djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rename CredentialIssuerConfig to CredentialIssuer.

Browse Source 
Signed-off-by: Matt Moyer <moyerm@vmware.com>
This commit is contained in:
Matt Moyer 2020-11-02 15:39:43 -06:00
parent b13a8075e4
commit 59263ea733
No known key found for this signature in database
GPG Key ID: EAE88AD172C5AE2D
88 changed files with 2393 additions and 2406 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
apis/concierge/config/v1alpha1/register.go.tmpl
View File

@ -30,8 +30,8 @@ func init() {
// Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion,
&CredentialIssuerConfig{},
&CredentialIssuerConfigList{},
&CredentialIssuer{},
&CredentialIssuerList{},
)
metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil

21
apis/concierge/config/v1alpha1/types_credentialissuerconfig.go.tmpl → apis/concierge/config/v1alpha1/types_credentialissuer.go.tmpl
View File

@ -25,17 +25,17 @@ const (
)
// Status of a credential issuer.
type CredentialIssuerConfigStatus struct {
type CredentialIssuerStatus struct {
// List of integration strategies that were attempted by Pinniped.
Strategies []CredentialIssuerConfigStrategy `json:"strategies"`
Strategies []CredentialIssuerStrategy `json:"strategies"`
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
// +optional
KubeConfigInfo *CredentialIssuerConfigKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
}
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
type CredentialIssuerConfigKubeConfigInfo struct {
type CredentialIssuerKubeConfigInfo struct {
// The K8s API server URL.
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://|^http://`
@ -47,7 +47,7 @@ type CredentialIssuerConfigKubeConfigInfo struct {
}
// Status of an integration strategy that was attempted by Pinniped.
type CredentialIssuerConfigStrategy struct {
type CredentialIssuerStrategy struct {
// Type of integration attempted.
Type StrategyType `json:"type"`
@ -68,22 +68,21 @@ type CredentialIssuerConfigStrategy struct {
// Describes the configuration status of a Pinniped credential issuer.
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:resource:shortName=cic
type CredentialIssuerConfig struct {
type CredentialIssuer struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// Status of the credential issuer.
Status CredentialIssuerConfigStatus `json:"status"`
Status CredentialIssuerStatus `json:"status"`
}
// List of CredentialIssuerConfig objects.
// List of CredentialIssuer objects.
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type CredentialIssuerConfigList struct {
type CredentialIssuerList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []CredentialIssuerConfig `json:"items"`
Items []CredentialIssuer `json:"items"`
}

32
cmd/pinniped/cmd/get_kubeconfig.go
View File

@ -124,13 +124,13 @@ func (c *getKubeConfigCommand) run(cmd *cobra.Command, args []string) error {
}
}
credentialIssuerConfig, err := fetchPinnipedCredentialIssuerConfig(clientset, c.flags.namespace)
credentialIssuer, err := fetchPinnipedCredentialIssuer(clientset, c.flags.namespace)
if err != nil {
return err
}
if credentialIssuerConfig.Status.KubeConfigInfo == nil {
return constable.Error(`CredentialIssuerConfig "pinniped-config" was missing KubeConfigInfo`)
if credentialIssuer.Status.KubeConfigInfo == nil {
return constable.Error(`CredentialIssuer "pinniped-config" was missing KubeConfigInfo`)
}
v1Cluster, err := copyCurrentClusterFromExistingKubeConfig(currentKubeConfig, c.flags.contextOverride)
@ -138,7 +138,7 @@ func (c *getKubeConfigCommand) run(cmd *cobra.Command, args []string) error {
return err
}
err = issueWarningForNonMatchingServerOrCA(v1Cluster, credentialIssuerConfig, cmd.ErrOrStderr())
err = issueWarningForNonMatchingServerOrCA(v1Cluster, credentialIssuer, cmd.ErrOrStderr())
if err != nil {
return err
}
@ -153,14 +153,14 @@ func (c *getKubeConfigCommand) run(cmd *cobra.Command, args []string) error {
return nil
}
func issueWarningForNonMatchingServerOrCA(v1Cluster v1.Cluster, credentialIssuerConfig *configv1alpha1.CredentialIssuerConfig, warningsWriter io.Writer) error {
credentialIssuerConfigCA, err := base64.StdEncoding.DecodeString(credentialIssuerConfig.Status.KubeConfigInfo.CertificateAuthorityData)
func issueWarningForNonMatchingServerOrCA(v1Cluster v1.Cluster, credentialIssuer *configv1alpha1.CredentialIssuer, warningsWriter io.Writer) error {
credentialIssuerCA, err := base64.StdEncoding.DecodeString(credentialIssuer.Status.KubeConfigInfo.CertificateAuthorityData)
if err != nil {
return err
}
if v1Cluster.Server != credentialIssuerConfig.Status.KubeConfigInfo.Server ||
!bytes.Equal(v1Cluster.CertificateAuthorityData, credentialIssuerConfigCA) {
_, err := warningsWriter.Write([]byte("WARNING: Server and certificate authority did not match between local kubeconfig and Pinniped's CredentialIssuerConfig on the cluster. Using local kubeconfig values.\n"))
if v1Cluster.Server != credentialIssuer.Status.KubeConfigInfo.Server ||
!bytes.Equal(v1Cluster.CertificateAuthorityData, credentialIssuerCA) {
_, err := warningsWriter.Write([]byte("WARNING: Server and certificate authority did not match between local kubeconfig and Pinniped's CredentialIssuer on the cluster. Using local kubeconfig values.\n"))
if err != nil {
return fmt.Errorf("output write error: %w", err)
}
@ -207,31 +207,31 @@ func getDefaultAuthenticator(clientset pinnipedclientset.Interface, namespace st
return authenticators[0].authenticatorType, authenticators[0].authenticatorName, nil
}
func fetchPinnipedCredentialIssuerConfig(clientset pinnipedclientset.Interface, pinnipedInstallationNamespace string) (*configv1alpha1.CredentialIssuerConfig, error) {
func fetchPinnipedCredentialIssuer(clientset pinnipedclientset.Interface, pinnipedInstallationNamespace string) (*configv1alpha1.CredentialIssuer, error) {
ctx, cancelFunc := context.WithTimeout(context.Background(), time.Second*20)
defer cancelFunc()
credentialIssuerConfigs, err := clientset.ConfigV1alpha1().CredentialIssuerConfigs(pinnipedInstallationNamespace).List(ctx, metav1.ListOptions{})
credentialIssuers, err := clientset.ConfigV1alpha1().CredentialIssuers(pinnipedInstallationNamespace).List(ctx, metav1.ListOptions{})
if err != nil {
return nil, err
}
if len(credentialIssuerConfigs.Items) == 0 {
if len(credentialIssuers.Items) == 0 {
return nil, constable.Error(fmt.Sprintf(
`No CredentialIssuerConfig was found in namespace "%s". Is Pinniped installed on this cluster in namespace "%s"?`,
`No CredentialIssuer was found in namespace "%s". Is Pinniped installed on this cluster in namespace "%s"?`,
pinnipedInstallationNamespace,
pinnipedInstallationNamespace,
))
}
if len(credentialIssuerConfigs.Items) > 1 {
if len(credentialIssuers.Items) > 1 {
return nil, constable.Error(fmt.Sprintf(
`More than one CredentialIssuerConfig was found in namespace "%s"`,
`More than one CredentialIssuer was found in namespace "%s"`,
pinnipedInstallationNamespace,
))
}
return &credentialIssuerConfigs.Items[0], nil
return &credentialIssuers.Items[0], nil
}
func newClientConfig(kubeconfigPathOverride string, currentContextName string) clientcmd.ClientConfig {

54
cmd/pinniped/cmd/get_kubeconfig_test.go
View File

@ -170,18 +170,18 @@ func (e expectedKubeconfigYAML) String() string {
`, e.clusterCAData, e.clusterServer, e.command, e.pinnipedEndpoint, e.pinnipedCABundle, e.namespace, e.token, e.authenticatorType, e.authenticatorName)
}
func newCredentialIssuerConfig(name, namespace, server, certificateAuthorityData string) *configv1alpha1.CredentialIssuerConfig {
return &configv1alpha1.CredentialIssuerConfig{
func newCredentialIssuer(name, namespace, server, certificateAuthorityData string) *configv1alpha1.CredentialIssuer {
return &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{
Kind: "CredentialIssuerConfig",
Kind: "CredentialIssuer",
APIVersion: configv1alpha1.SchemeGroupVersion.String(),
},
ObjectMeta: metav1.ObjectMeta{
Name: name,
Namespace: namespace,
},
Status: configv1alpha1.CredentialIssuerConfigStatus{
KubeConfigInfo: &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{
Status: configv1alpha1.CredentialIssuerStatus{
KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: server,
CertificateAuthorityData: base64.StdEncoding.EncodeToString([]byte(certificateAuthorityData)),
},
@ -264,59 +264,59 @@ func TestRun(t *testing.T) {
wantError: `multiple authenticators were found in namespace "test-namespace", so --authenticator-name/--authenticator-type must be specified`,
},
{
name: "fail to get CredentialIssuerConfigs",
name: "fail to get CredentialIssuers",
mocks: func(cmd *getKubeConfigCommand) {
clientset := pinnipedfake.NewSimpleClientset()
clientset.PrependReactor("*", "*", func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, fmt.Errorf("some error getting CredentialIssuerConfigs")
return true, nil, fmt.Errorf("some error getting CredentialIssuers")
})
cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) {
return clientset, nil
}
},
wantError: "some error getting CredentialIssuerConfigs",
wantError: "some error getting CredentialIssuers",
},
{
name: "zero CredentialIssuerConfigs found",
name: "zero CredentialIssuers found",
mocks: func(cmd *getKubeConfigCommand) {
cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) {
return pinnipedfake.NewSimpleClientset(
newCredentialIssuerConfig("pinniped-config-1", "not-the-test-namespace", "", ""),
newCredentialIssuer("pinniped-config-1", "not-the-test-namespace", "", ""),
), nil
}
},
wantError: `No CredentialIssuerConfig was found in namespace "test-namespace". Is Pinniped installed on this cluster in namespace "test-namespace"?`,
wantError: `No CredentialIssuer was found in namespace "test-namespace". Is Pinniped installed on this cluster in namespace "test-namespace"?`,
},
{
name: "multiple CredentialIssuerConfigs found",
name: "multiple CredentialIssuers found",
mocks: func(cmd *getKubeConfigCommand) {
cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) {
return pinnipedfake.NewSimpleClientset(
newCredentialIssuerConfig("pinniped-config-1", "test-namespace", "", ""),
newCredentialIssuerConfig("pinniped-config-2", "test-namespace", "", ""),
newCredentialIssuer("pinniped-config-1", "test-namespace", "", ""),
newCredentialIssuer("pinniped-config-2", "test-namespace", "", ""),
), nil
}
},
wantError: `More than one CredentialIssuerConfig was found in namespace "test-namespace"`,
wantError: `More than one CredentialIssuer was found in namespace "test-namespace"`,
},
{
name: "CredentialIssuerConfig missing KubeConfigInfo",
name: "CredentialIssuer missing KubeConfigInfo",
mocks: func(cmd *getKubeConfigCommand) {
cic := newCredentialIssuerConfig("pinniped-config", "test-namespace", "", "")
cic.Status.KubeConfigInfo = nil
ci := newCredentialIssuer("pinniped-config", "test-namespace", "", "")
ci.Status.KubeConfigInfo = nil
cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) {
return pinnipedfake.NewSimpleClientset(cic), nil
return pinnipedfake.NewSimpleClientset(ci), nil
}
},
wantError: `CredentialIssuerConfig "pinniped-config" was missing KubeConfigInfo`,
wantError: `CredentialIssuer "pinniped-config" was missing KubeConfigInfo`,
},
{
name: "KubeConfigInfo has invalid base64",
mocks: func(cmd *getKubeConfigCommand) {
cic := newCredentialIssuerConfig("pinniped-config", "test-namespace", "https://example.com", "")
cic.Status.KubeConfigInfo.CertificateAuthorityData = "invalid-base64-test-ca"
ci := newCredentialIssuer("pinniped-config", "test-namespace", "https://example.com", "")
ci.Status.KubeConfigInfo.CertificateAuthorityData = "invalid-base64-test-ca"
cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) {
return pinnipedfake.NewSimpleClientset(cic), nil
return pinnipedfake.NewSimpleClientset(ci), nil
}
},
wantError: `illegal base64 data at input byte 7`,
@ -324,9 +324,9 @@ func TestRun(t *testing.T) {
{
name: "success using remote CA data",
mocks: func(cmd *getKubeConfigCommand) {
cic := newCredentialIssuerConfig("pinniped-config", "test-namespace", "https://fake-server-url-value", "fake-certificate-authority-data-value")
ci := newCredentialIssuer("pinniped-config", "test-namespace", "https://fake-server-url-value", "fake-certificate-authority-data-value")
cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) {
return pinnipedfake.NewSimpleClientset(cic), nil
return pinnipedfake.NewSimpleClientset(ci), nil
}
},
wantStdout: expectedKubeconfigYAML{
@ -350,11 +350,11 @@ func TestRun(t *testing.T) {
cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) {
return pinnipedfake.NewSimpleClientset(
&authv1alpha.WebhookAuthenticator{ObjectMeta: metav1.ObjectMeta{Namespace: "test-namespace", Name: "discovered-authenticator"}},
newCredentialIssuerConfig("pinniped-config", "test-namespace", "https://example.com", "test-ca"),
newCredentialIssuer("pinniped-config", "test-namespace", "https://example.com", "test-ca"),
), nil
}
},
wantStderr: `WARNING: Server and certificate authority did not match between local kubeconfig and Pinniped's CredentialIssuerConfig on the cluster. Using local kubeconfig values.`,
wantStderr: `WARNING: Server and certificate authority did not match between local kubeconfig and Pinniped's CredentialIssuer on the cluster. Using local kubeconfig values.`,
wantStdout: expectedKubeconfigYAML{
clusterCAData: "ZmFrZS1jZXJ0aWZpY2F0ZS1hdXRob3JpdHktZGF0YS12YWx1ZQ==",
clusterServer: "https://fake-server-url-value",

12
generated/1.17/crds/config.concierge.pinniped.dev_credentialissuerconfigs.yaml → deploy/concierge/config.concierge.pinniped.dev_credentialissuers.yaml
View File

@ -6,16 +6,14 @@ metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.0
creationTimestamp: null
name: credentialissuerconfigs.config.concierge.pinniped.dev
name: credentialissuers.config.concierge.pinniped.dev
spec:
group: config.concierge.pinniped.dev
names:
kind: CredentialIssuerConfig
listKind: CredentialIssuerConfigList
plural: credentialissuerconfigs
shortNames:
- cic
singular: credentialissuerconfig
kind: CredentialIssuer
listKind: CredentialIssuerList
plural: credentialissuers
singular: credentialissuer
scope: Namespaced
versions:
- name: v1alpha1

2
deploy/concierge/deployment.yaml
View File

@ -39,7 +39,7 @@ data:
renewBeforeSeconds: (@= str(data.values.api_serving_certificate_renew_before_seconds) @)
names:
servingCertificateSecret: (@= defaultResourceNameWithSuffix("api-tls-serving-certificate") @)
credentialIssuerConfig: (@= defaultResourceNameWithSuffix("config") @)
credentialIssuer: (@= defaultResourceNameWithSuffix("config") @)
apiService: (@= defaultResourceNameWithSuffix("api") @)
labels: (@= json.encode(labels()).rstrip() @)
kubeCertAgent:

2
deploy/concierge/z0_crd_overlay.yaml
View File

@ -4,7 +4,7 @@
#@ load("@ytt:overlay", "overlay")
#@ load("helpers.lib.yaml", "labels")
#@overlay/match by=overlay.subset({"kind": "CustomResourceDefinition", "metadata":{"name":"credentialissuerconfigs.config.concierge.pinniped.dev"}}), expects=1
#@overlay/match by=overlay.subset({"kind": "CustomResourceDefinition", "metadata":{"name":"credentialissuers.config.concierge.pinniped.dev"}}), expects=1
---
metadata:
#@overlay/match missing_ok=True

30
generated/1.17/README.adoc generated
View File

@ -131,14 +131,14 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfig"]
==== CredentialIssuerConfig
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuer"]
==== CredentialIssuer
.Appears In:
****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfiglist[$$CredentialIssuerConfigList$$]
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$]
****
[cols="25a,75a", options="header"]
@ -146,18 +146,18 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
| Field | Description
| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`.
| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$]__ | Status of the credential issuer.
| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | Status of the credential issuer.
|===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfigkubeconfiginfo"]
==== CredentialIssuerConfigKubeConfigInfo
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"]
==== CredentialIssuerKubeConfigInfo
.Appears In:
****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$]
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]
****
[cols="25a,75a", options="header"]
@ -170,32 +170,32 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfigstatus"]
==== CredentialIssuerConfigStatus
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerstatus"]
==== CredentialIssuerStatus
Status of a credential issuer.
.Appears In:
****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfig[$$CredentialIssuerConfig$$]
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$]
****
[cols="25a,75a", options="header"]
|===
| Field | Description
| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfigstrategy[$$CredentialIssuerConfigStrategy$$] array__ | List of integration strategies that were attempted by Pinniped.
| *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfigkubeconfiginfo[$$CredentialIssuerConfigKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped.
| *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
|===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfigstrategy"]
==== CredentialIssuerConfigStrategy
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerstrategy"]
==== CredentialIssuerStrategy
.Appears In:
****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$]
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]
****
[cols="25a,75a", options="header"]

4
generated/1.17/apis/concierge/config/v1alpha1/register.go generated
View File

@ -30,8 +30,8 @@ func init() {
// Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion,
&CredentialIssuerConfig{},
&CredentialIssuerConfigList{},
&CredentialIssuer{},
&CredentialIssuerList{},
)
metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil

21
generated/1.18/apis/concierge/config/v1alpha1/types_credentialissuerconfig.go → generated/1.17/apis/concierge/config/v1alpha1/types_credentialissuer.go generated
View File

@ -25,17 +25,17 @@ const (
)
// Status of a credential issuer.
type CredentialIssuerConfigStatus struct {
type CredentialIssuerStatus struct {
// List of integration strategies that were attempted by Pinniped.
Strategies []CredentialIssuerConfigStrategy `json:"strategies"`
Strategies []CredentialIssuerStrategy `json:"strategies"`
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
// +optional
KubeConfigInfo *CredentialIssuerConfigKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
}
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
type CredentialIssuerConfigKubeConfigInfo struct {
type CredentialIssuerKubeConfigInfo struct {
// The K8s API server URL.
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://|^http://`
@ -47,7 +47,7 @@ type CredentialIssuerConfigKubeConfigInfo struct {
}
// Status of an integration strategy that was attempted by Pinniped.
type CredentialIssuerConfigStrategy struct {
type CredentialIssuerStrategy struct {
// Type of integration attempted.
Type StrategyType `json:"type"`
@ -68,22 +68,21 @@ type CredentialIssuerConfigStrategy struct {
// Describes the configuration status of a Pinniped credential issuer.
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:resource:shortName=cic
type CredentialIssuerConfig struct {
type CredentialIssuer struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// Status of the credential issuer.
Status CredentialIssuerConfigStatus `json:"status"`
Status CredentialIssuerStatus `json:"status"`
}
// List of CredentialIssuerConfig objects.
// List of CredentialIssuer objects.
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type CredentialIssuerConfigList struct {
type CredentialIssuerList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []CredentialIssuerConfig `json:"items"`
Items []CredentialIssuer `json:"items"`
}

50
generated/1.17/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go generated
View File

@ -12,7 +12,7 @@ import (
)
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfig) DeepCopyInto(out *CredentialIssuerConfig) {
func (in *CredentialIssuer) DeepCopyInto(out *CredentialIssuer) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
@ -20,18 +20,18 @@ func (in *CredentialIssuerConfig) DeepCopyInto(out *CredentialIssuerConfig) {
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfig.
func (in *CredentialIssuerConfig) DeepCopy() *CredentialIssuerConfig {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuer.
func (in *CredentialIssuer) DeepCopy() *CredentialIssuer {
if in == nil {
return nil
}
out := new(CredentialIssuerConfig)
out := new(CredentialIssuer)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *CredentialIssuerConfig) DeepCopyObject() runtime.Object {
func (in *CredentialIssuer) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
@ -39,29 +39,29 @@ func (in *CredentialIssuerConfig) DeepCopyObject() runtime.Object {
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopyInto(out *CredentialIssuerConfigKubeConfigInfo) {
func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigKubeConfigInfo.
func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopy() *CredentialIssuerConfigKubeConfigInfo {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerKubeConfigInfo.
func (in *CredentialIssuerKubeConfigInfo) DeepCopy() *CredentialIssuerKubeConfigInfo {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigKubeConfigInfo)
out := new(CredentialIssuerKubeConfigInfo)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigList) DeepCopyInto(out *CredentialIssuerConfigList) {
func (in *CredentialIssuerList) DeepCopyInto(out *CredentialIssuerList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]CredentialIssuerConfig, len(*in))
*out = make([]CredentialIssuer, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
@ -69,18 +69,18 @@ func (in *CredentialIssuerConfigList) DeepCopyInto(out *CredentialIssuerConfigLi
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigList.
func (in *CredentialIssuerConfigList) DeepCopy() *CredentialIssuerConfigList {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerList.
func (in *CredentialIssuerList) DeepCopy() *CredentialIssuerList {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigList)
out := new(CredentialIssuerList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *CredentialIssuerConfigList) DeepCopyObject() runtime.Object {
func (in *CredentialIssuerList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
@ -88,46 +88,46 @@ func (in *CredentialIssuerConfigList) DeepCopyObject() runtime.Object {
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigStatus) DeepCopyInto(out *CredentialIssuerConfigStatus) {
func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) {
*out = *in
if in.Strategies != nil {
in, out := &in.Strategies, &out.Strategies
*out = make([]CredentialIssuerConfigStrategy, len(*in))
*out = make([]CredentialIssuerStrategy, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
if in.KubeConfigInfo != nil {
in, out := &in.KubeConfigInfo, &out.KubeConfigInfo
*out = new(CredentialIssuerConfigKubeConfigInfo)
*out = new(CredentialIssuerKubeConfigInfo)
**out = **in
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStatus.
func (in *CredentialIssuerConfigStatus) DeepCopy() *CredentialIssuerConfigStatus {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStatus.
func (in *CredentialIssuerStatus) DeepCopy() *CredentialIssuerStatus {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigStatus)
out := new(CredentialIssuerStatus)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigStrategy) DeepCopyInto(out *CredentialIssuerConfigStrategy) {
func (in *CredentialIssuerStrategy) DeepCopyInto(out *CredentialIssuerStrategy) {
*out = *in
in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStrategy.
func (in *CredentialIssuerConfigStrategy) DeepCopy() *CredentialIssuerConfigStrategy {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStrategy.
func (in *CredentialIssuerStrategy) DeepCopy() *CredentialIssuerStrategy {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigStrategy)
out := new(CredentialIssuerStrategy)
in.DeepCopyInto(out)
return out
}

6
generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go generated
View File

@ -13,7 +13,7 @@ import (
type ConfigV1alpha1Interface interface {
RESTClient() rest.Interface
CredentialIssuerConfigsGetter
CredentialIssuersGetter
}
// ConfigV1alpha1Client is used to interact with features provided by the config.concierge.pinniped.dev group.
@ -21,8 +21,8 @@ type ConfigV1alpha1Client struct {
restClient rest.Interface
}
func (c *ConfigV1alpha1Client) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface {
return newCredentialIssuerConfigs(c, namespace)
func (c *ConfigV1alpha1Client) CredentialIssuers(namespace string) CredentialIssuerInterface {
return newCredentialIssuers(c, namespace)
}
// NewForConfig creates a new ConfigV1alpha1Client for the given config.

