existingOIDCProvider.Name, metav1.DeleteOptions{})
require.NoError(t, err) require.NoError(t, err)
// Fetch that same discovery endpoint as before, but now it should not exist anymore. Give it some time for the endpoint to go away. // Fetch that same discovery endpoint as before, but now it should not exist anymore. Give it some time for the endpoint to go away.
@ -529,7 +529,7 @@ func requireSuccessEndpointResponse(t *testing.T, endpointURL, issuer, caBundle
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute) ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute)
defer cancel() defer cancel()
// Define a request to the new discovery endpoint which should have been created by an OIDCProviderConfig. // Define a request to the new discovery endpoint which should have been created by an OIDCProvider.
requestDiscoveryEndpoint, err := http.NewRequestWithContext( requestDiscoveryEndpoint, err := http.NewRequestWithContext(
ctx, ctx,
http.MethodGet, http.MethodGet,
@ -561,22 +561,22 @@ func requireSuccessEndpointResponse(t *testing.T, endpointURL, issuer, caBundle
return response, string(responseBody) return response, string(responseBody)
} }
func editOIDCProviderConfigIssuerName( func editOIDCProviderIssuerName(
t *testing.T, t *testing.T,
existingOIDCProviderConfig *v1alpha1.OIDCProviderConfig, existingOIDCProvider *v1alpha1.OIDCProvider,
client pinnipedclientset.Interface, client pinnipedclientset.Interface,
ns string, ns string,
newIssuerName string, newIssuerName string,
) *v1alpha1.OIDCProviderConfig { ) *v1alpha1.OIDCProvider {
t.Helper() t.Helper()
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute) ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute)
defer cancel() defer cancel()
mostRecentVersion, err := client.ConfigV1alpha1().OIDCProviderConfigs(ns).Get(ctx, existingOIDCProviderConfig.Name, metav1.GetOptions{}) mostRecentVersion, err := client.ConfigV1alpha1().OIDCProviders(ns).Get(ctx, existingOIDCProvider.Name, metav1.GetOptions{})
require.NoError(t, err) require.NoError(t, err)
mostRecentVersion.Spec.Issuer = newIssuerName mostRecentVersion.Spec.Issuer = newIssuerName
updated, err := client.ConfigV1alpha1().OIDCProviderConfigs(ns).Update(ctx, mostRecentVersion, metav1.UpdateOptions{}) updated, err := client.ConfigV1alpha1().OIDCProviders(ns).Update(ctx, mostRecentVersion, metav1.UpdateOptions{})
require.NoError(t, err) require.NoError(t, err)
return updated return updated
@ -587,19 +587,19 @@ func requireDelete(t *testing.T, client pinnipedclientset.Interface, ns, name st
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel() defer cancel()
err := client.ConfigV1alpha1().OIDCProviderConfigs(ns).Delete(ctx, name, metav1.DeleteOptions{}) err := client.ConfigV1alpha1().OIDCProviders(ns).Delete(ctx, name, metav1.DeleteOptions{})
require.NoError(t, err) require.NoError(t, err)
} }
func requireStatus(t *testing.T, client pinnipedclientset.Interface, ns, name string, status v1alpha1.OIDCProviderStatus) { func requireStatus(t *testing.T, client pinnipedclientset.Interface, ns, name string, status v1alpha1.OIDCProviderStatusCondition) {
t.Helper() t.Helper()
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel() defer cancel()
var opc *v1alpha1.OIDCProviderConfig var opc *v1alpha1.OIDCProvider
var err error var err error
assert.Eventually(t, func() bool { assert.Eventually(t, func() bool {
opc, err = client.ConfigV1alpha1().OIDCProviderConfigs(ns).Get(ctx, name, metav1.GetOptions{}) opc, err = client.ConfigV1alpha1().OIDCProviders(ns).Get(ctx, name, metav1.GetOptions{})
return err == nil && opc.Status.Status == status return err == nil && opc.Status.Status == status
}, 10*time.Second, 200*time.Millisecond) }, 10*time.Second, 200*time.Millisecond)
require.NoError(t, err) require.NoError(t, err)

View File

@ -30,12 +30,12 @@ func TestSupervisorOIDCKeys(t *testing.T) {
opc := library.CreateTestOIDCProvider(ctx, t, "", "") opc := library.CreateTestOIDCProvider(ctx, t, "", "")
// Ensure a secret is created with the OPC's JWKS. // Ensure a secret is created with the OPC's JWKS.
var updatedOPC *configv1alpha1.OIDCProviderConfig var updatedOPC *configv1alpha1.OIDCProvider
var err error var err error
assert.Eventually(t, func() bool { assert.Eventually(t, func() bool {
updatedOPC, err = supervisorClient. updatedOPC, err = supervisorClient.
ConfigV1alpha1(). ConfigV1alpha1().
OIDCProviderConfigs(env.SupervisorNamespace). OIDCProviders(env.SupervisorNamespace).
Get(ctx, opc.Name, metav1.GetOptions{}) Get(ctx, opc.Name, metav1.GetOptions{})
return err == nil && updatedOPC.Status.JWKSSecret.Name != "" return err == nil && updatedOPC.Status.JWKSSecret.Name != ""
}, time.Second*10, time.Millisecond*500) }, time.Second*10, time.Millisecond*500)