178
generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go generated Normal file
View File

@ -0,0 +1,178 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"time"
v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.17/client/concierge/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// CredentialIssuersGetter has a method to return a CredentialIssuerInterface.
// A group's client should implement this interface.
type CredentialIssuersGetter interface {
CredentialIssuers(namespace string) CredentialIssuerInterface
}
// CredentialIssuerInterface has methods to work with CredentialIssuer resources.
type CredentialIssuerInterface interface {
Create(*v1alpha1.CredentialIssuer) (*v1alpha1.CredentialIssuer, error)
Update(*v1alpha1.CredentialIssuer) (*v1alpha1.CredentialIssuer, error)
UpdateStatus(*v1alpha1.CredentialIssuer) (*v1alpha1.CredentialIssuer, error)
Delete(name string, options *v1.DeleteOptions) error
DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
Get(name string, options v1.GetOptions) (*v1alpha1.CredentialIssuer, error)
List(opts v1.ListOptions) (*v1alpha1.CredentialIssuerList, error)
Watch(opts v1.ListOptions) (watch.Interface, error)
Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CredentialIssuer, err error)
CredentialIssuerExpansion
}
// credentialIssuers implements CredentialIssuerInterface
type credentialIssuers struct {
client rest.Interface
ns string
}
// newCredentialIssuers returns a CredentialIssuers
func newCredentialIssuers(c *ConfigV1alpha1Client, namespace string) *credentialIssuers {
return &credentialIssuers{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any.
func (c *credentialIssuers) Get(name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do().
Into(result)
return
}
// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors.
func (c *credentialIssuers) List(opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.CredentialIssuerList{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do().
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested credentialIssuers.
func (c *credentialIssuers) Watch(opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch()
}
// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *credentialIssuers) Create(credentialIssuer *v1alpha1.CredentialIssuer) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Post().
Namespace(c.ns).
Resource("credentialissuers").
Body(credentialIssuer).
Do().
Into(result)
return
}
// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *credentialIssuers) Update(credentialIssuer *v1alpha1.CredentialIssuer) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuers").
Name(credentialIssuer.Name).
Body(credentialIssuer).
Do().
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *credentialIssuers) UpdateStatus(credentialIssuer *v1alpha1.CredentialIssuer) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuers").
Name(credentialIssuer.Name).
SubResource("status").
Body(credentialIssuer).
Do().
Into(result)
return
}
// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs.
func (c *credentialIssuers) Delete(name string, options *v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuers").
Name(name).
Body(options).
Do().
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *credentialIssuers) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
var timeout time.Duration
if listOptions.TimeoutSeconds != nil {
timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&listOptions, scheme.ParameterCodec).
Timeout(timeout).
Body(options).
Do().
Error()
}
// Patch applies the patch and returns the patched credentialIssuer.
func (c *credentialIssuers) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("credentialissuers").
SubResource(subresources...).
Name(name).
Body(data).
Do().
Into(result)
return
}

178
generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuerconfig.go generated
View File

@ -1,178 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"time"
v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.17/client/concierge/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// CredentialIssuerConfigsGetter has a method to return a CredentialIssuerConfigInterface.
// A group's client should implement this interface.
type CredentialIssuerConfigsGetter interface {
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface
}
// CredentialIssuerConfigInterface has methods to work with CredentialIssuerConfig resources.
type CredentialIssuerConfigInterface interface {
Create(*v1alpha1.CredentialIssuerConfig) (*v1alpha1.CredentialIssuerConfig, error)
Update(*v1alpha1.CredentialIssuerConfig) (*v1alpha1.CredentialIssuerConfig, error)
UpdateStatus(*v1alpha1.CredentialIssuerConfig) (*v1alpha1.CredentialIssuerConfig, error)
Delete(name string, options *v1.DeleteOptions) error
DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
Get(name string, options v1.GetOptions) (*v1alpha1.CredentialIssuerConfig, error)
List(opts v1.ListOptions) (*v1alpha1.CredentialIssuerConfigList, error)
Watch(opts v1.ListOptions) (watch.Interface, error)
Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error)
CredentialIssuerConfigExpansion
}
// credentialIssuerConfigs implements CredentialIssuerConfigInterface
type credentialIssuerConfigs struct {
client rest.Interface
ns string
}
// newCredentialIssuerConfigs returns a CredentialIssuerConfigs
func newCredentialIssuerConfigs(c *ConfigV1alpha1Client, namespace string) *credentialIssuerConfigs {
return &credentialIssuerConfigs{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *credentialIssuerConfigs) Get(name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do().
Into(result)
return
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *credentialIssuerConfigs) List(opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.CredentialIssuerConfigList{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do().
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *credentialIssuerConfigs) Watch(opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch()
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Create(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Post().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Body(credentialIssuerConfig).
Do().
Into(result)
return
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Update(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
Body(credentialIssuerConfig).
Do().
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *credentialIssuerConfigs) UpdateStatus(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
SubResource("status").
Body(credentialIssuerConfig).
Do().
Into(result)
return
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *credentialIssuerConfigs) Delete(name string, options *v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
Body(options).
Do().
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *credentialIssuerConfigs) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
var timeout time.Duration
if listOptions.TimeoutSeconds != nil {
timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&listOptions, scheme.ParameterCodec).
Timeout(timeout).
Body(options).
Do().
Error()
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *credentialIssuerConfigs) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("credentialissuerconfigs").
SubResource(subresources...).
Name(name).
Body(data).
Do().
Into(result)
return
}

4
generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go generated
View File

@ -15,8 +15,8 @@ type FakeConfigV1alpha1 struct {
*testing.Fake
}
func (c *FakeConfigV1alpha1) CredentialIssuerConfigs(namespace string) v1alpha1.CredentialIssuerConfigInterface {
return &FakeCredentialIssuerConfigs{c, namespace}
func (c *FakeConfigV1alpha1) CredentialIssuers(namespace string) v1alpha1.CredentialIssuerInterface {
return &FakeCredentialIssuers{c, namespace}
}
// RESTClient returns a RESTClient that is used to communicate

127
generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go generated Normal file
View File

@ -0,0 +1,127 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeCredentialIssuers implements CredentialIssuerInterface
type FakeCredentialIssuers struct {
Fake *FakeConfigV1alpha1
ns string
}
var credentialissuersResource = schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuers"}
var credentialissuersKind = schema.GroupVersionKind{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuer"}
// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any.
func (c *FakeCredentialIssuers) Get(name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(credentialissuersResource, c.ns, name), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors.
func (c *FakeCredentialIssuers) List(opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(credentialissuersResource, credentialissuersKind, c.ns, opts), &v1alpha1.CredentialIssuerList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.CredentialIssuerList{ListMeta: obj.(*v1alpha1.CredentialIssuerList).ListMeta}
for _, item := range obj.(*v1alpha1.CredentialIssuerList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested credentialIssuers.
func (c *FakeCredentialIssuers) Watch(opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(credentialissuersResource, c.ns, opts))
}
// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *FakeCredentialIssuers) Create(credentialIssuer *v1alpha1.CredentialIssuer) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(credentialissuersResource, c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *FakeCredentialIssuers) Update(credentialIssuer *v1alpha1.CredentialIssuer) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(credentialissuersResource, c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeCredentialIssuers) UpdateStatus(credentialIssuer *v1alpha1.CredentialIssuer) (*v1alpha1.CredentialIssuer, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(credentialissuersResource, "status", c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs.
func (c *FakeCredentialIssuers) Delete(name string, options *v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(credentialissuersResource, c.ns, name), &v1alpha1.CredentialIssuer{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeCredentialIssuers) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(credentialissuersResource, c.ns, listOptions)
_, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerList{})
return err
}
// Patch applies the patch and returns the patched credentialIssuer.
func (c *FakeCredentialIssuers) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(credentialissuersResource, c.ns, name, pt, data, subresources...), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}

127
generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuerconfig.go generated
View File

@ -1,127 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeCredentialIssuerConfigs implements CredentialIssuerConfigInterface
type FakeCredentialIssuerConfigs struct {
Fake *FakeConfigV1alpha1
ns string
}
var credentialissuerconfigsResource = schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuerconfigs"}
var credentialissuerconfigsKind = schema.GroupVersionKind{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuerConfig"}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *FakeCredentialIssuerConfigs) Get(name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *FakeCredentialIssuerConfigs) List(opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(credentialissuerconfigsResource, credentialissuerconfigsKind, c.ns, opts), &v1alpha1.CredentialIssuerConfigList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.CredentialIssuerConfigList{ListMeta: obj.(*v1alpha1.CredentialIssuerConfigList).ListMeta}
for _, item := range obj.(*v1alpha1.CredentialIssuerConfigList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *FakeCredentialIssuerConfigs) Watch(opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(credentialissuerconfigsResource, c.ns, opts))
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Create(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Update(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeCredentialIssuerConfigs) UpdateStatus(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (*v1alpha1.CredentialIssuerConfig, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(credentialissuerconfigsResource, "status", c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *FakeCredentialIssuerConfigs) Delete(name string, options *v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeCredentialIssuerConfigs) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(credentialissuerconfigsResource, c.ns, listOptions)
_, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerConfigList{})
return err
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *FakeCredentialIssuerConfigs) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(credentialissuerconfigsResource, c.ns, name, pt, data, subresources...), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}

2
generated/1.17/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go generated
View File

@ -5,4 +5,4 @@
package v1alpha1
type CredentialIssuerConfigExpansion interface{}
type CredentialIssuerExpansion interface{}

76
generated/1.17/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go generated Normal file
View File

@ -0,0 +1,76 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.17/client/concierge/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.17/client/concierge/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.17/client/concierge/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// CredentialIssuerInformer provides access to a shared informer and lister for
// CredentialIssuers.
type CredentialIssuerInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.CredentialIssuerLister
}
type credentialIssuerInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewCredentialIssuerInformer constructs a new informer for CredentialIssuer type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewCredentialIssuerInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredCredentialIssuerInformer constructs a new informer for CredentialIssuer type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredCredentialIssuerInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuers(namespace).List(options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuers(namespace).Watch(options)
},
},
&configv1alpha1.CredentialIssuer{},
resyncPeriod,
indexers,
)
}
func (f *credentialIssuerInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *credentialIssuerInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.CredentialIssuer{}, f.defaultInformer)
}
func (f *credentialIssuerInformer) Lister() v1alpha1.CredentialIssuerLister {
return v1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer())
}

76
generated/1.17/client/concierge/informers/externalversions/config/v1alpha1/credentialissuerconfig.go generated
View File

@ -1,76 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.17/client/concierge/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.17/client/concierge/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.17/client/concierge/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigInformer provides access to a shared informer and lister for
// CredentialIssuerConfigs.
type CredentialIssuerConfigInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.CredentialIssuerConfigLister
}
type credentialIssuerConfigInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuerConfigs(namespace).List(options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuerConfigs(namespace).Watch(options)
},
},
&configv1alpha1.CredentialIssuerConfig{},
resyncPeriod,
indexers,
)
}
func (f *credentialIssuerConfigInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *credentialIssuerConfigInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.CredentialIssuerConfig{}, f.defaultInformer)
}
func (f *credentialIssuerConfigInformer) Lister() v1alpha1.CredentialIssuerConfigLister {
return v1alpha1.NewCredentialIssuerConfigLister(f.Informer().GetIndexer())
}

10
generated/1.17/client/concierge/informers/externalversions/config/v1alpha1/interface.go generated
View File

@ -11,8 +11,8 @@ import (
// Interface provides access to all the informers in this group version.
type Interface interface {
// CredentialIssuerConfigs returns a CredentialIssuerConfigInformer.
CredentialIssuerConfigs() CredentialIssuerConfigInformer
// CredentialIssuers returns a CredentialIssuerInformer.
CredentialIssuers() CredentialIssuerInformer
}
type version struct {
@ -26,7 +26,7 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
}
// CredentialIssuerConfigs returns a CredentialIssuerConfigInformer.
func (v *version) CredentialIssuerConfigs() CredentialIssuerConfigInformer {
return &credentialIssuerConfigInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
// CredentialIssuers returns a CredentialIssuerInformer.
func (v *version) CredentialIssuers() CredentialIssuerInformer {
return &credentialIssuerInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
}

4
generated/1.17/client/concierge/informers/externalversions/generic.go generated
View File

@ -46,8 +46,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil
// Group=config.concierge.pinniped.dev, Version=v1alpha1
case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuerconfigs"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuerConfigs().Informer()}, nil
case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuers"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuers().Informer()}, nil
// Group=login.concierge.pinniped.dev, Version=v1alpha1
case loginv1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests"):

81
generated/1.17/client/concierge/listers/config/v1alpha1/credentialissuer.go generated Normal file
View File

@ -0,0 +1,81 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// CredentialIssuerLister helps list CredentialIssuers.
type CredentialIssuerLister interface {
// List lists all CredentialIssuers in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error)
// CredentialIssuers returns an object that can list and get CredentialIssuers.
CredentialIssuers(namespace string) CredentialIssuerNamespaceLister
CredentialIssuerListerExpansion
}
// credentialIssuerLister implements the CredentialIssuerLister interface.
type credentialIssuerLister struct {
indexer cache.Indexer
}
// NewCredentialIssuerLister returns a new CredentialIssuerLister.
func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister {
return &credentialIssuerLister{indexer: indexer}
}
// List lists all CredentialIssuers in the indexer.
func (s *credentialIssuerLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuer))
})
return ret, err
}
// CredentialIssuers returns an object that can list and get CredentialIssuers.
func (s *credentialIssuerLister) CredentialIssuers(namespace string) CredentialIssuerNamespaceLister {
return credentialIssuerNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// CredentialIssuerNamespaceLister helps list and get CredentialIssuers.
type CredentialIssuerNamespaceLister interface {
// List lists all CredentialIssuers in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error)
// Get retrieves the CredentialIssuer from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.CredentialIssuer, error)
CredentialIssuerNamespaceListerExpansion
}
// credentialIssuerNamespaceLister implements the CredentialIssuerNamespaceLister
// interface.
type credentialIssuerNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all CredentialIssuers in the indexer for a given namespace.
func (s credentialIssuerNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuer))
})
return ret, err
}
// Get retrieves the CredentialIssuer from the indexer for a given namespace and name.
func (s credentialIssuerNamespaceLister) Get(name string) (*v1alpha1.CredentialIssuer, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuer"), name)
}
return obj.(*v1alpha1.CredentialIssuer), nil
}

81
generated/1.17/client/concierge/listers/config/v1alpha1/credentialissuerconfig.go generated
View File

@ -1,81 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigLister helps list CredentialIssuerConfigs.
type CredentialIssuerConfigLister interface {
// List lists all CredentialIssuerConfigs in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister
CredentialIssuerConfigListerExpansion
}
// credentialIssuerConfigLister implements the CredentialIssuerConfigLister interface.
type credentialIssuerConfigLister struct {
indexer cache.Indexer
}
// NewCredentialIssuerConfigLister returns a new CredentialIssuerConfigLister.
func NewCredentialIssuerConfigLister(indexer cache.Indexer) CredentialIssuerConfigLister {
return &credentialIssuerConfigLister{indexer: indexer}
}
// List lists all CredentialIssuerConfigs in the indexer.
func (s *credentialIssuerConfigLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
func (s *credentialIssuerConfigLister) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister {
return credentialIssuerConfigNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// CredentialIssuerConfigNamespaceLister helps list and get CredentialIssuerConfigs.
type CredentialIssuerConfigNamespaceLister interface {
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.CredentialIssuerConfig, error)
CredentialIssuerConfigNamespaceListerExpansion
}
// credentialIssuerConfigNamespaceLister implements the CredentialIssuerConfigNamespaceLister
// interface.
type credentialIssuerConfigNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
func (s credentialIssuerConfigNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
func (s credentialIssuerConfigNamespaceLister) Get(name string) (*v1alpha1.CredentialIssuerConfig, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuerconfig"), name)
}
return obj.(*v1alpha1.CredentialIssuerConfig), nil
}

12
generated/1.17/client/concierge/listers/config/v1alpha1/expansion_generated.go generated
View File

@ -5,10 +5,10 @@
package v1alpha1
// CredentialIssuerConfigListerExpansion allows custom methods to be added to
// CredentialIssuerConfigLister.
type CredentialIssuerConfigListerExpansion interface{}
// CredentialIssuerListerExpansion allows custom methods to be added to
// CredentialIssuerLister.
type CredentialIssuerListerExpansion interface{}
// CredentialIssuerConfigNamespaceListerExpansion allows custom methods to be added to
// CredentialIssuerConfigNamespaceLister.
type CredentialIssuerConfigNamespaceListerExpansion interface{}
// CredentialIssuerNamespaceListerExpansion allows custom methods to be added to
// CredentialIssuerNamespaceLister.
type CredentialIssuerNamespaceListerExpansion interface{}

158
generated/1.17/client/concierge/openapi/zz_generated.openapi.go generated
View File

@ -17,73 +17,73 @@ import (
func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition {
return map[string]common.OpenAPIDefinition{
"go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.Condition": schema_apis_concierge_authentication_v1alpha1_Condition(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.TLSSpec": schema_apis_concierge_authentication_v1alpha1_TLSSpec(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticator": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticator(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorList": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfig": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigList": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStrategy(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ExportOptions": schema_pkg_apis_meta_v1_ExportOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref),
"k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref),
"k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref),
"k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref),
"k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.Condition": schema_apis_concierge_authentication_v1alpha1_Condition(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.TLSSpec": schema_apis_concierge_authentication_v1alpha1_TLSSpec(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticator": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticator(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorList": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuer": schema_apis_concierge_config_v1alpha1_CredentialIssuer(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo": schema_apis_concierge_config_v1alpha1_CredentialIssuerKubeConfigInfo(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerList": schema_apis_concierge_config_v1alpha1_CredentialIssuerList(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerStatus": schema_apis_concierge_config_v1alpha1_CredentialIssuerStatus(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerStrategy": schema_apis_concierge_config_v1alpha1_CredentialIssuerStrategy(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ExportOptions": schema_pkg_apis_meta_v1_ExportOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref),
"k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref),
"k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref),
"k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref),
"k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref),
}
}
@ -325,7 +325,7 @@ func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(re
}
}
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.ReferenceCallback) common.OpenAPIDefinition {
func schema_apis_concierge_config_v1alpha1_CredentialIssuer(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
@ -353,7 +353,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.Ref
"status": {
SchemaProps: spec.SchemaProps{
Description: "Status of the credential issuer.",
Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus"),
Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerStatus"),
},
},
},
@ -361,11 +361,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.Ref
},
},
Dependencies: []string{
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
}
}
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref common.ReferenceCallback) common.OpenAPIDefinition {
func schema_apis_concierge_config_v1alpha1_CredentialIssuerKubeConfigInfo(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
@ -393,7 +393,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(
}
}
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common.ReferenceCallback) common.OpenAPIDefinition {
func schema_apis_concierge_config_v1alpha1_CredentialIssuerList(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
@ -424,7 +424,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common
Items: &spec.SchemaOrArray{
Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{
Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfig"),
Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuer"),
},
},
},
@ -435,11 +435,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common
},
},
Dependencies: []string{
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfig", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuer", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
}
}
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
func schema_apis_concierge_config_v1alpha1_CredentialIssuerStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
@ -453,7 +453,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
Items: &spec.SchemaOrArray{
Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{
Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy"),
Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerStrategy"),
},
},
},
@ -462,7 +462,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
"kubeConfigInfo": {
SchemaProps: spec.SchemaProps{
Description: "Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.",
Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo"),
Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo"),
},
},
},
@ -470,11 +470,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
},
},
Dependencies: []string{
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo", "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy"},
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo", "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerStrategy"},
}
}
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStrategy(ref common.ReferenceCallback) common.OpenAPIDefinition {
func schema_apis_concierge_config_v1alpha1_CredentialIssuerStrategy(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{

12
deploy/concierge/config.concierge.pinniped.dev_credentialissuerconfigs.yaml → generated/1.17/crds/config.concierge.pinniped.dev_credentialissuers.yaml generated
View File

@ -6,16 +6,14 @@ metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.0
creationTimestamp: null
name: credentialissuerconfigs.config.concierge.pinniped.dev
name: credentialissuers.config.concierge.pinniped.dev
spec:
group: config.concierge.pinniped.dev
names:
kind: CredentialIssuerConfig
listKind: CredentialIssuerConfigList
plural: credentialissuerconfigs
shortNames:
- cic
singular: credentialissuerconfig
kind: CredentialIssuer
listKind: CredentialIssuerList
plural: credentialissuers
singular: credentialissuer
scope: Namespaced
versions:
- name: v1alpha1

30
generated/1.18/README.adoc generated
View File

@ -131,14 +131,14 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfig"]
==== CredentialIssuerConfig
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuer"]
==== CredentialIssuer
.Appears In:
****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfiglist[$$CredentialIssuerConfigList$$]
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$]
****
[cols="25a,75a", options="header"]
@ -146,18 +146,18 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
| Field | Description
| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`.
| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$]__ | Status of the credential issuer.
| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | Status of the credential issuer.
|===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfigkubeconfiginfo"]
==== CredentialIssuerConfigKubeConfigInfo
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"]
==== CredentialIssuerKubeConfigInfo
.Appears In:
****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$]
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]
****
[cols="25a,75a", options="header"]
@ -170,32 +170,32 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfigstatus"]
==== CredentialIssuerConfigStatus
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerstatus"]
==== CredentialIssuerStatus
Status of a credential issuer.
.Appears In:
****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfig[$$CredentialIssuerConfig$$]
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$]
****
[cols="25a,75a", options="header"]
|===
| Field | Description
| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfigstrategy[$$CredentialIssuerConfigStrategy$$] array__ | List of integration strategies that were attempted by Pinniped.
| *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfigkubeconfiginfo[$$CredentialIssuerConfigKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped.
| *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
|===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfigstrategy"]
==== CredentialIssuerConfigStrategy
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerstrategy"]
==== CredentialIssuerStrategy
.Appears In:
****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$]
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]
****
[cols="25a,75a", options="header"]

4
generated/1.18/apis/concierge/config/v1alpha1/register.go generated
View File

@ -30,8 +30,8 @@ func init() {
// Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion,
&CredentialIssuerConfig{},
&CredentialIssuerConfigList{},
&CredentialIssuer{},
&CredentialIssuerList{},
)
metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil

21
generated/1.17/apis/concierge/config/v1alpha1/types_credentialissuerconfig.go → generated/1.18/apis/concierge/config/v1alpha1/types_credentialissuer.go generated
View File

@ -25,17 +25,17 @@ const (
)
// Status of a credential issuer.
type CredentialIssuerConfigStatus struct {
type CredentialIssuerStatus struct {
// List of integration strategies that were attempted by Pinniped.
Strategies []CredentialIssuerConfigStrategy `json:"strategies"`
Strategies []CredentialIssuerStrategy `json:"strategies"`
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
// +optional
KubeConfigInfo *CredentialIssuerConfigKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
}
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
type CredentialIssuerConfigKubeConfigInfo struct {
type CredentialIssuerKubeConfigInfo struct {
// The K8s API server URL.
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://|^http://`
@ -47,7 +47,7 @@ type CredentialIssuerConfigKubeConfigInfo struct {
}
// Status of an integration strategy that was attempted by Pinniped.
type CredentialIssuerConfigStrategy struct {
type CredentialIssuerStrategy struct {
// Type of integration attempted.
Type StrategyType `json:"type"`
@ -68,22 +68,21 @@ type CredentialIssuerConfigStrategy struct {
// Describes the configuration status of a Pinniped credential issuer.
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:resource:shortName=cic
type CredentialIssuerConfig struct {
type CredentialIssuer struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// Status of the credential issuer.
Status CredentialIssuerConfigStatus `json:"status"`
Status CredentialIssuerStatus `json:"status"`
}
// List of CredentialIssuerConfig objects.
// List of CredentialIssuer objects.
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type CredentialIssuerConfigList struct {
type CredentialIssuerList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []CredentialIssuerConfig `json:"items"`
Items []CredentialIssuer `json:"items"`
}

50
generated/1.18/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go generated
View File

@ -12,7 +12,7 @@ import (
)
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfig) DeepCopyInto(out *CredentialIssuerConfig) {
func (in *CredentialIssuer) DeepCopyInto(out *CredentialIssuer) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
@ -20,18 +20,18 @@ func (in *CredentialIssuerConfig) DeepCopyInto(out *CredentialIssuerConfig) {
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfig.
func (in *CredentialIssuerConfig) DeepCopy() *CredentialIssuerConfig {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuer.
func (in *CredentialIssuer) DeepCopy() *CredentialIssuer {
if in == nil {
return nil
}
out := new(CredentialIssuerConfig)
out := new(CredentialIssuer)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *CredentialIssuerConfig) DeepCopyObject() runtime.Object {
func (in *CredentialIssuer) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
@ -39,29 +39,29 @@ func (in *CredentialIssuerConfig) DeepCopyObject() runtime.Object {
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopyInto(out *CredentialIssuerConfigKubeConfigInfo) {
func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigKubeConfigInfo.
func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopy() *CredentialIssuerConfigKubeConfigInfo {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerKubeConfigInfo.
func (in *CredentialIssuerKubeConfigInfo) DeepCopy() *CredentialIssuerKubeConfigInfo {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigKubeConfigInfo)
out := new(CredentialIssuerKubeConfigInfo)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigList) DeepCopyInto(out *CredentialIssuerConfigList) {
func (in *CredentialIssuerList) DeepCopyInto(out *CredentialIssuerList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]CredentialIssuerConfig, len(*in))
*out = make([]CredentialIssuer, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
@ -69,18 +69,18 @@ func (in *CredentialIssuerConfigList) DeepCopyInto(out *CredentialIssuerConfigLi
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigList.
func (in *CredentialIssuerConfigList) DeepCopy() *CredentialIssuerConfigList {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerList.
func (in *CredentialIssuerList) DeepCopy() *CredentialIssuerList {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigList)
out := new(CredentialIssuerList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *CredentialIssuerConfigList) DeepCopyObject() runtime.Object {
func (in *CredentialIssuerList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
@ -88,46 +88,46 @@ func (in *CredentialIssuerConfigList) DeepCopyObject() runtime.Object {
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigStatus) DeepCopyInto(out *CredentialIssuerConfigStatus) {
func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) {
*out = *in
if in.Strategies != nil {
in, out := &in.Strategies, &out.Strategies
*out = make([]CredentialIssuerConfigStrategy, len(*in))
*out = make([]CredentialIssuerStrategy, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
if in.KubeConfigInfo != nil {
in, out := &in.KubeConfigInfo, &out.KubeConfigInfo
*out = new(CredentialIssuerConfigKubeConfigInfo)
*out = new(CredentialIssuerKubeConfigInfo)
**out = **in
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStatus.
func (in *CredentialIssuerConfigStatus) DeepCopy() *CredentialIssuerConfigStatus {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStatus.
func (in *CredentialIssuerStatus) DeepCopy() *CredentialIssuerStatus {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigStatus)
out := new(CredentialIssuerStatus)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigStrategy) DeepCopyInto(out *CredentialIssuerConfigStrategy) {
func (in *CredentialIssuerStrategy) DeepCopyInto(out *CredentialIssuerStrategy) {
*out = *in
in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStrategy.
func (in *CredentialIssuerConfigStrategy) DeepCopy() *CredentialIssuerConfigStrategy {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStrategy.
func (in *CredentialIssuerStrategy) DeepCopy() *CredentialIssuerStrategy {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigStrategy)
out := new(CredentialIssuerStrategy)
in.DeepCopyInto(out)
return out
}

6
generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go generated
View File

@ -13,7 +13,7 @@ import (
type ConfigV1alpha1Interface interface {
RESTClient() rest.Interface
CredentialIssuerConfigsGetter
CredentialIssuersGetter
}
// ConfigV1alpha1Client is used to interact with features provided by the config.concierge.pinniped.dev group.
@ -21,8 +21,8 @@ type ConfigV1alpha1Client struct {
restClient rest.Interface
}
func (c *ConfigV1alpha1Client) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface {
return newCredentialIssuerConfigs(c, namespace)
func (c *ConfigV1alpha1Client) CredentialIssuers(namespace string) CredentialIssuerInterface {
return newCredentialIssuers(c, namespace)
}
// NewForConfig creates a new ConfigV1alpha1Client for the given config.

182
generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go generated Normal file
View File

@ -0,0 +1,182 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.18/client/concierge/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// CredentialIssuersGetter has a method to return a CredentialIssuerInterface.
// A group's client should implement this interface.
type CredentialIssuersGetter interface {
CredentialIssuers(namespace string) CredentialIssuerInterface
}
// CredentialIssuerInterface has methods to work with CredentialIssuer resources.
type CredentialIssuerInterface interface {
Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (*v1alpha1.CredentialIssuer, error)
Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error)
UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuer, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error)
CredentialIssuerExpansion
}
// credentialIssuers implements CredentialIssuerInterface
type credentialIssuers struct {
client rest.Interface
ns string
}
// newCredentialIssuers returns a CredentialIssuers
func newCredentialIssuers(c *ConfigV1alpha1Client, namespace string) *credentialIssuers {
return &credentialIssuers{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any.
func (c *credentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors.
func (c *credentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.CredentialIssuerList{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested credentialIssuers.
func (c *credentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *credentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Post().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuer).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *credentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuers").
Name(credentialIssuer.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuer).
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *credentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuers").
Name(credentialIssuer.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuer).
Do(ctx).
Into(result)
return
}
// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs.
func (c *credentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuers").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *credentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched credentialIssuer.
func (c *credentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("credentialissuers").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

182
generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuerconfig.go generated
View File

@ -1,182 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.18/client/concierge/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// CredentialIssuerConfigsGetter has a method to return a CredentialIssuerConfigInterface.
// A group's client should implement this interface.
type CredentialIssuerConfigsGetter interface {
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface
}
// CredentialIssuerConfigInterface has methods to work with CredentialIssuerConfig resources.
type CredentialIssuerConfigInterface interface {
Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (*v1alpha1.CredentialIssuerConfig, error)
Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error)
UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuerConfig, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerConfigList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error)
CredentialIssuerConfigExpansion
}
// credentialIssuerConfigs implements CredentialIssuerConfigInterface
type credentialIssuerConfigs struct {
client rest.Interface
ns string
}
// newCredentialIssuerConfigs returns a CredentialIssuerConfigs
func newCredentialIssuerConfigs(c *ConfigV1alpha1Client, namespace string) *credentialIssuerConfigs {
return &credentialIssuerConfigs{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *credentialIssuerConfigs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *credentialIssuerConfigs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.CredentialIssuerConfigList{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *credentialIssuerConfigs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Post().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *credentialIssuerConfigs) UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *credentialIssuerConfigs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *credentialIssuerConfigs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *credentialIssuerConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

4
generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go generated
View File

@ -15,8 +15,8 @@ type FakeConfigV1alpha1 struct {
*testing.Fake
}
func (c *FakeConfigV1alpha1) CredentialIssuerConfigs(namespace string) v1alpha1.CredentialIssuerConfigInterface {
return &FakeCredentialIssuerConfigs{c, namespace}
func (c *FakeConfigV1alpha1) CredentialIssuers(namespace string) v1alpha1.CredentialIssuerInterface {
return &FakeCredentialIssuers{c, namespace}
}
// RESTClient returns a RESTClient that is used to communicate

129
generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go generated Normal file
View File

@ -0,0 +1,129 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeCredentialIssuers implements CredentialIssuerInterface
type FakeCredentialIssuers struct {
Fake *FakeConfigV1alpha1
ns string
}
var credentialissuersResource = schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuers"}
var credentialissuersKind = schema.GroupVersionKind{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuer"}
// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any.
func (c *FakeCredentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(credentialissuersResource, c.ns, name), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors.
func (c *FakeCredentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(credentialissuersResource, credentialissuersKind, c.ns, opts), &v1alpha1.CredentialIssuerList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.CredentialIssuerList{ListMeta: obj.(*v1alpha1.CredentialIssuerList).ListMeta}
for _, item := range obj.(*v1alpha1.CredentialIssuerList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested credentialIssuers.
func (c *FakeCredentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(credentialissuersResource, c.ns, opts))
}
// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *FakeCredentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(credentialissuersResource, c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *FakeCredentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(credentialissuersResource, c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeCredentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(credentialissuersResource, "status", c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs.
func (c *FakeCredentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(credentialissuersResource, c.ns, name), &v1alpha1.CredentialIssuer{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeCredentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(credentialissuersResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerList{})
return err
}
// Patch applies the patch and returns the patched credentialIssuer.
func (c *FakeCredentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(credentialissuersResource, c.ns, name, pt, data, subresources...), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}

129
generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuerconfig.go generated
View File

@ -1,129 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeCredentialIssuerConfigs implements CredentialIssuerConfigInterface
type FakeCredentialIssuerConfigs struct {
Fake *FakeConfigV1alpha1
ns string
}
var credentialissuerconfigsResource = schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuerconfigs"}
var credentialissuerconfigsKind = schema.GroupVersionKind{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuerConfig"}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *FakeCredentialIssuerConfigs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *FakeCredentialIssuerConfigs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(credentialissuerconfigsResource, credentialissuerconfigsKind, c.ns, opts), &v1alpha1.CredentialIssuerConfigList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.CredentialIssuerConfigList{ListMeta: obj.(*v1alpha1.CredentialIssuerConfigList).ListMeta}
for _, item := range obj.(*v1alpha1.CredentialIssuerConfigList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *FakeCredentialIssuerConfigs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(credentialissuerconfigsResource, c.ns, opts))
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeCredentialIssuerConfigs) UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(credentialissuerconfigsResource, "status", c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *FakeCredentialIssuerConfigs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeCredentialIssuerConfigs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(credentialissuerconfigsResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerConfigList{})
return err
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *FakeCredentialIssuerConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(credentialissuerconfigsResource, c.ns, name, pt, data, subresources...), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}

2
generated/1.18/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go generated
View File

@ -5,4 +5,4 @@
package v1alpha1
type CredentialIssuerConfigExpansion interface{}
type CredentialIssuerExpansion interface{}

77
generated/1.18/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go generated Normal file
View File

@ -0,0 +1,77 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.18/client/concierge/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.18/client/concierge/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.18/client/concierge/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// CredentialIssuerInformer provides access to a shared informer and lister for
// CredentialIssuers.
type CredentialIssuerInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.CredentialIssuerLister
}
type credentialIssuerInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewCredentialIssuerInformer constructs a new informer for CredentialIssuer type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewCredentialIssuerInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredCredentialIssuerInformer constructs a new informer for CredentialIssuer type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredCredentialIssuerInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuers(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuers(namespace).Watch(context.TODO(), options)
},
},
&configv1alpha1.CredentialIssuer{},
resyncPeriod,
indexers,
)
}
func (f *credentialIssuerInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *credentialIssuerInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.CredentialIssuer{}, f.defaultInformer)
}
func (f *credentialIssuerInformer) Lister() v1alpha1.CredentialIssuerLister {
return v1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer())
}

77
generated/1.18/client/concierge/informers/externalversions/config/v1alpha1/credentialissuerconfig.go generated
View File

@ -1,77 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.18/client/concierge/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.18/client/concierge/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.18/client/concierge/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigInformer provides access to a shared informer and lister for
// CredentialIssuerConfigs.
type CredentialIssuerConfigInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.CredentialIssuerConfigLister
}
type credentialIssuerConfigInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuerConfigs(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuerConfigs(namespace).Watch(context.TODO(), options)
},
},
&configv1alpha1.CredentialIssuerConfig{},
resyncPeriod,
indexers,
)
}
func (f *credentialIssuerConfigInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *credentialIssuerConfigInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.CredentialIssuerConfig{}, f.defaultInformer)
}
func (f *credentialIssuerConfigInformer) Lister() v1alpha1.CredentialIssuerConfigLister {
return v1alpha1.NewCredentialIssuerConfigLister(f.Informer().GetIndexer())
}

10
generated/1.18/client/concierge/informers/externalversions/config/v1alpha1/interface.go generated
View File

@ -11,8 +11,8 @@ import (
// Interface provides access to all the informers in this group version.
type Interface interface {
// CredentialIssuerConfigs returns a CredentialIssuerConfigInformer.
CredentialIssuerConfigs() CredentialIssuerConfigInformer
// CredentialIssuers returns a CredentialIssuerInformer.
CredentialIssuers() CredentialIssuerInformer
}
type version struct {
@ -26,7 +26,7 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
}
// CredentialIssuerConfigs returns a CredentialIssuerConfigInformer.
func (v *version) CredentialIssuerConfigs() CredentialIssuerConfigInformer {
return &credentialIssuerConfigInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
// CredentialIssuers returns a CredentialIssuerInformer.
func (v *version) CredentialIssuers() CredentialIssuerInformer {
return &credentialIssuerInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
}

4
generated/1.18/client/concierge/informers/externalversions/generic.go generated
View File

@ -46,8 +46,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil
// Group=config.concierge.pinniped.dev, Version=v1alpha1
case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuerconfigs"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuerConfigs().Informer()}, nil
case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuers"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuers().Informer()}, nil
// Group=login.concierge.pinniped.dev, Version=v1alpha1
case loginv1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests"):

81
generated/1.18/client/concierge/listers/config/v1alpha1/credentialissuer.go generated Normal file
View File