View File

@ -166,13 +166,13 @@ func CreateTestWebhookAuthenticator(ctx context.Context, t *testing.T) corev1.Ty
} }
} }
// CreateTestOIDCProvider creates and returns a test OIDCProviderConfig in // CreateTestOIDCProvider creates and returns a test OIDCProvider in
// $PINNIPED_TEST_SUPERVISOR_NAMESPACE, which will be automatically deleted at the end of the // $PINNIPED_TEST_SUPERVISOR_NAMESPACE, which will be automatically deleted at the end of the
// current test's lifetime. It generates a random, valid, issuer for the OIDCProviderConfig. // current test's lifetime. It generates a random, valid, issuer for the OIDCProvider.
// //
// If the provided issuer is not the empty string, then it will be used for the // If the provided issuer is not the empty string, then it will be used for the
// OIDCProviderConfig.Spec.Issuer field. Else, a random issuer will be generated. // OIDCProvider.Spec.Issuer field. Else, a random issuer will be generated.
func CreateTestOIDCProvider(ctx context.Context, t *testing.T, issuer, sniCertificateSecretName string) *configv1alpha1.OIDCProviderConfig { func CreateTestOIDCProvider(ctx context.Context, t *testing.T, issuer, sniCertificateSecretName string) *configv1alpha1.OIDCProvider {
t.Helper() t.Helper()
testEnv := IntegrationEnv(t) testEnv := IntegrationEnv(t)
@ -185,31 +185,31 @@ func CreateTestOIDCProvider(ctx context.Context, t *testing.T, issuer, sniCertif
require.NoError(t, err) require.NoError(t, err)
} }
opcs := NewSupervisorClientset(t).ConfigV1alpha1().OIDCProviderConfigs(testEnv.SupervisorNamespace) opcs := NewSupervisorClientset(t).ConfigV1alpha1().OIDCProviders(testEnv.SupervisorNamespace)
opc, err := opcs.Create(createContext, &configv1alpha1.OIDCProviderConfig{ opc, err := opcs.Create(createContext, &configv1alpha1.OIDCProvider{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
GenerateName: "test-oidc-provider-", GenerateName: "test-oidc-provider-",
Labels: map[string]string{"pinniped.dev/test": ""}, Labels: map[string]string{"pinniped.dev/test": ""},
Annotations: map[string]string{"pinniped.dev/testName": t.Name()}, Annotations: map[string]string{"pinniped.dev/testName": t.Name()},
}, },
Spec: configv1alpha1.OIDCProviderConfigSpec{ Spec: configv1alpha1.OIDCProviderSpec{
Issuer: issuer, Issuer: issuer,
SNICertificateSecretName: sniCertificateSecretName, SNICertificateSecretName: sniCertificateSecretName,
}, },
}, metav1.CreateOptions{}) }, metav1.CreateOptions{})
require.NoError(t, err, "could not create test OIDCProviderConfig") require.NoError(t, err, "could not create test OIDCProvider")
t.Logf("created test OIDCProviderConfig %s/%s", opc.Namespace, opc.Name) t.Logf("created test OIDCProvider %s/%s", opc.Namespace, opc.Name)
t.Cleanup(func() { t.Cleanup(func() {
t.Helper() t.Helper()
t.Logf("cleaning up test OIDCProviderConfig %s/%s", opc.Namespace, opc.Name) t.Logf("cleaning up test OIDCProvider %s/%s", opc.Namespace, opc.Name)
deleteCtx, cancel := context.WithTimeout(context.Background(), 5*time.Second) deleteCtx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel() defer cancel()
err := opcs.Delete(deleteCtx, opc.Name, metav1.DeleteOptions{}) err := opcs.Delete(deleteCtx, opc.Name, metav1.DeleteOptions{})
notFound := k8serrors.IsNotFound(err) notFound := k8serrors.IsNotFound(err)
// It's okay if it is not found, because it might have been deleted by another part of this test. // It's okay if it is not found, because it might have been deleted by another part of this test.
if !notFound { if !notFound {
require.NoErrorf(t, err, "could not cleanup test OIDCProviderConfig %s/%s", opc.Namespace, opc.Name) require.NoErrorf(t, err, "could not cleanup test OIDCProvider %s/%s", opc.Namespace, opc.Name)
} }
}) })