@ -0,0 +1,81 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// CredentialIssuerLister helps list CredentialIssuers.
type CredentialIssuerLister interface {
// List lists all CredentialIssuers in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error)
// CredentialIssuers returns an object that can list and get CredentialIssuers.
CredentialIssuers(namespace string) CredentialIssuerNamespaceLister
CredentialIssuerListerExpansion
}
// credentialIssuerLister implements the CredentialIssuerLister interface.
type credentialIssuerLister struct {
indexer cache.Indexer
}
// NewCredentialIssuerLister returns a new CredentialIssuerLister.
func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister {
return &credentialIssuerLister{indexer: indexer}
}
// List lists all CredentialIssuers in the indexer.
func (s *credentialIssuerLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuer))
})
return ret, err
}
// CredentialIssuers returns an object that can list and get CredentialIssuers.
func (s *credentialIssuerLister) CredentialIssuers(namespace string) CredentialIssuerNamespaceLister {
return credentialIssuerNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// CredentialIssuerNamespaceLister helps list and get CredentialIssuers.
type CredentialIssuerNamespaceLister interface {
// List lists all CredentialIssuers in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error)
// Get retrieves the CredentialIssuer from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.CredentialIssuer, error)
CredentialIssuerNamespaceListerExpansion
}
// credentialIssuerNamespaceLister implements the CredentialIssuerNamespaceLister
// interface.
type credentialIssuerNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all CredentialIssuers in the indexer for a given namespace.
func (s credentialIssuerNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuer))
})
return ret, err
}
// Get retrieves the CredentialIssuer from the indexer for a given namespace and name.
func (s credentialIssuerNamespaceLister) Get(name string) (*v1alpha1.CredentialIssuer, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuer"), name)
}
return obj.(*v1alpha1.CredentialIssuer), nil
}

81
generated/1.18/client/concierge/listers/config/v1alpha1/credentialissuerconfig.go generated
View File

@ -1,81 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigLister helps list CredentialIssuerConfigs.
type CredentialIssuerConfigLister interface {
// List lists all CredentialIssuerConfigs in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister
CredentialIssuerConfigListerExpansion
}
// credentialIssuerConfigLister implements the CredentialIssuerConfigLister interface.
type credentialIssuerConfigLister struct {
indexer cache.Indexer
}
// NewCredentialIssuerConfigLister returns a new CredentialIssuerConfigLister.
func NewCredentialIssuerConfigLister(indexer cache.Indexer) CredentialIssuerConfigLister {
return &credentialIssuerConfigLister{indexer: indexer}
}
// List lists all CredentialIssuerConfigs in the indexer.
func (s *credentialIssuerConfigLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
func (s *credentialIssuerConfigLister) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister {
return credentialIssuerConfigNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// CredentialIssuerConfigNamespaceLister helps list and get CredentialIssuerConfigs.
type CredentialIssuerConfigNamespaceLister interface {
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.CredentialIssuerConfig, error)
CredentialIssuerConfigNamespaceListerExpansion
}
// credentialIssuerConfigNamespaceLister implements the CredentialIssuerConfigNamespaceLister
// interface.
type credentialIssuerConfigNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
func (s credentialIssuerConfigNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
func (s credentialIssuerConfigNamespaceLister) Get(name string) (*v1alpha1.CredentialIssuerConfig, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuerconfig"), name)
}
return obj.(*v1alpha1.CredentialIssuerConfig), nil
}

12
generated/1.18/client/concierge/listers/config/v1alpha1/expansion_generated.go generated
View File

@ -5,10 +5,10 @@
package v1alpha1
// CredentialIssuerConfigListerExpansion allows custom methods to be added to
// CredentialIssuerConfigLister.
type CredentialIssuerConfigListerExpansion interface{}
// CredentialIssuerListerExpansion allows custom methods to be added to
// CredentialIssuerLister.
type CredentialIssuerListerExpansion interface{}
// CredentialIssuerConfigNamespaceListerExpansion allows custom methods to be added to
// CredentialIssuerConfigNamespaceLister.
type CredentialIssuerConfigNamespaceListerExpansion interface{}
// CredentialIssuerNamespaceListerExpansion allows custom methods to be added to
// CredentialIssuerNamespaceLister.
type CredentialIssuerNamespaceListerExpansion interface{}

158
generated/1.18/client/concierge/openapi/zz_generated.openapi.go generated
View File

@ -17,73 +17,73 @@ import (
func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition {
return map[string]common.OpenAPIDefinition{
"go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.Condition": schema_apis_concierge_authentication_v1alpha1_Condition(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.TLSSpec": schema_apis_concierge_authentication_v1alpha1_TLSSpec(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticator": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticator(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorList": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfig": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigList": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStrategy(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ExportOptions": schema_pkg_apis_meta_v1_ExportOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref),
"k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref),
"k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref),
"k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref),
"k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.Condition": schema_apis_concierge_authentication_v1alpha1_Condition(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.TLSSpec": schema_apis_concierge_authentication_v1alpha1_TLSSpec(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticator": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticator(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorList": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuer": schema_apis_concierge_config_v1alpha1_CredentialIssuer(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo": schema_apis_concierge_config_v1alpha1_CredentialIssuerKubeConfigInfo(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerList": schema_apis_concierge_config_v1alpha1_CredentialIssuerList(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerStatus": schema_apis_concierge_config_v1alpha1_CredentialIssuerStatus(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerStrategy": schema_apis_concierge_config_v1alpha1_CredentialIssuerStrategy(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ExportOptions": schema_pkg_apis_meta_v1_ExportOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref),
"k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref),
"k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref),
"k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref),
"k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref),
}
}
@ -325,7 +325,7 @@ func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(re
}
}
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.ReferenceCallback) common.OpenAPIDefinition {
func schema_apis_concierge_config_v1alpha1_CredentialIssuer(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
@ -353,7 +353,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.Ref
"status": {
SchemaProps: spec.SchemaProps{
Description: "Status of the credential issuer.",
Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus"),
Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerStatus"),
},
},
},
@ -361,11 +361,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.Ref
},
},
Dependencies: []string{
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
}
}
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref common.ReferenceCallback) common.OpenAPIDefinition {
func schema_apis_concierge_config_v1alpha1_CredentialIssuerKubeConfigInfo(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
@ -393,7 +393,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(
}
}
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common.ReferenceCallback) common.OpenAPIDefinition {
func schema_apis_concierge_config_v1alpha1_CredentialIssuerList(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
@ -424,7 +424,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common
Items: &spec.SchemaOrArray{
Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{
Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfig"),
Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuer"),
},
},
},
@ -435,11 +435,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common
},
},
Dependencies: []string{
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfig", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuer", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
}
}
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
func schema_apis_concierge_config_v1alpha1_CredentialIssuerStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
@ -453,7 +453,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
Items: &spec.SchemaOrArray{
Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{
Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy"),
Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerStrategy"),
},
},
},
@ -462,7 +462,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
"kubeConfigInfo": {
SchemaProps: spec.SchemaProps{
Description: "Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.",
Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo"),
Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo"),
},
},
},
@ -470,11 +470,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
},
},
Dependencies: []string{
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo", "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy"},
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo", "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerStrategy"},
}
}
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStrategy(ref common.ReferenceCallback) common.OpenAPIDefinition {
func schema_apis_concierge_config_v1alpha1_CredentialIssuerStrategy(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{

12
generated/1.18/crds/config.concierge.pinniped.dev_credentialissuerconfigs.yaml → generated/1.18/crds/config.concierge.pinniped.dev_credentialissuers.yaml generated
View File

@ -6,16 +6,14 @@ metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.0
creationTimestamp: null
name: credentialissuerconfigs.config.concierge.pinniped.dev
name: credentialissuers.config.concierge.pinniped.dev
spec:
group: config.concierge.pinniped.dev
names:
kind: CredentialIssuerConfig
listKind: CredentialIssuerConfigList
plural: credentialissuerconfigs
shortNames:
- cic
singular: credentialissuerconfig
kind: CredentialIssuer
listKind: CredentialIssuerList
plural: credentialissuers
singular: credentialissuer
scope: Namespaced
versions:
- name: v1alpha1

30
generated/1.19/README.adoc generated
View File

@ -131,14 +131,14 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfig"]
==== CredentialIssuerConfig
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuer"]
==== CredentialIssuer
.Appears In:
****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfiglist[$$CredentialIssuerConfigList$$]
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$]
****
[cols="25a,75a", options="header"]
@ -146,18 +146,18 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
| Field | Description
| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`.
| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$]__ | Status of the credential issuer.
| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | Status of the credential issuer.
|===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfigkubeconfiginfo"]
==== CredentialIssuerConfigKubeConfigInfo
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"]
==== CredentialIssuerKubeConfigInfo
.Appears In:
****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$]
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]
****
[cols="25a,75a", options="header"]
@ -170,32 +170,32 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfigstatus"]
==== CredentialIssuerConfigStatus
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerstatus"]
==== CredentialIssuerStatus
Status of a credential issuer.
.Appears In:
****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfig[$$CredentialIssuerConfig$$]
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$]
****
[cols="25a,75a", options="header"]
|===
| Field | Description
| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfigstrategy[$$CredentialIssuerConfigStrategy$$] array__ | List of integration strategies that were attempted by Pinniped.
| *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfigkubeconfiginfo[$$CredentialIssuerConfigKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped.
| *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
|===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfigstrategy"]
==== CredentialIssuerConfigStrategy
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerstrategy"]
==== CredentialIssuerStrategy
.Appears In:
****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$]
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]
****
[cols="25a,75a", options="header"]

4
generated/1.19/apis/concierge/config/v1alpha1/register.go generated
View File

@ -30,8 +30,8 @@ func init() {
// Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion,
&CredentialIssuerConfig{},
&CredentialIssuerConfigList{},
&CredentialIssuer{},
&CredentialIssuerList{},
)
metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil

21
generated/1.19/apis/concierge/config/v1alpha1/types_credentialissuerconfig.go → generated/1.19/apis/concierge/config/v1alpha1/types_credentialissuer.go generated
View File

@ -25,17 +25,17 @@ const (
)
// Status of a credential issuer.
type CredentialIssuerConfigStatus struct {
type CredentialIssuerStatus struct {
// List of integration strategies that were attempted by Pinniped.
Strategies []CredentialIssuerConfigStrategy `json:"strategies"`
Strategies []CredentialIssuerStrategy `json:"strategies"`
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
// +optional
KubeConfigInfo *CredentialIssuerConfigKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
}
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
type CredentialIssuerConfigKubeConfigInfo struct {
type CredentialIssuerKubeConfigInfo struct {
// The K8s API server URL.
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://|^http://`
@ -47,7 +47,7 @@ type CredentialIssuerConfigKubeConfigInfo struct {
}
// Status of an integration strategy that was attempted by Pinniped.
type CredentialIssuerConfigStrategy struct {
type CredentialIssuerStrategy struct {
// Type of integration attempted.
Type StrategyType `json:"type"`
@ -68,22 +68,21 @@ type CredentialIssuerConfigStrategy struct {
// Describes the configuration status of a Pinniped credential issuer.
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:resource:shortName=cic
type CredentialIssuerConfig struct {
type CredentialIssuer struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// Status of the credential issuer.
Status CredentialIssuerConfigStatus `json:"status"`
Status CredentialIssuerStatus `json:"status"`
}
// List of CredentialIssuerConfig objects.
// List of CredentialIssuer objects.
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type CredentialIssuerConfigList struct {
type CredentialIssuerList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []CredentialIssuerConfig `json:"items"`
Items []CredentialIssuer `json:"items"`
}

50
generated/1.19/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go generated
View File

@ -12,7 +12,7 @@ import (
)
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfig) DeepCopyInto(out *CredentialIssuerConfig) {
func (in *CredentialIssuer) DeepCopyInto(out *CredentialIssuer) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
@ -20,18 +20,18 @@ func (in *CredentialIssuerConfig) DeepCopyInto(out *CredentialIssuerConfig) {
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfig.
func (in *CredentialIssuerConfig) DeepCopy() *CredentialIssuerConfig {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuer.
func (in *CredentialIssuer) DeepCopy() *CredentialIssuer {
if in == nil {
return nil
}
out := new(CredentialIssuerConfig)
out := new(CredentialIssuer)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *CredentialIssuerConfig) DeepCopyObject() runtime.Object {
func (in *CredentialIssuer) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
@ -39,29 +39,29 @@ func (in *CredentialIssuerConfig) DeepCopyObject() runtime.Object {
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopyInto(out *CredentialIssuerConfigKubeConfigInfo) {
func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigKubeConfigInfo.
func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopy() *CredentialIssuerConfigKubeConfigInfo {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerKubeConfigInfo.
func (in *CredentialIssuerKubeConfigInfo) DeepCopy() *CredentialIssuerKubeConfigInfo {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigKubeConfigInfo)
out := new(CredentialIssuerKubeConfigInfo)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigList) DeepCopyInto(out *CredentialIssuerConfigList) {
func (in *CredentialIssuerList) DeepCopyInto(out *CredentialIssuerList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]CredentialIssuerConfig, len(*in))
*out = make([]CredentialIssuer, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
@ -69,18 +69,18 @@ func (in *CredentialIssuerConfigList) DeepCopyInto(out *CredentialIssuerConfigLi
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigList.
func (in *CredentialIssuerConfigList) DeepCopy() *CredentialIssuerConfigList {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerList.
func (in *CredentialIssuerList) DeepCopy() *CredentialIssuerList {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigList)
out := new(CredentialIssuerList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *CredentialIssuerConfigList) DeepCopyObject() runtime.Object {
func (in *CredentialIssuerList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
@ -88,46 +88,46 @@ func (in *CredentialIssuerConfigList) DeepCopyObject() runtime.Object {
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigStatus) DeepCopyInto(out *CredentialIssuerConfigStatus) {
func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) {
*out = *in
if in.Strategies != nil {
in, out := &in.Strategies, &out.Strategies
*out = make([]CredentialIssuerConfigStrategy, len(*in))
*out = make([]CredentialIssuerStrategy, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
if in.KubeConfigInfo != nil {
in, out := &in.KubeConfigInfo, &out.KubeConfigInfo
*out = new(CredentialIssuerConfigKubeConfigInfo)
*out = new(CredentialIssuerKubeConfigInfo)
**out = **in
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStatus.
func (in *CredentialIssuerConfigStatus) DeepCopy() *CredentialIssuerConfigStatus {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStatus.
func (in *CredentialIssuerStatus) DeepCopy() *CredentialIssuerStatus {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigStatus)
out := new(CredentialIssuerStatus)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigStrategy) DeepCopyInto(out *CredentialIssuerConfigStrategy) {
func (in *CredentialIssuerStrategy) DeepCopyInto(out *CredentialIssuerStrategy) {
*out = *in
in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStrategy.
func (in *CredentialIssuerConfigStrategy) DeepCopy() *CredentialIssuerConfigStrategy {
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStrategy.
func (in *CredentialIssuerStrategy) DeepCopy() *CredentialIssuerStrategy {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigStrategy)
out := new(CredentialIssuerStrategy)
in.DeepCopyInto(out)
return out
}

6
generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/config_client.go generated
View File

@ -13,7 +13,7 @@ import (
type ConfigV1alpha1Interface interface {
RESTClient() rest.Interface
CredentialIssuerConfigsGetter
CredentialIssuersGetter
}
// ConfigV1alpha1Client is used to interact with features provided by the config.concierge.pinniped.dev group.
@ -21,8 +21,8 @@ type ConfigV1alpha1Client struct {
restClient rest.Interface
}
func (c *ConfigV1alpha1Client) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface {
return newCredentialIssuerConfigs(c, namespace)
func (c *ConfigV1alpha1Client) CredentialIssuers(namespace string) CredentialIssuerInterface {
return newCredentialIssuers(c, namespace)
}
// NewForConfig creates a new ConfigV1alpha1Client for the given config.

182
generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuer.go generated Normal file
View File

@ -0,0 +1,182 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.19/client/concierge/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// CredentialIssuersGetter has a method to return a CredentialIssuerInterface.
// A group's client should implement this interface.
type CredentialIssuersGetter interface {
CredentialIssuers(namespace string) CredentialIssuerInterface
}
// CredentialIssuerInterface has methods to work with CredentialIssuer resources.
type CredentialIssuerInterface interface {
Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (*v1alpha1.CredentialIssuer, error)
Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error)
UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuer, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error)
CredentialIssuerExpansion
}
// credentialIssuers implements CredentialIssuerInterface
type credentialIssuers struct {
client rest.Interface
ns string
}
// newCredentialIssuers returns a CredentialIssuers
func newCredentialIssuers(c *ConfigV1alpha1Client, namespace string) *credentialIssuers {
return &credentialIssuers{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any.
func (c *credentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors.
func (c *credentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.CredentialIssuerList{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested credentialIssuers.
func (c *credentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *credentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Post().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuer).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *credentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuers").
Name(credentialIssuer.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuer).
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *credentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuers").
Name(credentialIssuer.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuer).
Do(ctx).
Into(result)
return
}
// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs.
func (c *credentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuers").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *credentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched credentialIssuer.
func (c *credentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("credentialissuers").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

182
generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/credentialissuerconfig.go generated
View File

@ -1,182 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.19/client/concierge/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// CredentialIssuerConfigsGetter has a method to return a CredentialIssuerConfigInterface.
// A group's client should implement this interface.
type CredentialIssuerConfigsGetter interface {
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface
}
// CredentialIssuerConfigInterface has methods to work with CredentialIssuerConfig resources.
type CredentialIssuerConfigInterface interface {
Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (*v1alpha1.CredentialIssuerConfig, error)
Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error)
UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuerConfig, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerConfigList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error)
CredentialIssuerConfigExpansion
}
// credentialIssuerConfigs implements CredentialIssuerConfigInterface
type credentialIssuerConfigs struct {
client rest.Interface
ns string
}
// newCredentialIssuerConfigs returns a CredentialIssuerConfigs
func newCredentialIssuerConfigs(c *ConfigV1alpha1Client, namespace string) *credentialIssuerConfigs {
return &credentialIssuerConfigs{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *credentialIssuerConfigs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *credentialIssuerConfigs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.CredentialIssuerConfigList{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *credentialIssuerConfigs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Post().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *credentialIssuerConfigs) UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *credentialIssuerConfigs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *credentialIssuerConfigs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *credentialIssuerConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

4
generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go generated
View File

@ -15,8 +15,8 @@ type FakeConfigV1alpha1 struct {
*testing.Fake
}
func (c *FakeConfigV1alpha1) CredentialIssuerConfigs(namespace string) v1alpha1.CredentialIssuerConfigInterface {
return &FakeCredentialIssuerConfigs{c, namespace}
func (c *FakeConfigV1alpha1) CredentialIssuers(namespace string) v1alpha1.CredentialIssuerInterface {
return &FakeCredentialIssuers{c, namespace}
}
// RESTClient returns a RESTClient that is used to communicate

129
generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuer.go generated Normal file
View File

@ -0,0 +1,129 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeCredentialIssuers implements CredentialIssuerInterface
type FakeCredentialIssuers struct {
Fake *FakeConfigV1alpha1
ns string
}
var credentialissuersResource = schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuers"}
var credentialissuersKind = schema.GroupVersionKind{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuer"}
// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any.
func (c *FakeCredentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(credentialissuersResource, c.ns, name), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors.
func (c *FakeCredentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(credentialissuersResource, credentialissuersKind, c.ns, opts), &v1alpha1.CredentialIssuerList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.CredentialIssuerList{ListMeta: obj.(*v1alpha1.CredentialIssuerList).ListMeta}
for _, item := range obj.(*v1alpha1.CredentialIssuerList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested credentialIssuers.
func (c *FakeCredentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(credentialissuersResource, c.ns, opts))
}
// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *FakeCredentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(credentialissuersResource, c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *FakeCredentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(credentialissuersResource, c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeCredentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(credentialissuersResource, "status", c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs.
func (c *FakeCredentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(credentialissuersResource, c.ns, name), &v1alpha1.CredentialIssuer{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeCredentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(credentialissuersResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerList{})
return err
}
// Patch applies the patch and returns the patched credentialIssuer.
func (c *FakeCredentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(credentialissuersResource, c.ns, name, pt, data, subresources...), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}

129
generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/fake/fake_credentialissuerconfig.go generated
View File

@ -1,129 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeCredentialIssuerConfigs implements CredentialIssuerConfigInterface
type FakeCredentialIssuerConfigs struct {
Fake *FakeConfigV1alpha1
ns string
}
var credentialissuerconfigsResource = schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuerconfigs"}
var credentialissuerconfigsKind = schema.GroupVersionKind{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuerConfig"}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *FakeCredentialIssuerConfigs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *FakeCredentialIssuerConfigs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(credentialissuerconfigsResource, credentialissuerconfigsKind, c.ns, opts), &v1alpha1.CredentialIssuerConfigList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.CredentialIssuerConfigList{ListMeta: obj.(*v1alpha1.CredentialIssuerConfigList).ListMeta}
for _, item := range obj.(*v1alpha1.CredentialIssuerConfigList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *FakeCredentialIssuerConfigs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(credentialissuerconfigsResource, c.ns, opts))
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeCredentialIssuerConfigs) UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(credentialissuerconfigsResource, "status", c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *FakeCredentialIssuerConfigs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeCredentialIssuerConfigs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(credentialissuerconfigsResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerConfigList{})
return err
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *FakeCredentialIssuerConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(credentialissuerconfigsResource, c.ns, name, pt, data, subresources...), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}

2
generated/1.19/client/concierge/clientset/versioned/typed/config/v1alpha1/generated_expansion.go generated
View File

@ -5,4 +5,4 @@
package v1alpha1
type CredentialIssuerConfigExpansion interface{}
type CredentialIssuerExpansion interface{}

77
generated/1.19/client/concierge/informers/externalversions/config/v1alpha1/credentialissuer.go generated Normal file
View File

@ -0,0 +1,77 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.19/client/concierge/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.19/client/concierge/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.19/client/concierge/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// CredentialIssuerInformer provides access to a shared informer and lister for
// CredentialIssuers.
type CredentialIssuerInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.CredentialIssuerLister
}
type credentialIssuerInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewCredentialIssuerInformer constructs a new informer for CredentialIssuer type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewCredentialIssuerInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredCredentialIssuerInformer constructs a new informer for CredentialIssuer type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredCredentialIssuerInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuers(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuers(namespace).Watch(context.TODO(), options)
},
},
&configv1alpha1.CredentialIssuer{},
resyncPeriod,
indexers,
)
}
func (f *credentialIssuerInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *credentialIssuerInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.CredentialIssuer{}, f.defaultInformer)
}
func (f *credentialIssuerInformer) Lister() v1alpha1.CredentialIssuerLister {
return v1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer())
}

77
generated/1.19/client/concierge/informers/externalversions/config/v1alpha1/credentialissuerconfig.go generated
View File

@ -1,77 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.19/client/concierge/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.19/client/concierge/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.19/client/concierge/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigInformer provides access to a shared informer and lister for
// CredentialIssuerConfigs.
type CredentialIssuerConfigInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.CredentialIssuerConfigLister
}
type credentialIssuerConfigInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuerConfigs(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuerConfigs(namespace).Watch(context.TODO(), options)
},
},
&configv1alpha1.CredentialIssuerConfig{},
resyncPeriod,
indexers,
)
}
func (f *credentialIssuerConfigInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *credentialIssuerConfigInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.CredentialIssuerConfig{}, f.defaultInformer)
}
func (f *credentialIssuerConfigInformer) Lister() v1alpha1.CredentialIssuerConfigLister {
return v1alpha1.NewCredentialIssuerConfigLister(f.Informer().GetIndexer())
}

10
generated/1.19/client/concierge/informers/externalversions/config/v1alpha1/interface.go generated
View File

@ -11,8 +11,8 @@ import (
// Interface provides access to all the informers in this group version.
type Interface interface {
// CredentialIssuerConfigs returns a CredentialIssuerConfigInformer.
CredentialIssuerConfigs() CredentialIssuerConfigInformer
// CredentialIssuers returns a CredentialIssuerInformer.
CredentialIssuers() CredentialIssuerInformer
}
type version struct {
@ -26,7 +26,7 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
}
// CredentialIssuerConfigs returns a CredentialIssuerConfigInformer.
func (v *version) CredentialIssuerConfigs() CredentialIssuerConfigInformer {
return &credentialIssuerConfigInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
// CredentialIssuers returns a CredentialIssuerInformer.
func (v *version) CredentialIssuers() CredentialIssuerInformer {
return &credentialIssuerInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
}

4
generated/1.19/client/concierge/informers/externalversions/generic.go generated
View File

@ -46,8 +46,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil
// Group=config.concierge.pinniped.dev, Version=v1alpha1
case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuerconfigs"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuerConfigs().Informer()}, nil
case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuers"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuers().Informer()}, nil
// Group=login.concierge.pinniped.dev, Version=v1alpha1
case loginv1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests"):

86
generated/1.19/client/concierge/listers/config/v1alpha1/credentialissuer.go generated Normal file
View File

@ -0,0 +1,86 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// CredentialIssuerLister helps list CredentialIssuers.
// All objects returned here must be treated as read-only.
type CredentialIssuerLister interface {
// List lists all CredentialIssuers in the indexer.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error)
// CredentialIssuers returns an object that can list and get CredentialIssuers.
CredentialIssuers(namespace string) CredentialIssuerNamespaceLister
CredentialIssuerListerExpansion
}
// credentialIssuerLister implements the CredentialIssuerLister interface.
type credentialIssuerLister struct {
indexer cache.Indexer
}
// NewCredentialIssuerLister returns a new CredentialIssuerLister.
func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister {
return &credentialIssuerLister{indexer: indexer}
}
// List lists all CredentialIssuers in the indexer.
func (s *credentialIssuerLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuer))
})
return ret, err
}
// CredentialIssuers returns an object that can list and get CredentialIssuers.
func (s *credentialIssuerLister) CredentialIssuers(namespace string) CredentialIssuerNamespaceLister {
return credentialIssuerNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// CredentialIssuerNamespaceLister helps list and get CredentialIssuers.
// All objects returned here must be treated as read-only.
type CredentialIssuerNamespaceLister interface {
// List lists all CredentialIssuers in the indexer for a given namespace.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error)
// Get retrieves the CredentialIssuer from the indexer for a given namespace and name.
// Objects returned here must be treated as read-only.
Get(name string) (*v1alpha1.CredentialIssuer, error)
CredentialIssuerNamespaceListerExpansion
}
// credentialIssuerNamespaceLister implements the CredentialIssuerNamespaceLister
// interface.
type credentialIssuerNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all CredentialIssuers in the indexer for a given namespace.
func (s credentialIssuerNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuer))
})
return ret, err
}
// Get retrieves the CredentialIssuer from the indexer for a given namespace and name.
func (s credentialIssuerNamespaceLister) Get(name string) (*v1alpha1.CredentialIssuer, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuer"), name)
}
return obj.(*v1alpha1.CredentialIssuer), nil
}

86
generated/1.19/client/concierge/listers/config/v1alpha1/credentialissuerconfig.go generated
View File

@ -1,86 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigLister helps list CredentialIssuerConfigs.
// All objects returned here must be treated as read-only.
type CredentialIssuerConfigLister interface {
// List lists all CredentialIssuerConfigs in the indexer.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister
CredentialIssuerConfigListerExpansion
}
// credentialIssuerConfigLister implements the CredentialIssuerConfigLister interface.
type credentialIssuerConfigLister struct {
indexer cache.Indexer
}
// NewCredentialIssuerConfigLister returns a new CredentialIssuerConfigLister.
func NewCredentialIssuerConfigLister(indexer cache.Indexer) CredentialIssuerConfigLister {
return &credentialIssuerConfigLister{indexer: indexer}
}
// List lists all CredentialIssuerConfigs in the indexer.
func (s *credentialIssuerConfigLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
func (s *credentialIssuerConfigLister) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister {
return credentialIssuerConfigNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// CredentialIssuerConfigNamespaceLister helps list and get CredentialIssuerConfigs.
// All objects returned here must be treated as read-only.
type CredentialIssuerConfigNamespaceLister interface {
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
// Objects returned here must be treated as read-only.
Get(name string) (*v1alpha1.CredentialIssuerConfig, error)
CredentialIssuerConfigNamespaceListerExpansion
}
// credentialIssuerConfigNamespaceLister implements the CredentialIssuerConfigNamespaceLister
// interface.
type credentialIssuerConfigNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
func (s credentialIssuerConfigNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
func (s credentialIssuerConfigNamespaceLister) Get(name string) (*v1alpha1.CredentialIssuerConfig, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuerconfig"), name)
}
return obj.(*v1alpha1.CredentialIssuerConfig), nil
}

12
generated/1.19/client/concierge/listers/config/v1alpha1/expansion_generated.go generated
View File

@ -5,10 +5,10 @@
package v1alpha1
// CredentialIssuerConfigListerExpansion allows custom methods to be added to
// CredentialIssuerConfigLister.
type CredentialIssuerConfigListerExpansion interface{}
// CredentialIssuerListerExpansion allows custom methods to be added to
// CredentialIssuerLister.
type CredentialIssuerListerExpansion interface{}
// CredentialIssuerConfigNamespaceListerExpansion allows custom methods to be added to
// CredentialIssuerConfigNamespaceLister.
type CredentialIssuerConfigNamespaceListerExpansion interface{}
// CredentialIssuerNamespaceListerExpansion allows custom methods to be added to
// CredentialIssuerNamespaceLister.
type CredentialIssuerNamespaceListerExpansion interface{}

160
generated/1.19/client/concierge/openapi/zz_generated.openapi.go generated
View File

@ -17,74 +17,74 @@ import (
func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition {
return map[string]common.OpenAPIDefinition{
"go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.Condition": schema_apis_concierge_authentication_v1alpha1_Condition(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.TLSSpec": schema_apis_concierge_authentication_v1alpha1_TLSSpec(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticator": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticator(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorList": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfig": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigList": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStrategy(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Condition": schema_pkg_apis_meta_v1_Condition(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ExportOptions": schema_pkg_apis_meta_v1_ExportOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref),
"k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref),
"k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref),
"k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref),
"k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.Condition": schema_apis_concierge_authentication_v1alpha1_Condition(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.TLSSpec": schema_apis_concierge_authentication_v1alpha1_TLSSpec(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticator": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticator(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorList": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuer": schema_apis_concierge_config_v1alpha1_CredentialIssuer(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo": schema_apis_concierge_config_v1alpha1_CredentialIssuerKubeConfigInfo(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerList": schema_apis_concierge_config_v1alpha1_CredentialIssuerList(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerStatus": schema_apis_concierge_config_v1alpha1_CredentialIssuerStatus(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerStrategy": schema_apis_concierge_config_v1alpha1_CredentialIssuerStrategy(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Condition": schema_pkg_apis_meta_v1_Condition(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ExportOptions": schema_pkg_apis_meta_v1_ExportOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref),
"k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref),
"k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref),
"k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref),
"k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref),
"k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref),
}
}
@ -326,7 +326,7 @@ func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(re
}
}
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.ReferenceCallback) common.OpenAPIDefinition {
func schema_apis_concierge_config_v1alpha1_CredentialIssuer(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
@ -354,7 +354,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.Ref
"status": {
SchemaProps: spec.SchemaProps{
Description: "Status of the credential issuer.",
Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus"),
Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerStatus"),
},
},
},
@ -362,11 +362,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.Ref
},
},
Dependencies: []string{
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
}
}
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref common.ReferenceCallback) common.OpenAPIDefinition {
func schema_apis_concierge_config_v1alpha1_CredentialIssuerKubeConfigInfo(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
@ -394,7 +394,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(
}
}
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common.ReferenceCallback) common.OpenAPIDefinition {
func schema_apis_concierge_config_v1alpha1_CredentialIssuerList(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
@ -425,7 +425,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common
Items: &spec.SchemaOrArray{
Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{
Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfig"),
Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuer"),
},
},
},
@ -436,11 +436,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common
},
},
Dependencies: []string{
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfig", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuer", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
}
}
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
func schema_apis_concierge_config_v1alpha1_CredentialIssuerStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
@ -454,7 +454,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
Items: &spec.SchemaOrArray{
Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{
Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy"),
Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerStrategy"),
},
},
},
@ -463,7 +463,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
"kubeConfigInfo": {
SchemaProps: spec.SchemaProps{
Description: "Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.",
Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo"),
Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo"),
},
},
},
@ -471,11 +471,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
},
},
Dependencies: []string{
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo", "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy"},
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo", "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerStrategy"},
}
}
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStrategy(ref common.ReferenceCallback) common.OpenAPIDefinition {
func schema_apis_concierge_config_v1alpha1_CredentialIssuerStrategy(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{

12
generated/1.19/crds/config.concierge.pinniped.dev_credentialissuerconfigs.yaml → generated/1.19/crds/config.concierge.pinniped.dev_credentialissuers.yaml generated
View File

@ -6,16 +6,14 @@ metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.0
creationTimestamp: null
name: credentialissuerconfigs.config.concierge.pinniped.dev
name: credentialissuers.config.concierge.pinniped.dev
spec:
group: config.concierge.pinniped.dev
names:
kind: CredentialIssuerConfig
listKind: CredentialIssuerConfigList
plural: credentialissuerconfigs
shortNames:
- cic
singular: credentialissuerconfig
kind: CredentialIssuer
listKind: CredentialIssuerList
plural: credentialissuers
singular: credentialissuer
scope: Namespaced
versions:
- name: v1alpha1

2
hack/lib/tilt/Tiltfile
View File

@ -169,7 +169,7 @@ k8s_resource(
'pinniped-concierge-kube-system-pod-read:rolebinding',
'pinniped-concierge:clusterrolebinding',
'pinniped-concierge:serviceaccount',
'credentialissuerconfigs.config.concierge.pinniped.dev:customresourcedefinition',
'credentialissuers.config.concierge.pinniped.dev:customresourcedefinition',
'webhookauthenticators.authentication.concierge.pinniped.dev:customresourcedefinition',
'v1alpha1.login.concierge.pinniped.dev:apiservice',
],

6
internal/config/concierge/config.go
View File

@ -79,13 +79,13 @@ func maybeSetKubeCertAgentDefaults(cfg *KubeCertAgentSpec) {
func validateNames(names *NamesConfigSpec) error {
missingNames := []string{}
if names == nil {
missingNames = append(missingNames, "servingCertificateSecret", "credentialIssuerConfig", "apiService")
missingNames = append(missingNames, "servingCertificateSecret", "credentialIssuer", "apiService")
} else {
if names.ServingCertificateSecret == "" {
missingNames = append(missingNames, "servingCertificateSecret")
}
if names.CredentialIssuerConfig == "" {
missingNames = append(missingNames, "credentialIssuerConfig")
if names.CredentialIssuer == "" {
missingNames = append(missingNames, "credentialIssuer")
}
if names.APIService == "" {
missingNames = append(missingNames, "apiService")

24
internal/config/concierge/config_test.go
View File

@ -32,7 +32,7 @@ func TestFromPath(t *testing.T) {
renewBeforeSeconds: 2400
names:
servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate
credentialIssuerConfig: pinniped-config
credentialIssuer: pinniped-config
apiService: pinniped-api
kubeCertAgentPrefix: kube-cert-agent-prefix
labels:
@ -55,7 +55,7 @@ func TestFromPath(t *testing.T) {
},
NamesConfig: NamesConfigSpec{
ServingCertificateSecret: "pinniped-concierge-api-tls-serving-certificate",
CredentialIssuerConfig: "pinniped-config",
CredentialIssuer: "pinniped-config",
APIService: "pinniped-api",
},
Labels: map[string]string{
@ -75,7 +75,7 @@ func TestFromPath(t *testing.T) {
---
names:
servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate
credentialIssuerConfig: pinniped-config
credentialIssuer: pinniped-config
apiService: pinniped-api
`),
wantConfig: &Config{
@ -90,7 +90,7 @@ func TestFromPath(t *testing.T) {
},
NamesConfig: NamesConfigSpec{
ServingCertificateSecret: "pinniped-concierge-api-tls-serving-certificate",
CredentialIssuerConfig: "pinniped-config",
CredentialIssuer: "pinniped-config",
APIService: "pinniped-api",
},
Labels: map[string]string{},
@ -103,7 +103,7 @@ func TestFromPath(t *testing.T) {
{
name: "Empty",
yaml: here.Doc(``),
wantError: "validate names: missing required names: servingCertificateSecret, credentialIssuerConfig, apiService",
wantError: "validate names: missing required names: servingCertificateSecret, credentialIssuer, apiService",
},
{
name: "Missing apiService name",
@ -111,26 +111,26 @@ func TestFromPath(t *testing.T) {
---
names:
servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate
credentialIssuerConfig: pinniped-config
credentialIssuer: pinniped-config
`),
wantError: "validate names: missing required names: apiService",
},
{
name: "Missing credentialIssuerConfig name",
name: "Missing credentialIssuer name",
yaml: here.Doc(`
---
names:
servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate
apiService: pinniped-api
`),
wantError: "validate names: missing required names: credentialIssuerConfig",
wantError: "validate names: missing required names: credentialIssuer",
},
{
name: "Missing servingCertificateSecret name",
yaml: here.Doc(`
---
names:
credentialIssuerConfig: pinniped-config
credentialIssuer: pinniped-config
apiService: pinniped-api
`),
wantError: "validate names: missing required names: servingCertificateSecret",
@ -145,7 +145,7 @@ func TestFromPath(t *testing.T) {
renewBeforeSeconds: 3600
names:
servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate
credentialIssuerConfig: pinniped-config
credentialIssuer: pinniped-config
apiService: pinniped-api
`),
wantError: "validate api: durationSeconds cannot be smaller than renewBeforeSeconds",
@ -160,7 +160,7 @@ func TestFromPath(t *testing.T) {
renewBeforeSeconds: -10
names:
servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate
credentialIssuerConfig: pinniped-config
credentialIssuer: pinniped-config
apiService: pinniped-api
`),
wantError: "validate api: renewBefore must be positive",
@ -175,7 +175,7 @@ func TestFromPath(t *testing.T) {
renewBeforeSeconds: -10
names:
servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate
credentialIssuerConfig: pinniped-config
credentialIssuer: pinniped-config
apiService: pinniped-api
`),
wantError: "validate api: renewBefore must be positive",

2
internal/config/concierge/types.go
View File

@ -30,7 +30,7 @@ type APIConfigSpec struct {
// NamesConfigSpec configures the names of some Kubernetes resources for the Concierge.
type NamesConfigSpec struct {
ServingCertificateSecret string `json:"servingCertificateSecret"`
CredentialIssuerConfig string `json:"credentialIssuerConfig"`
CredentialIssuer string `json:"credentialIssuer"`
APIService string `json:"apiService"`
}

58
internal/controller/issuerconfig/create_or_update_credential_issuer_config.go
View File

@ -17,48 +17,48 @@ import (
pinnipedclientset "go.pinniped.dev/generated/1.19/client/concierge/clientset/versioned"
)
func CreateOrUpdateCredentialIssuerConfig(
func CreateOrUpdateCredentialIssuer(
ctx context.Context,
credentialIssuerConfigNamespace string,
credentialIssuerConfigResourceName string,
credentialIssuerConfigLabels map[string]string,
credentialIssuerNamespace string,
credentialIssuerResourceName string,
credentialIssuerLabels map[string]string,
pinnipedClient pinnipedclientset.Interface,
applyUpdatesToCredentialIssuerConfigFunc func(configToUpdate *configv1alpha1.CredentialIssuerConfig),
applyUpdatesToCredentialIssuerFunc func(configToUpdate *configv1alpha1.CredentialIssuer),
) error {
err := retry.RetryOnConflict(retry.DefaultRetry, func() error {
existingCredentialIssuerConfig, err := pinnipedClient.
existingCredentialIssuer, err := pinnipedClient.
ConfigV1alpha1().
CredentialIssuerConfigs(credentialIssuerConfigNamespace).
Get(ctx, credentialIssuerConfigResourceName, metav1.GetOptions{})
CredentialIssuers(credentialIssuerNamespace).
Get(ctx, credentialIssuerResourceName, metav1.GetOptions{})
notFound := k8serrors.IsNotFound(err)
if err != nil && !notFound {
return fmt.Errorf("get failed: %w", err)
}
credentialIssuerConfigsClient := pinnipedClient.ConfigV1alpha1().CredentialIssuerConfigs(credentialIssuerConfigNamespace)
credentialIssuersClient := pinnipedClient.ConfigV1alpha1().CredentialIssuers(credentialIssuerNamespace)
if notFound {
// Create it
credentialIssuerConfig := minimalValidCredentialIssuerConfig(
credentialIssuerConfigResourceName, credentialIssuerConfigNamespace, credentialIssuerConfigLabels,
credentialIssuer := minimalValidCredentialIssuer(
credentialIssuerResourceName, credentialIssuerNamespace, credentialIssuerLabels,
)
applyUpdatesToCredentialIssuerConfigFunc(credentialIssuerConfig)
applyUpdatesToCredentialIssuerFunc(credentialIssuer)
if _, err := credentialIssuerConfigsClient.Create(ctx, credentialIssuerConfig, metav1.CreateOptions{}); err != nil {
if _, err := credentialIssuersClient.Create(ctx, credentialIssuer, metav1.CreateOptions{}); err != nil {
return fmt.Errorf("create failed: %w", err)
}
} else {
// Already exists, so check to see if we need to update it
credentialIssuerConfig := existingCredentialIssuerConfig.DeepCopy()
applyUpdatesToCredentialIssuerConfigFunc(credentialIssuerConfig)
credentialIssuer := existingCredentialIssuer.DeepCopy()
applyUpdatesToCredentialIssuerFunc(credentialIssuer)
if equality.Semantic.DeepEqual(existingCredentialIssuerConfig, credentialIssuerConfig) {
if equality.Semantic.DeepEqual(existingCredentialIssuer, credentialIssuer) {
// Nothing interesting would change as a result of this update, so skip it
return nil
}
if _, err := credentialIssuerConfigsClient.Update(ctx, credentialIssuerConfig, metav1.UpdateOptions{}); err != nil {
if _, err := credentialIssuersClient.Update(ctx, credentialIssuer, metav1.UpdateOptions{}); err != nil {
return err
}
}
@ -66,25 +66,25 @@ func CreateOrUpdateCredentialIssuerConfig(
})
if err != nil {
return fmt.Errorf("could not create or update credentialissuerconfig: %w", err)
return fmt.Errorf("could not create or update credentialissuer: %w", err)
}
return nil
}
func minimalValidCredentialIssuerConfig(
credentialIssuerConfigName string,
credentialIssuerConfigNamespace string,
credentialIssuerConfigLabels map[string]string,
) *configv1alpha1.CredentialIssuerConfig {
return &configv1alpha1.CredentialIssuerConfig{
func minimalValidCredentialIssuer(
credentialIssuerName string,
credentialIssuerNamespace string,
credentialIssuerLabels map[string]string,
) *configv1alpha1.CredentialIssuer {
return &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigName,
Namespace: credentialIssuerConfigNamespace,
Labels: credentialIssuerConfigLabels,
Name: credentialIssuerName,
Namespace: credentialIssuerNamespace,
Labels: credentialIssuerLabels,
},
Status: configv1alpha1.CredentialIssuerConfigStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{},
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: nil,
},
}

112
internal/controller/issuerconfig/create_or_update_credential_issuer_config_test.go
View File

@ -23,63 +23,63 @@ import (
pinnipedfake "go.pinniped.dev/generated/1.19/client/concierge/clientset/versioned/fake"
)
func TestCreateOrUpdateCredentialIssuerConfig(t *testing.T) {
func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
spec.Run(t, "specs", func(t *testing.T, when spec.G, it spec.S) {
var r *require.Assertions
var ctx context.Context
var pinnipedAPIClient *pinnipedfake.Clientset
var credentialIssuerConfigGVR schema.GroupVersionResource
var credentialIssuerGVR schema.GroupVersionResource
const installationNamespace = "some-namespace"
const credentialIssuerConfigResourceName = "some-resource-name"
const credentialIssuerResourceName = "some-resource-name"
it.Before(func() {
r = require.New(t)
ctx = context.Background()
pinnipedAPIClient = pinnipedfake.NewSimpleClientset()
credentialIssuerConfigGVR = schema.GroupVersionResource{
credentialIssuerGVR = schema.GroupVersionResource{
Group: configv1alpha1.GroupName,
Version: configv1alpha1.SchemeGroupVersion.Version,
Resource: "credentialissuerconfigs",
Resource: "credentialissuers",
}
})
when("the config does not exist", func() {
it("creates a new config which includes only the updates made by the func parameter", func() {
err := CreateOrUpdateCredentialIssuerConfig(
err := CreateOrUpdateCredentialIssuer(
ctx,
installationNamespace,
credentialIssuerConfigResourceName,
credentialIssuerResourceName,
map[string]string{
"myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2",
},
pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuerConfig) {
configToUpdate.Status.KubeConfigInfo = &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{
func(configToUpdate *configv1alpha1.CredentialIssuer) {
configToUpdate.Status.KubeConfigInfo = &configv1alpha1.CredentialIssuerKubeConfigInfo{
CertificateAuthorityData: "some-ca-value",
}
},
)
r.NoError(err)
expectedGetAction := coretesting.NewGetAction(credentialIssuerConfigGVR, installationNamespace, credentialIssuerConfigResourceName)
expectedGetAction := coretesting.NewGetAction(credentialIssuerGVR, installationNamespace, credentialIssuerResourceName)
expectedCreateAction := coretesting.NewCreateAction(
credentialIssuerConfigGVR,
credentialIssuerGVR,
installationNamespace,
&configv1alpha1.CredentialIssuerConfig{
&configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName,
Name: credentialIssuerResourceName,
Namespace: installationNamespace,
Labels: map[string]string{
"myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2",
},
},
Status: configv1alpha1.CredentialIssuerConfigStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: "",
CertificateAuthorityData: "some-ca-value",
},
@ -92,40 +92,40 @@ func TestCreateOrUpdateCredentialIssuerConfig(t *testing.T) {
when("there is an unexpected error while creating the existing object", func() {
it.Before(func() {
pinnipedAPIClient.PrependReactor("create", "credentialissuerconfigs", func(_ coretesting.Action) (bool, runtime.Object, error) {
pinnipedAPIClient.PrependReactor("create", "credentialissuers", func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, fmt.Errorf("error on create")
})
})
it("returns an error", func() {
err := CreateOrUpdateCredentialIssuerConfig(
err := CreateOrUpdateCredentialIssuer(
ctx,
installationNamespace,
credentialIssuerConfigResourceName,
credentialIssuerResourceName,
map[string]string{},
pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuerConfig) {},
func(configToUpdate *configv1alpha1.CredentialIssuer) {},
)
r.EqualError(err, "could not create or update credentialissuerconfig: create failed: error on create")
r.EqualError(err, "could not create or update credentialissuer: create failed: error on create")
})
})
})
when("the config already exists", func() {
var existingConfig *configv1alpha1.CredentialIssuerConfig
var existingConfig *configv1alpha1.CredentialIssuer
it.Before(func() {
existingConfig = &configv1alpha1.CredentialIssuerConfig{
existingConfig = &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName,
Name: credentialIssuerResourceName,
Namespace: installationNamespace,
Labels: map[string]string{
"myLabelKey1": "myLabelValue1",
},
},
Status: configv1alpha1.CredentialIssuerConfigStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{
{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.SuccessStrategyStatus,
@ -134,7 +134,7 @@ func TestCreateOrUpdateCredentialIssuerConfig(t *testing.T) {
LastUpdateTime: metav1.Now(),
},
},
KubeConfigInfo: &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{
KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: "initial-server-value",
CertificateAuthorityData: "initial-ca-value",
},
@ -144,39 +144,39 @@ func TestCreateOrUpdateCredentialIssuerConfig(t *testing.T) {
})
it("updates the existing config to only apply the updates made by the func parameter", func() {
err := CreateOrUpdateCredentialIssuerConfig(
err := CreateOrUpdateCredentialIssuer(
ctx,
installationNamespace,
credentialIssuerConfigResourceName,
credentialIssuerResourceName,
map[string]string{
"myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2",
},
pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuerConfig) {
func(configToUpdate *configv1alpha1.CredentialIssuer) {
configToUpdate.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
},
)
r.NoError(err)
expectedGetAction := coretesting.NewGetAction(credentialIssuerConfigGVR, installationNamespace, credentialIssuerConfigResourceName)
expectedGetAction := coretesting.NewGetAction(credentialIssuerGVR, installationNamespace, credentialIssuerResourceName)
// Only the edited field should be changed.
expectedUpdatedConfig := existingConfig.DeepCopy()
expectedUpdatedConfig.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
expectedUpdateAction := coretesting.NewUpdateAction(credentialIssuerConfigGVR, installationNamespace, expectedUpdatedConfig)
expectedUpdateAction := coretesting.NewUpdateAction(credentialIssuerGVR, installationNamespace, expectedUpdatedConfig)
r.Equal([]coretesting.Action{expectedGetAction, expectedUpdateAction}, pinnipedAPIClient.Actions())
})
it("avoids the cost of an update if the local updates made by the func parameter did not actually change anything", func() {
err := CreateOrUpdateCredentialIssuerConfig(
err := CreateOrUpdateCredentialIssuer(
ctx,
installationNamespace,
credentialIssuerConfigResourceName,
credentialIssuerResourceName,
map[string]string{},
pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuerConfig) {
func(configToUpdate *configv1alpha1.CredentialIssuer) {
configToUpdate.Status.KubeConfigInfo.CertificateAuthorityData = "initial-ca-value"
t := configToUpdate.Status.Strategies[0].LastUpdateTime
@ -187,70 +187,70 @@ func TestCreateOrUpdateCredentialIssuerConfig(t *testing.T) {
)
r.NoError(err)
expectedGetAction := coretesting.NewGetAction(credentialIssuerConfigGVR, installationNamespace, credentialIssuerConfigResourceName)
expectedGetAction := coretesting.NewGetAction(credentialIssuerGVR, installationNamespace, credentialIssuerResourceName)
r.Equal([]coretesting.Action{expectedGetAction}, pinnipedAPIClient.Actions())
})
when("there is an unexpected error while getting the existing object", func() {
it.Before(func() {
pinnipedAPIClient.PrependReactor("get", "credentialissuerconfigs", func(_ coretesting.Action) (bool, runtime.Object, error) {
pinnipedAPIClient.PrependReactor("get", "credentialissuers", func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, fmt.Errorf("error on get")
})
})
it("returns an error", func() {
err := CreateOrUpdateCredentialIssuerConfig(
err := CreateOrUpdateCredentialIssuer(
ctx,
installationNamespace,
credentialIssuerConfigResourceName,
credentialIssuerResourceName,
map[string]string{},
pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuerConfig) {},
func(configToUpdate *configv1alpha1.CredentialIssuer) {},
)
r.EqualError(err, "could not create or update credentialissuerconfig: get failed: error on get")
r.EqualError(err, "could not create or update credentialissuer: get failed: error on get")
})
})
when("there is an unexpected error while updating the existing object", func() {
it.Before(func() {
pinnipedAPIClient.PrependReactor("update", "credentialissuerconfigs", func(_ coretesting.Action) (bool, runtime.Object, error) {
pinnipedAPIClient.PrependReactor("update", "credentialissuers", func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, fmt.Errorf("error on update")
})
})
it("returns an error", func() {
err := CreateOrUpdateCredentialIssuerConfig(
err := CreateOrUpdateCredentialIssuer(
ctx,
installationNamespace,
credentialIssuerConfigResourceName,
credentialIssuerResourceName,
map[string]string{},
pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuerConfig) {
func(configToUpdate *configv1alpha1.CredentialIssuer) {
configToUpdate.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
},
)
r.EqualError(err, "could not create or update credentialissuerconfig: error on update")
r.EqualError(err, "could not create or update credentialissuer: error on update")
})
})
when("there is a conflict error while updating the existing object on the first try and the next try succeeds", func() {
var slightlyDifferentExistingConfig *configv1alpha1.CredentialIssuerConfig
var slightlyDifferentExistingConfig *configv1alpha1.CredentialIssuer
it.Before(func() {
hit := false
slightlyDifferentExistingConfig = existingConfig.DeepCopy()
slightlyDifferentExistingConfig.Status.KubeConfigInfo.Server = "some-other-server-value-from-conflicting-update"
pinnipedAPIClient.PrependReactor("update", "credentialissuerconfigs", func(_ coretesting.Action) (bool, runtime.Object, error) {
pinnipedAPIClient.PrependReactor("update", "credentialissuers", func(_ coretesting.Action) (bool, runtime.Object, error) {
// Return an error on the first call, then fall through to the default (successful) response.
if !hit {
// Before the update fails, also change the object that will be returned by the next Get(),
// to make sure that the production code does a fresh Get() after detecting a conflict.
r.NoError(pinnipedAPIClient.Tracker().Update(credentialIssuerConfigGVR, slightlyDifferentExistingConfig, installationNamespace))
r.NoError(pinnipedAPIClient.Tracker().Update(credentialIssuerGVR, slightlyDifferentExistingConfig, installationNamespace))
hit = true
return true, nil, apierrors.NewConflict(schema.GroupResource{
Group: apiregistrationv1.GroupName,
Resource: "credentialissuerconfigs",
Resource: "credentialissuers",
}, "alphav1.pinniped.dev", fmt.Errorf("there was a conflict"))
}
return false, nil, nil
@ -258,33 +258,33 @@ func TestCreateOrUpdateCredentialIssuerConfig(t *testing.T) {
})
it("retries updates on conflict", func() {
err := CreateOrUpdateCredentialIssuerConfig(
err := CreateOrUpdateCredentialIssuer(
ctx,
installationNamespace,
credentialIssuerConfigResourceName,
credentialIssuerResourceName,
map[string]string{
"myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2",
},
pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuerConfig) {
func(configToUpdate *configv1alpha1.CredentialIssuer) {
configToUpdate.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
},
)
r.NoError(err)
expectedGetAction := coretesting.NewGetAction(credentialIssuerConfigGVR, installationNamespace, credentialIssuerConfigResourceName)
expectedGetAction := coretesting.NewGetAction(credentialIssuerGVR, installationNamespace, credentialIssuerResourceName)
// The first attempted update only includes its own edits.
firstExpectedUpdatedConfig := existingConfig.DeepCopy()
firstExpectedUpdatedConfig.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
firstExpectedUpdateAction := coretesting.NewUpdateAction(credentialIssuerConfigGVR, installationNamespace, firstExpectedUpdatedConfig)
firstExpectedUpdateAction := coretesting.NewUpdateAction(credentialIssuerGVR, installationNamespace, firstExpectedUpdatedConfig)
// Both the edits made by this update and the edits made by the conflicting update should be included.
secondExpectedUpdatedConfig := existingConfig.DeepCopy()
secondExpectedUpdatedConfig.Status.KubeConfigInfo.Server = "some-other-server-value-from-conflicting-update"
secondExpectedUpdatedConfig.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
secondExpectedUpdateAction := coretesting.NewUpdateAction(credentialIssuerConfigGVR, installationNamespace, secondExpectedUpdatedConfig)
secondExpectedUpdateAction := coretesting.NewUpdateAction(credentialIssuerGVR, installationNamespace, secondExpectedUpdatedConfig)
expectedActions := []coretesting.Action{
expectedGetAction,

2
internal/controller/issuerconfig/doc.go
View File

@ -1,5 +1,5 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Package issuerconfig contains controller(s) for reconciling CredentialIssuerConfig's.
// Package issuerconfig contains controller(s) for reconciling CredentialIssuer's.
package issuerconfig

44
internal/controller/issuerconfig/kube_config_info_publisher.go
View File

@ -25,21 +25,21 @@ const (
)
type kubeConigInfoPublisherController struct {
credentialIssuerConfigNamespaceName string
credentialIssuerConfigResourceName string
credentialIssuerConfigLabels map[string]string
serverOverride *string
pinnipedClient pinnipedclientset.Interface
configMapInformer corev1informers.ConfigMapInformer
credentialIssuerNamespaceName string
credentialIssuerResourceName string
credentialIssuerLabels map[string]string
serverOverride *string
pinnipedClient pinnipedclientset.Interface
configMapInformer corev1informers.ConfigMapInformer
}
// NewKubeConfigInfoPublisherController returns a controller that syncs the
// configv1alpha1.CredentialIssuerConfig.Status.KubeConfigInfo field with the cluster-info ConfigMap
// configv1alpha1.CredentialIssuer.Status.KubeConfigInfo field with the cluster-info ConfigMap
// in the kube-public namespace.
func NewKubeConfigInfoPublisherController(
credentialIssuerConfigNamespaceName string,
credentialIssuerConfigResourceName string,
credentialIssuerConfigLabels map[string]string,
credentialIssuerNamespaceName string,
credentialIssuerResourceName string,
credentialIssuerLabels map[string]string,
serverOverride *string,
pinnipedClient pinnipedclientset.Interface,
configMapInformer corev1informers.ConfigMapInformer,
@ -49,12 +49,12 @@ func NewKubeConfigInfoPublisherController(
controllerlib.Config{
Name: "publisher-controller",
Syncer: &kubeConigInfoPublisherController{
credentialIssuerConfigResourceName: credentialIssuerConfigResourceName,
credentialIssuerConfigNamespaceName: credentialIssuerConfigNamespaceName,
credentialIssuerConfigLabels: credentialIssuerConfigLabels,
serverOverride: serverOverride,
pinnipedClient: pinnipedClient,
configMapInformer: configMapInformer,
credentialIssuerResourceName: credentialIssuerResourceName,
credentialIssuerNamespaceName: credentialIssuerNamespaceName,
credentialIssuerLabels: credentialIssuerLabels,
serverOverride: serverOverride,
pinnipedClient: pinnipedClient,
configMapInformer: configMapInformer,
},
},
withInformer(
@ -106,18 +106,18 @@ func (c *kubeConigInfoPublisherController) Sync(ctx controllerlib.Context) error
server = *c.serverOverride
}
updateServerAndCAFunc := func(c *configv1alpha1.CredentialIssuerConfig) {
c.Status.KubeConfigInfo = &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{
updateServerAndCAFunc := func(c *configv1alpha1.CredentialIssuer) {
c.Status.KubeConfigInfo = &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: server,
CertificateAuthorityData: certificateAuthorityData,
}
}
return CreateOrUpdateCredentialIssuerConfig(
return CreateOrUpdateCredentialIssuer(
ctx.Context,
c.credentialIssuerConfigNamespaceName,
c.credentialIssuerConfigResourceName,
c.credentialIssuerConfigLabels,
c.credentialIssuerNamespaceName,
c.credentialIssuerResourceName,
c.credentialIssuerLabels,
c.pinnipedClient,
updateServerAndCAFunc,
)

94
internal/controller/issuerconfig/kube_config_info_publisher_test.go
View File

@ -29,7 +29,7 @@ import (
func TestInformerFilters(t *testing.T) {
spec.Run(t, "informer filters", func(t *testing.T, when spec.G, it spec.S) {
const credentialIssuerConfigResourceName = "some-resource-name"
const credentialIssuerResourceName = "some-resource-name"
const installedInNamespace = "some-namespace"
var r *require.Assertions
@ -42,7 +42,7 @@ func TestInformerFilters(t *testing.T) {
configMapInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().ConfigMaps()
_ = NewKubeConfigInfoPublisherController(
installedInNamespace,
credentialIssuerConfigResourceName,
credentialIssuerResourceName,
map[string]string{},
nil,
nil,
@ -104,7 +104,7 @@ func TestInformerFilters(t *testing.T) {
func TestSync(t *testing.T) {
spec.Run(t, "Sync", func(t *testing.T, when spec.G, it spec.S) {
const credentialIssuerConfigResourceName = "some-resource-name"
const credentialIssuerResourceName = "some-resource-name"
const installedInNamespace = "some-namespace"
var r *require.Assertions
@ -118,30 +118,30 @@ func TestSync(t *testing.T) {
var timeoutContextCancel context.CancelFunc
var syncContext *controllerlib.Context
var expectedCredentialIssuerConfig = func(expectedNamespace, expectedServerURL, expectedCAData string) (schema.GroupVersionResource, *configv1alpha1.CredentialIssuerConfig) {
expectedCredentialIssuerConfigGVR := schema.GroupVersionResource{
var expectedCredentialIssuer = func(expectedNamespace, expectedServerURL, expectedCAData string) (schema.GroupVersionResource, *configv1alpha1.CredentialIssuer) {
expectedCredentialIssuerGVR := schema.GroupVersionResource{
Group: configv1alpha1.GroupName,
Version: "v1alpha1",
Resource: "credentialissuerconfigs",
Resource: "credentialissuers",
}
expectedCredentialIssuerConfig := &configv1alpha1.CredentialIssuerConfig{
expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName,
Name: credentialIssuerResourceName,
Namespace: expectedNamespace,
Labels: map[string]string{
"myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2",
},
},
Status: configv1alpha1.CredentialIssuerConfigStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: expectedServerURL,
CertificateAuthorityData: expectedCAData,
},
},
}
return expectedCredentialIssuerConfigGVR, expectedCredentialIssuerConfig
return expectedCredentialIssuerGVR, expectedCredentialIssuer
}
// Defer starting the informers until the last possible moment so that the
@ -150,7 +150,7 @@ func TestSync(t *testing.T) {
// Set this at the last second to allow for injection of server override.
subject = NewKubeConfigInfoPublisherController(
installedInNamespace,
credentialIssuerConfigResourceName,
credentialIssuerResourceName,
map[string]string{
"myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2",
@ -216,13 +216,13 @@ func TestSync(t *testing.T) {
r.NoError(err)
})
when("the CredentialIssuerConfig does not already exist", func() {
it("creates a CredentialIssuerConfig", func() {
when("the CredentialIssuer does not already exist", func() {
it("creates a CredentialIssuer", func() {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
r.NoError(err)
expectedCredentialIssuerConfigGVR, expectedCredentialIssuerConfig := expectedCredentialIssuerConfig(
expectedCredentialIssuerGVR, expectedCredentialIssuer := expectedCredentialIssuer(
installedInNamespace,
kubeServerURL,
caData,
@ -230,22 +230,22 @@ func TestSync(t *testing.T) {
r.Equal(
[]coretesting.Action{
coretesting.NewGetAction(expectedCredentialIssuerConfigGVR, installedInNamespace, expectedCredentialIssuerConfig.Name),
coretesting.NewGetAction(expectedCredentialIssuerGVR, installedInNamespace, expectedCredentialIssuer.Name),
coretesting.NewCreateAction(
expectedCredentialIssuerConfigGVR,
expectedCredentialIssuerGVR,
installedInNamespace,
expectedCredentialIssuerConfig,
expectedCredentialIssuer,
),
},
pinnipedAPIClient.Actions(),
)
})
when("creating the CredentialIssuerConfig fails", func() {
when("creating the CredentialIssuer fails", func() {
it.Before(func() {
pinnipedAPIClient.PrependReactor(
"create",
"credentialissuerconfigs",
"credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("create failed")
},
@ -255,7 +255,7 @@ func TestSync(t *testing.T) {
it("returns the create error", func() {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
r.EqualError(err, "could not create or update credentialissuerconfig: create failed: create failed")
r.EqualError(err, "could not create or update credentialissuer: create failed: create failed")
})
})
@ -268,20 +268,20 @@ func TestSync(t *testing.T) {
err := controllerlib.TestSync(t, subject, *syncContext)
r.NoError(err)
expectedCredentialIssuerConfigGVR, expectedCredentialIssuerConfig := expectedCredentialIssuerConfig(
expectedCredentialIssuerGVR, expectedCredentialIssuer := expectedCredentialIssuer(
installedInNamespace,
kubeServerURL,
caData,
)
expectedCredentialIssuerConfig.Status.KubeConfigInfo.Server = "https://some-server-override"
expectedCredentialIssuer.Status.KubeConfigInfo.Server = "https://some-server-override"
r.Equal(
[]coretesting.Action{
coretesting.NewGetAction(expectedCredentialIssuerConfigGVR, installedInNamespace, expectedCredentialIssuerConfig.Name),
coretesting.NewGetAction(expectedCredentialIssuerGVR, installedInNamespace, expectedCredentialIssuer.Name),
coretesting.NewCreateAction(
expectedCredentialIssuerConfigGVR,
expectedCredentialIssuerGVR,
installedInNamespace,
expectedCredentialIssuerConfig,
expectedCredentialIssuer,
),
},
pinnipedAPIClient.Actions(),
@ -290,72 +290,72 @@ func TestSync(t *testing.T) {
})
})
when("the CredentialIssuerConfig already exists", func() {
when("the CredentialIssuerConfig is already up to date according to the data in the ConfigMap", func() {
var credentialIssuerConfigGVR schema.GroupVersionResource
var credentialIssuerConfig *configv1alpha1.CredentialIssuerConfig
when("the CredentialIssuer already exists", func() {
when("the CredentialIssuer is already up to date according to the data in the ConfigMap", func() {
var credentialIssuerGVR schema.GroupVersionResource
var credentialIssuer *configv1alpha1.CredentialIssuer
it.Before(func() {
credentialIssuerConfigGVR, credentialIssuerConfig = expectedCredentialIssuerConfig(
credentialIssuerGVR, credentialIssuer = expectedCredentialIssuer(
installedInNamespace,
kubeServerURL,
caData,
)
err := pinnipedAPIClient.Tracker().Add(credentialIssuerConfig)
err := pinnipedAPIClient.Tracker().Add(credentialIssuer)
r.NoError(err)
})
it("does not update the CredentialIssuerConfig to avoid unnecessary etcd writes/api calls", func() {
it("does not update the CredentialIssuer to avoid unnecessary etcd writes/api calls", func() {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
r.NoError(err)
r.Equal(
[]coretesting.Action{
coretesting.NewGetAction(credentialIssuerConfigGVR, installedInNamespace, credentialIssuerConfig.Name),
coretesting.NewGetAction(credentialIssuerGVR, installedInNamespace, credentialIssuer.Name),
},
pinnipedAPIClient.Actions(),
)
})
})
when("the CredentialIssuerConfig is stale compared to the data in the ConfigMap", func() {
when("the CredentialIssuer is stale compared to the data in the ConfigMap", func() {
it.Before(func() {
_, expectedCredentialIssuerConfig := expectedCredentialIssuerConfig(
_, expectedCredentialIssuer := expectedCredentialIssuer(
installedInNamespace,
kubeServerURL,
caData,
)
expectedCredentialIssuerConfig.Status.KubeConfigInfo.Server = "https://some-other-server"
r.NoError(pinnipedAPIClient.Tracker().Add(expectedCredentialIssuerConfig))
expectedCredentialIssuer.Status.KubeConfigInfo.Server = "https://some-other-server"
r.NoError(pinnipedAPIClient.Tracker().Add(expectedCredentialIssuer))
})
it("updates the existing CredentialIssuerConfig", func() {
it("updates the existing CredentialIssuer", func() {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
r.NoError(err)
expectedCredentialIssuerConfigGVR, expectedCredentialIssuerConfig := expectedCredentialIssuerConfig(
expectedCredentialIssuerGVR, expectedCredentialIssuer := expectedCredentialIssuer(
installedInNamespace,
kubeServerURL,
caData,
)
expectedActions := []coretesting.Action{
coretesting.NewGetAction(expectedCredentialIssuerConfigGVR, installedInNamespace, expectedCredentialIssuerConfig.Name),
coretesting.NewGetAction(expectedCredentialIssuerGVR, installedInNamespace, expectedCredentialIssuer.Name),
coretesting.NewUpdateAction(
expectedCredentialIssuerConfigGVR,
expectedCredentialIssuerGVR,
installedInNamespace,
expectedCredentialIssuerConfig,
expectedCredentialIssuer,
),
}
r.Equal(expectedActions, pinnipedAPIClient.Actions())
})
when("updating the CredentialIssuerConfig fails", func() {
when("updating the CredentialIssuer fails", func() {
it.Before(func() {
pinnipedAPIClient.PrependReactor(
"update",
"credentialissuerconfigs",
"credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("update failed")
},
@ -365,7 +365,7 @@ func TestSync(t *testing.T) {
it("returns the update error", func() {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
r.EqualError(err, "could not create or update credentialissuerconfig: update failed")
r.EqualError(err, "could not create or update credentialissuer: update failed")
})
})
})

42
internal/controller/kubecertagent/annotater.go
View File

@ -29,13 +29,13 @@ const (
)
type annotaterController struct {
agentPodConfig *AgentPodConfig
credentialIssuerConfigLocationConfig *CredentialIssuerConfigLocationConfig
clock clock.Clock
k8sClient kubernetes.Interface
pinnipedAPIClient pinnipedclientset.Interface
kubeSystemPodInformer corev1informers.PodInformer
agentPodInformer corev1informers.PodInformer
agentPodConfig *AgentPodConfig
credentialIssuerLocationConfig *CredentialIssuerLocationConfig
clock clock.Clock
k8sClient kubernetes.Interface
pinnipedAPIClient pinnipedclientset.Interface
kubeSystemPodInformer corev1informers.PodInformer
agentPodInformer corev1informers.PodInformer
}
// NewAnnotaterController returns a controller that updates agent pods with the path to the kube
@ -44,11 +44,11 @@ type annotaterController struct {
// This controller will add annotations to agent pods with the best-guess paths to the kube API's
// certificate and key.
//
// It also is tasked with updating the CredentialIssuerConfig, located via the provided
// credentialIssuerConfigLocationConfig, with any errors that it encounters.
// It also is tasked with updating the CredentialIssuer, located via the provided
// credentialIssuerLocationConfig, with any errors that it encounters.
func NewAnnotaterController(
agentPodConfig *AgentPodConfig,
credentialIssuerConfigLocationConfig *CredentialIssuerConfigLocationConfig,
credentialIssuerLocationConfig *CredentialIssuerLocationConfig,
clock clock.Clock,
k8sClient kubernetes.Interface,
pinnipedAPIClient pinnipedclientset.Interface,
@ -60,13 +60,13 @@ func NewAnnotaterController(
controllerlib.Config{
Name: "kube-cert-agent-annotater-controller",
Syncer: &annotaterController{
agentPodConfig: agentPodConfig,
credentialIssuerConfigLocationConfig: credentialIssuerConfigLocationConfig,
clock: clock,
k8sClient: k8sClient,
pinnipedAPIClient: pinnipedAPIClient,
kubeSystemPodInformer: kubeSystemPodInformer,
agentPodInformer: agentPodInformer,
agentPodConfig: agentPodConfig,
credentialIssuerLocationConfig: credentialIssuerLocationConfig,
clock: clock,
k8sClient: k8sClient,
pinnipedAPIClient: pinnipedAPIClient,
kubeSystemPodInformer: kubeSystemPodInformer,
agentPodInformer: agentPodInformer,
},
},
withInformer(
@ -120,11 +120,11 @@ func (c *annotaterController) Sync(ctx controllerlib.Context) error {
keyPath,
); err != nil {
err = fmt.Errorf("cannot update agent pod: %w", err)
strategyResultUpdateErr := createOrUpdateCredentialIssuerConfig(ctx.Context, *c.credentialIssuerConfigLocationConfig, nil, c.clock, c.pinnipedAPIClient, err)
strategyResultUpdateErr := createOrUpdateCredentialIssuer(ctx.Context, *c.credentialIssuerLocationConfig, nil, c.clock, c.pinnipedAPIClient, err)
if strategyResultUpdateErr != nil {
// If the CIC update fails, then we probably want to try again. This controller will get
// called again because of the pod create failure, so just try the CIC update again then.
klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuerConfig")
// If the CI update fails, then we probably want to try again. This controller will get
// called again because of the pod create failure, so just try the CI update again then.
klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuer")
}
return err

86
internal/controller/kubecertagent/annotater_test.go
View File

@ -34,14 +34,14 @@ func TestAnnotaterControllerFilter(t *testing.T) {
"AnnotaterControllerFilter",
func(
agentPodConfig *AgentPodConfig,
_ *CredentialIssuerConfigLocationConfig,
_ *CredentialIssuerLocationConfig,
kubeSystemPodInformer corev1informers.PodInformer,
agentPodInformer corev1informers.PodInformer,
observableWithInformerOption *testutil.ObservableWithInformerOption,
) {
_ = NewAnnotaterController(
agentPodConfig,
nil, // credentialIssuerConfigLocationConfig, shouldn't matter
nil, // credentialIssuerLocationConfig, shouldn't matter
nil, // clock, shouldn't matter
nil, // k8sClient, shouldn't matter
nil, // pinnipedClient, shouldn't matter
@ -59,8 +59,8 @@ func TestAnnotaterControllerSync(t *testing.T) {
const agentPodNamespace = "agent-pod-namespace"
const defaultKubeControllerManagerClusterSigningCertFileFlagValue = "/etc/kubernetes/ca/ca.pem"
const defaultKubeControllerManagerClusterSigningKeyFileFlagValue = "/etc/kubernetes/ca/ca.key"
const credentialIssuerConfigNamespaceName = "cic-namespace-name"
const credentialIssuerConfigResourceName = "cic-resource-name"
const credentialIssuerNamespaceName = "ci-namespace-name"
const credentialIssuerResourceName = "ci-resource-name"
const (
certPath = "some-cert-path"
@ -84,7 +84,7 @@ func TestAnnotaterControllerSync(t *testing.T) {
var syncContext *controllerlib.Context
var controllerManagerPod, agentPod *corev1.Pod
var podsGVR schema.GroupVersionResource
var credentialIssuerConfigGVR schema.GroupVersionResource
var credentialIssuerGVR schema.GroupVersionResource
var frozenNow time.Time
// Defer starting the informers until the last possible moment so that the
@ -101,9 +101,9 @@ func TestAnnotaterControllerSync(t *testing.T) {
"myLabelKey2": "myLabelValue2",
},
},
&CredentialIssuerConfigLocationConfig{
Namespace: credentialIssuerConfigNamespaceName,
Name: credentialIssuerConfigResourceName,
&CredentialIssuerLocationConfig{
Namespace: credentialIssuerNamespaceName,
Name: credentialIssuerResourceName,
},
clock.NewFakeClock(frozenNow),
kubeAPIClient,
@ -154,10 +154,10 @@ func TestAnnotaterControllerSync(t *testing.T) {
Resource: "pods",
}
credentialIssuerConfigGVR = schema.GroupVersionResource{
credentialIssuerGVR = schema.GroupVersionResource{
Group: configv1alpha1.GroupName,
Version: configv1alpha1.SchemeGroupVersion.Version,
Resource: "credentialissuerconfigs",
Resource: "credentialissuers",
}
frozenNow = time.Date(2020, time.September, 23, 7, 42, 0, 0, time.Local)
@ -229,33 +229,33 @@ func TestAnnotaterControllerSync(t *testing.T) {
r.EqualError(err, "cannot update agent pod: some update error")
})
when("there is already a CredentialIssuerConfig", func() {
var initialCredentialIssuerConfig *configv1alpha1.CredentialIssuerConfig
when("there is already a CredentialIssuer", func() {
var initialCredentialIssuer *configv1alpha1.CredentialIssuer
it.Before(func() {
initialCredentialIssuerConfig = &configv1alpha1.CredentialIssuerConfig{
initialCredentialIssuer = &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName,
Namespace: credentialIssuerConfigNamespaceName,
Name: credentialIssuerResourceName,
Namespace: credentialIssuerNamespaceName,
},
Status: configv1alpha1.CredentialIssuerConfigStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: "some-server",
CertificateAuthorityData: "some-ca-value",
},
},
}
r.NoError(pinnipedAPIClient.Tracker().Add(initialCredentialIssuerConfig))
r.NoError(pinnipedAPIClient.Tracker().Add(initialCredentialIssuer))
})
it("updates the CredentialIssuerConfig status with the error", func() {
it("updates the CredentialIssuer status with the error", func() {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
expectedCredentialIssuerConfig := initialCredentialIssuerConfig.DeepCopy()
expectedCredentialIssuerConfig.Status.Strategies = []configv1alpha1.CredentialIssuerConfigStrategy{
expectedCredentialIssuer := initialCredentialIssuer.DeepCopy()
expectedCredentialIssuer.Status.Strategies = []configv1alpha1.CredentialIssuerStrategy{
{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus,
@ -265,14 +265,14 @@ func TestAnnotaterControllerSync(t *testing.T) {
},
}
expectedGetAction := coretesting.NewGetAction(
credentialIssuerConfigGVR,
credentialIssuerConfigNamespaceName,
credentialIssuerConfigResourceName,
credentialIssuerGVR,
credentialIssuerNamespaceName,
credentialIssuerResourceName,
)
expectedUpdateAction := coretesting.NewUpdateAction(
credentialIssuerConfigGVR,
credentialIssuerConfigNamespaceName,
expectedCredentialIssuerConfig,
credentialIssuerGVR,
credentialIssuerNamespaceName,
expectedCredentialIssuer,
)
r.EqualError(err, "cannot update agent pod: some update error")
@ -285,11 +285,11 @@ func TestAnnotaterControllerSync(t *testing.T) {
)
})
when("updating the CredentialIssuerConfig fails", func() {
when("updating the CredentialIssuer fails", func() {
it.Before(func() {
pinnipedAPIClient.PrependReactor(
"update",
"credentialissuerconfigs",
"credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("some update error")
},
@ -304,19 +304,19 @@ func TestAnnotaterControllerSync(t *testing.T) {
})
})
when("there is not already a CredentialIssuerConfig", func() {
it("creates the CredentialIssuerConfig status with the error", func() {
when("there is not already a CredentialIssuer", func() {
it("creates the CredentialIssuer status with the error", func() {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
expectedCredentialIssuerConfig := &configv1alpha1.CredentialIssuerConfig{
expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName,
Namespace: credentialIssuerConfigNamespaceName,
Name: credentialIssuerResourceName,
Namespace: credentialIssuerNamespaceName,
},
Status: configv1alpha1.CredentialIssuerConfigStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{
{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus,
@ -328,14 +328,14 @@ func TestAnnotaterControllerSync(t *testing.T) {
},
}
expectedGetAction := coretesting.NewGetAction(
credentialIssuerConfigGVR,
credentialIssuerConfigNamespaceName,
credentialIssuerConfigResourceName,
credentialIssuerGVR,
credentialIssuerNamespaceName,
credentialIssuerResourceName,
)
expectedCreateAction := coretesting.NewCreateAction(
credentialIssuerConfigGVR,
credentialIssuerConfigNamespaceName,
expectedCredentialIssuerConfig,
credentialIssuerGVR,
credentialIssuerNamespaceName,
expectedCredentialIssuer,
)
r.EqualError(err, "cannot update agent pod: some update error")

62
internal/controller/kubecertagent/creater.go
View File

@ -21,25 +21,25 @@ import (
)
type createrController struct {
agentPodConfig *AgentPodConfig
credentialIssuerConfigLocationConfig *CredentialIssuerConfigLocationConfig
credentialIssuerConfigLabels map[string]string
clock clock.Clock
k8sClient kubernetes.Interface
pinnipedAPIClient pinnipedclientset.Interface
kubeSystemPodInformer corev1informers.PodInformer
agentPodInformer corev1informers.PodInformer
agentPodConfig *AgentPodConfig
credentialIssuerLocationConfig *CredentialIssuerLocationConfig
credentialIssuerLabels map[string]string
clock clock.Clock
k8sClient kubernetes.Interface
pinnipedAPIClient pinnipedclientset.Interface
kubeSystemPodInformer corev1informers.PodInformer
agentPodInformer corev1informers.PodInformer
}
// NewCreaterController returns a controller that creates new kube-cert-agent pods for every known
// kube-controller-manager pod.
//
// It also is tasked with updating the CredentialIssuerConfig, located via the provided
// credentialIssuerConfigLocationConfig, with any errors that it encounters.
// It also is tasked with updating the CredentialIssuer, located via the provided
// credentialIssuerLocationConfig, with any errors that it encounters.
func NewCreaterController(
agentPodConfig *AgentPodConfig,
credentialIssuerConfigLocationConfig *CredentialIssuerConfigLocationConfig,
credentialIssuerConfigLabels map[string]string,
credentialIssuerLocationConfig *CredentialIssuerLocationConfig,
credentialIssuerLabels map[string]string,
clock clock.Clock,
k8sClient kubernetes.Interface,
pinnipedAPIClient pinnipedclientset.Interface,
@ -53,14 +53,14 @@ func NewCreaterController(
//nolint: misspell
Name: "kube-cert-agent-creater-controller",
Syncer: &createrController{
agentPodConfig: agentPodConfig,
credentialIssuerConfigLocationConfig: credentialIssuerConfigLocationConfig,
credentialIssuerConfigLabels: credentialIssuerConfigLabels,
clock: clock,
k8sClient: k8sClient,
pinnipedAPIClient: pinnipedAPIClient,
kubeSystemPodInformer: kubeSystemPodInformer,
agentPodInformer: agentPodInformer,
agentPodConfig: agentPodConfig,
credentialIssuerLocationConfig: credentialIssuerLocationConfig,
credentialIssuerLabels: credentialIssuerLabels,
clock: clock,
k8sClient: k8sClient,
pinnipedAPIClient: pinnipedAPIClient,
kubeSystemPodInformer: kubeSystemPodInformer,
agentPodInformer: agentPodInformer,
},
},
withInformer(
@ -73,7 +73,7 @@ func NewCreaterController(
pinnipedcontroller.SimpleFilter(isAgentPod),
controllerlib.InformerOption{},
),
// Be sure to run once even to make sure the CIC is updated if there are no controller manager
// Be sure to run once even to make sure the CI is updated if there are no controller manager
// pods. We should be able to pass an empty key since we don't use the key in the sync (we sync
// the world).
withInitialEvent(controllerlib.Key{}),
@ -94,11 +94,11 @@ func (c *createrController) Sync(ctx controllerlib.Context) error {
if len(controllerManagerPods) == 0 {
// If there are no controller manager pods, we alert the user that we can't find the keypair via
// the CredentialIssuerConfig.
return createOrUpdateCredentialIssuerConfig(
// the CredentialIssuer.
return createOrUpdateCredentialIssuer(
ctx.Context,
*c.credentialIssuerConfigLocationConfig,
c.credentialIssuerConfigLabels,
*c.credentialIssuerLocationConfig,
c.credentialIssuerLabels,
c.clock,
c.pinnipedAPIClient,
constable.Error("did not find kube-controller-manager pod(s)"),
@ -130,18 +130,18 @@ func (c *createrController) Sync(ctx controllerlib.Context) error {
Create(ctx.Context, agentPod, metav1.CreateOptions{})
if err != nil {
err = fmt.Errorf("cannot create agent pod: %w", err)
strategyResultUpdateErr := createOrUpdateCredentialIssuerConfig(
strategyResultUpdateErr := createOrUpdateCredentialIssuer(
ctx.Context,
*c.credentialIssuerConfigLocationConfig,
c.credentialIssuerConfigLabels,
*c.credentialIssuerLocationConfig,
c.credentialIssuerLabels,
c.clock,
c.pinnipedAPIClient,
err,
)
if strategyResultUpdateErr != nil {
// If the CIC update fails, then we probably want to try again. This controller will get
// called again because of the pod create failure, so just try the CIC update again then.
klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuerConfig")
// If the CI update fails, then we probably want to try again. This controller will get
// called again because of the pod create failure, so just try the CI update again then.
klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuer")
}
return err

174
internal/controller/kubecertagent/creater_test.go
View File

@ -34,14 +34,14 @@ func TestCreaterControllerFilter(t *testing.T) {
"CreaterControllerFilter",
func(
agentPodConfig *AgentPodConfig,
credentialIssuerConfigLocationConfig *CredentialIssuerConfigLocationConfig,
credentialIssuerLocationConfig *CredentialIssuerLocationConfig,
kubeSystemPodInformer corev1informers.PodInformer,
agentPodInformer corev1informers.PodInformer,
observableWithInformerOption *testutil.ObservableWithInformerOption,
) {
_ = NewCreaterController(
agentPodConfig,
credentialIssuerConfigLocationConfig,
credentialIssuerLocationConfig,
map[string]string{},
nil, // clock, shouldn't matter
nil, // k8sClient, shouldn't matter
@ -66,7 +66,7 @@ func TestCreaterControllerInitialEvent(t *testing.T) {
_ = NewCreaterController(
nil, // agentPodConfig, shouldn't matter
nil, // credentialIssuerConfigLocationConfig, shouldn't matter
nil, // credentialIssuerLocationConfig, shouldn't matter
map[string]string{},
nil, // clock, shouldn't matter
nil, // k8sClient, shouldn't matter
@ -83,8 +83,8 @@ func TestCreaterControllerSync(t *testing.T) {
spec.Run(t, "CreaterControllerSync", func(t *testing.T, when spec.G, it spec.S) {
const kubeSystemNamespace = "kube-system"
const agentPodNamespace = "agent-pod-namespace"
const credentialIssuerConfigNamespaceName = "cic-namespace-name"
const credentialIssuerConfigResourceName = "cic-resource-name"
const credentialIssuerNamespaceName = "ci-namespace-name"
const credentialIssuerResourceName = "ci-resource-name"
var r *require.Assertions
@ -100,7 +100,7 @@ func TestCreaterControllerSync(t *testing.T) {
var syncContext *controllerlib.Context
var controllerManagerPod, agentPod *corev1.Pod
var podsGVR schema.GroupVersionResource
var credentialIssuerConfigGVR schema.GroupVersionResource
var credentialIssuerGVR schema.GroupVersionResource
var frozenNow time.Time
// Defer starting the informers until the last possible moment so that the
@ -118,9 +118,9 @@ func TestCreaterControllerSync(t *testing.T) {
"myLabelKey2": "myLabelValue2",
},
},
&CredentialIssuerConfigLocationConfig{
Namespace: credentialIssuerConfigNamespaceName,
Name: credentialIssuerConfigResourceName,
&CredentialIssuerLocationConfig{
Namespace: credentialIssuerNamespaceName,
Name: credentialIssuerResourceName,
},
map[string]string{
"myLabelKey1": "myLabelValue1",
@ -176,10 +176,10 @@ func TestCreaterControllerSync(t *testing.T) {
Resource: "pods",
}
credentialIssuerConfigGVR = schema.GroupVersionResource{
credentialIssuerGVR = schema.GroupVersionResource{
Group: configv1alpha1.GroupName,
Version: configv1alpha1.SchemeGroupVersion.Version,
Resource: "credentialissuerconfigs",
Resource: "credentialissuers",
}
frozenNow = time.Date(2020, time.September, 23, 7, 42, 0, 0, time.Local)
@ -300,33 +300,33 @@ func TestCreaterControllerSync(t *testing.T) {
)
})
when("there is already a CredentialIssuerConfig", func() {
var initialCredentialIssuerConfig *configv1alpha1.CredentialIssuerConfig
when("there is already a CredentialIssuer", func() {
var initialCredentialIssuer *configv1alpha1.CredentialIssuer
it.Before(func() {
initialCredentialIssuerConfig = &configv1alpha1.CredentialIssuerConfig{
initialCredentialIssuer = &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName,
Namespace: credentialIssuerConfigNamespaceName,
Name: credentialIssuerResourceName,
Namespace: credentialIssuerNamespaceName,
},
Status: configv1alpha1.CredentialIssuerConfigStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: "some-server",
CertificateAuthorityData: "some-ca-value",
},
},
}
r.NoError(pinnipedAPIClient.Tracker().Add(initialCredentialIssuerConfig))
r.NoError(pinnipedAPIClient.Tracker().Add(initialCredentialIssuer))
})
it("updates the CredentialIssuerConfig status saying that controller manager pods couldn't be found", func() {
it("updates the CredentialIssuer status saying that controller manager pods couldn't be found", func() {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
expectedCredentialIssuerConfig := initialCredentialIssuerConfig.DeepCopy()
expectedCredentialIssuerConfig.Status.Strategies = []configv1alpha1.CredentialIssuerConfigStrategy{
expectedCredentialIssuer := initialCredentialIssuer.DeepCopy()
expectedCredentialIssuer.Status.Strategies = []configv1alpha1.CredentialIssuerStrategy{
{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus,
@ -336,14 +336,14 @@ func TestCreaterControllerSync(t *testing.T) {
},
}
expectedGetAction := coretesting.NewGetAction(
credentialIssuerConfigGVR,
credentialIssuerConfigNamespaceName,
credentialIssuerConfigResourceName,
credentialIssuerGVR,
credentialIssuerNamespaceName,
credentialIssuerResourceName,
)
expectedUpdateAction := coretesting.NewUpdateAction(
credentialIssuerConfigGVR,
credentialIssuerConfigNamespaceName,
expectedCredentialIssuerConfig,
credentialIssuerGVR,
credentialIssuerNamespaceName,
expectedCredentialIssuer,
)
r.EqualError(err, "cannot create agent pod: some create error")
@ -356,11 +356,11 @@ func TestCreaterControllerSync(t *testing.T) {
)
})
when("the CredentialIssuerConfig operation fails", func() {
when("the CredentialIssuer operation fails", func() {
it.Before(func() {
pinnipedAPIClient.PrependReactor(
"update",
"credentialissuerconfigs",
"credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("some update error")
},
@ -375,23 +375,23 @@ func TestCreaterControllerSync(t *testing.T) {
})
})
when("there is not already a CredentialIssuerConfig", func() {
it("returns an error and updates the CredentialIssuerConfig status", func() {
when("there is not already a CredentialIssuer", func() {
it("returns an error and updates the CredentialIssuer status", func() {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
expectedCredentialIssuerConfig := &configv1alpha1.CredentialIssuerConfig{
expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName,
Namespace: credentialIssuerConfigNamespaceName,
Name: credentialIssuerResourceName,
Namespace: credentialIssuerNamespaceName,
Labels: map[string]string{
"myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2",
},
},
Status: configv1alpha1.CredentialIssuerConfigStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{
{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus,
@ -403,14 +403,14 @@ func TestCreaterControllerSync(t *testing.T) {
},
}
expectedGetAction := coretesting.NewGetAction(
credentialIssuerConfigGVR,
credentialIssuerConfigNamespaceName,
credentialIssuerConfigResourceName,
credentialIssuerGVR,
credentialIssuerNamespaceName,
credentialIssuerResourceName,
)
expectedCreateAction := coretesting.NewCreateAction(
credentialIssuerConfigGVR,
credentialIssuerConfigNamespaceName,
expectedCredentialIssuerConfig,
credentialIssuerGVR,
credentialIssuerNamespaceName,
expectedCredentialIssuer,
)
r.EqualError(err, "cannot create agent pod: some create error")
@ -428,33 +428,33 @@ func TestCreaterControllerSync(t *testing.T) {
})
when("there is no controller manager pod", func() {
when("there is already a CredentialIssuerConfig", func() {
var initialCredentialIssuerConfig *configv1alpha1.CredentialIssuerConfig
when("there is already a CredentialIssuer", func() {
var initialCredentialIssuer *configv1alpha1.CredentialIssuer
it.Before(func() {
initialCredentialIssuerConfig = &configv1alpha1.CredentialIssuerConfig{
initialCredentialIssuer = &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName,
Namespace: credentialIssuerConfigNamespaceName,
Name: credentialIssuerResourceName,
Namespace: credentialIssuerNamespaceName,
},
Status: configv1alpha1.CredentialIssuerConfigStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: "some-server",
CertificateAuthorityData: "some-ca-value",
},
},
}
r.NoError(pinnipedAPIClient.Tracker().Add(initialCredentialIssuerConfig))
r.NoError(pinnipedAPIClient.Tracker().Add(initialCredentialIssuer))
})
it("updates the CredentialIssuerConfig status saying that controller manager pods couldn't be found", func() {
it("updates the CredentialIssuer status saying that controller manager pods couldn't be found", func() {
startInformersAndController()
r.NoError(controllerlib.TestSync(t, subject, *syncContext))
expectedCredentialIssuerConfig := initialCredentialIssuerConfig.DeepCopy()
expectedCredentialIssuerConfig.Status.Strategies = []configv1alpha1.CredentialIssuerConfigStrategy{
expectedCredentialIssuer := initialCredentialIssuer.DeepCopy()
expectedCredentialIssuer.Status.Strategies = []configv1alpha1.CredentialIssuerStrategy{
{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus,
@ -464,14 +464,14 @@ func TestCreaterControllerSync(t *testing.T) {
},
}
expectedGetAction := coretesting.NewGetAction(
credentialIssuerConfigGVR,
credentialIssuerConfigNamespaceName,
credentialIssuerConfigResourceName,
credentialIssuerGVR,
credentialIssuerNamespaceName,
credentialIssuerResourceName,
)
expectedUpdateAction := coretesting.NewUpdateAction(
credentialIssuerConfigGVR,
credentialIssuerConfigNamespaceName,
expectedCredentialIssuerConfig,
credentialIssuerGVR,
credentialIssuerNamespaceName,
expectedCredentialIssuer,
)
r.Equal(
@ -483,11 +483,11 @@ func TestCreaterControllerSync(t *testing.T) {
)
})
when("when updating the CredentialIssuerConfig fails", func() {
when("when updating the CredentialIssuer fails", func() {
it.Before(func() {
pinnipedAPIClient.PrependReactor(
"update",
"credentialissuerconfigs",
"credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("some update error")
},
@ -497,15 +497,15 @@ func TestCreaterControllerSync(t *testing.T) {
it("returns an error", func() {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
r.EqualError(err, "could not create or update credentialissuerconfig: some update error")
r.EqualError(err, "could not create or update credentialissuer: some update error")
})
})
when("when getting the CredentialIssuerConfig fails", func() {
when("when getting the CredentialIssuer fails", func() {
it.Before(func() {
pinnipedAPIClient.PrependReactor(
"get",
"credentialissuerconfigs",
"credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("some get error")
},
@ -515,28 +515,28 @@ func TestCreaterControllerSync(t *testing.T) {
it("returns an error", func() {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
r.EqualError(err, "could not create or update credentialissuerconfig: get failed: some get error")
r.EqualError(err, "could not create or update credentialissuer: get failed: some get error")
})
})
})
when("there is not already a CredentialIssuerConfig", func() {
it("creates the CredentialIssuerConfig status saying that controller manager pods couldn't be found", func() {
when("there is not already a CredentialIssuer", func() {
it("creates the CredentialIssuer status saying that controller manager pods couldn't be found", func() {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
expectedCredentialIssuerConfig := &configv1alpha1.CredentialIssuerConfig{
expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName,
Namespace: credentialIssuerConfigNamespaceName,
Name: credentialIssuerResourceName,
Namespace: credentialIssuerNamespaceName,
Labels: map[string]string{
"myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2",
},
},
Status: configv1alpha1.CredentialIssuerConfigStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{
{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus,
@ -548,14 +548,14 @@ func TestCreaterControllerSync(t *testing.T) {
},
}
expectedGetAction := coretesting.NewGetAction(
credentialIssuerConfigGVR,
credentialIssuerConfigNamespaceName,
credentialIssuerConfigResourceName,
credentialIssuerGVR,
credentialIssuerNamespaceName,
credentialIssuerResourceName,
)
expectedCreateAction := coretesting.NewCreateAction(
credentialIssuerConfigGVR,
credentialIssuerConfigNamespaceName,
expectedCredentialIssuerConfig,
credentialIssuerGVR,
credentialIssuerNamespaceName,
expectedCredentialIssuer,
)
r.NoError(err)
@ -568,11 +568,11 @@ func TestCreaterControllerSync(t *testing.T) {
)
})
when("when creating the CredentialIssuerConfig fails", func() {
when("when creating the CredentialIssuer fails", func() {
it.Before(func() {
pinnipedAPIClient.PrependReactor(
"create",
"credentialissuerconfigs",
"credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("some create error")
},
@ -582,15 +582,15 @@ func TestCreaterControllerSync(t *testing.T) {
it("returns an error", func() {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
r.EqualError(err, "could not create or update credentialissuerconfig: create failed: some create error")
r.EqualError(err, "could not create or update credentialissuer: create failed: some create error")
})
})
when("when getting the CredentialIssuerConfig fails", func() {
when("when getting the CredentialIssuer fails", func() {
it.Before(func() {
pinnipedAPIClient.PrependReactor(
"get",
"credentialissuerconfigs",
"credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("some get error")
},
@ -600,7 +600,7 @@ func TestCreaterControllerSync(t *testing.T) {
it("returns an error", func() {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
r.EqualError(err, "could not create or update credentialissuerconfig: get failed: some get error")
r.EqualError(err, "could not create or update credentialissuer: get failed: some get error")
})
})
})

2
internal/controller/kubecertagent/deleter_test.go
View File

@ -28,7 +28,7 @@ func TestDeleterControllerFilter(t *testing.T) {
"DeleterControllerFilter",
func(
agentPodConfig *AgentPodConfig,
_ *CredentialIssuerConfigLocationConfig,
_ *CredentialIssuerLocationConfig,
kubeSystemPodInformer corev1informers.PodInformer,
agentPodInformer corev1informers.PodInformer,
observableWithInformerOption *testutil.ObservableWithInformerOption,

40
internal/controller/kubecertagent/execer.go
View File

@ -19,22 +19,22 @@ import (
)
type execerController struct {
credentialIssuerConfigLocationConfig *CredentialIssuerConfigLocationConfig
dynamicCertProvider dynamiccert.Provider
podCommandExecutor PodCommandExecutor
clock clock.Clock
pinnipedAPIClient pinnipedclientset.Interface
agentPodInformer corev1informers.PodInformer
credentialIssuerLocationConfig *CredentialIssuerLocationConfig
dynamicCertProvider dynamiccert.Provider
podCommandExecutor PodCommandExecutor
clock clock.Clock
pinnipedAPIClient pinnipedclientset.Interface
agentPodInformer corev1informers.PodInformer
}
// NewExecerController returns a controllerlib.Controller that listens for agent pods with proper
// cert/key path annotations and execs into them to get the cert/key material. It sets the retrieved
// key material in a provided dynamicCertProvider.
//
// It also is tasked with updating the CredentialIssuerConfig, located via the provided
// credentialIssuerConfigLocationConfig, with any errors that it encounters.
// It also is tasked with updating the CredentialIssuer, located via the provided
// credentialIssuerLocationConfig, with any errors that it encounters.
func NewExecerController(
credentialIssuerConfigLocationConfig *CredentialIssuerConfigLocationConfig,
credentialIssuerLocationConfig *CredentialIssuerLocationConfig,
dynamicCertProvider dynamiccert.Provider,
podCommandExecutor PodCommandExecutor,
pinnipedAPIClient pinnipedclientset.Interface,
@ -46,12 +46,12 @@ func NewExecerController(
controllerlib.Config{
Name: "kube-cert-agent-execer-controller",
Syncer: &execerController{
credentialIssuerConfigLocationConfig: credentialIssuerConfigLocationConfig,
dynamicCertProvider: dynamicCertProvider,
podCommandExecutor: podCommandExecutor,
pinnipedAPIClient: pinnipedAPIClient,
clock: clock,
agentPodInformer: agentPodInformer,
credentialIssuerLocationConfig: credentialIssuerLocationConfig,
dynamicCertProvider: dynamicCertProvider,
podCommandExecutor: podCommandExecutor,
pinnipedAPIClient: pinnipedAPIClient,
clock: clock,
agentPodInformer: agentPodInformer,
},
},
withInformer(
@ -87,21 +87,21 @@ func (c *execerController) Sync(ctx controllerlib.Context) error {
certPEM, err := c.podCommandExecutor.Exec(agentPod.Namespace, agentPod.Name, "cat", certPath)
if err != nil {
strategyResultUpdateErr := createOrUpdateCredentialIssuerConfig(ctx.Context, *c.credentialIssuerConfigLocationConfig, nil, c.clock, c.pinnipedAPIClient, err)
klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuerConfig with strategy success")
strategyResultUpdateErr := createOrUpdateCredentialIssuer(ctx.Context, *c.credentialIssuerLocationConfig, nil, c.clock, c.pinnipedAPIClient, err)
klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuer with strategy success")
return err
}
keyPEM, err := c.podCommandExecutor.Exec(agentPod.Namespace, agentPod.Name, "cat", keyPath)
if err != nil {
strategyResultUpdateErr := createOrUpdateCredentialIssuerConfig(ctx.Context, *c.credentialIssuerConfigLocationConfig, nil, c.clock, c.pinnipedAPIClient, err)
klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuerConfig with strategy success")
strategyResultUpdateErr := createOrUpdateCredentialIssuer(ctx.Context, *c.credentialIssuerLocationConfig, nil, c.clock, c.pinnipedAPIClient, err)
klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuer with strategy success")
return err
}
c.dynamicCertProvider.Set([]byte(certPEM), []byte(keyPEM))
err = createOrUpdateCredentialIssuerConfig(ctx.Context, *c.credentialIssuerConfigLocationConfig, nil, c.clock, c.pinnipedAPIClient, nil)
err = createOrUpdateCredentialIssuer(ctx.Context, *c.credentialIssuerLocationConfig, nil, c.clock, c.pinnipedAPIClient, nil)
if err != nil {
return err
}

102
internal/controller/kubecertagent/execer_test.go
View File

@ -43,7 +43,7 @@ func TestExecerControllerOptions(t *testing.T) {
observableWithInformerOption = testutil.NewObservableWithInformerOption()
agentPodsInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().Pods()
_ = NewExecerController(
&CredentialIssuerConfigLocationConfig{
&CredentialIssuerLocationConfig{
Namespace: "ignored by this test",
Name: "ignored by this test",
},
@ -136,8 +136,8 @@ func TestManagerControllerSync(t *testing.T) {
const fakeKeyPath = "/some/key/path"
const defaultDynamicCertProviderCert = "initial-cert"
const defaultDynamicCertProviderKey = "initial-key"
const credentialIssuerConfigNamespaceName = "cic-namespace-name"
const credentialIssuerConfigResourceName = "cic-resource-name"
const credentialIssuerNamespaceName = "ci-namespace-name"
const credentialIssuerResourceName = "ci-resource-name"
var r *require.Assertions
@ -151,7 +151,7 @@ func TestManagerControllerSync(t *testing.T) {
var fakeExecutor *fakePodExecutor
var dynamicCertProvider dynamiccert.Provider
var fakeCertPEM, fakeKeyPEM string
var credentialIssuerConfigGVR schema.GroupVersionResource
var credentialIssuerGVR schema.GroupVersionResource
var frozenNow time.Time
// Defer starting the informers until the last possible moment so that the
@ -159,9 +159,9 @@ func TestManagerControllerSync(t *testing.T) {
var startInformersAndController = func() {
// Set this at the last second to allow for injection of server override.
subject = NewExecerController(
&CredentialIssuerConfigLocationConfig{
Namespace: credentialIssuerConfigNamespaceName,
Name: credentialIssuerConfigResourceName,
&CredentialIssuerLocationConfig{
Namespace: credentialIssuerNamespaceName,
Name: credentialIssuerResourceName,
},
dynamicCertProvider,
fakeExecutor,
@ -237,10 +237,10 @@ func TestManagerControllerSync(t *testing.T) {
fakeCertPEM = loadFile("./testdata/test.crt")
fakeKeyPEM = loadFile("./testdata/test.key")
credentialIssuerConfigGVR = schema.GroupVersionResource{
credentialIssuerGVR = schema.GroupVersionResource{
Group: configv1alpha1.GroupName,
Version: configv1alpha1.SchemeGroupVersion.Version,
Resource: "credentialissuerconfigs",
Resource: "credentialissuers",
}
})
@ -326,33 +326,33 @@ func TestManagerControllerSync(t *testing.T) {
r.Equal(fakeKeyPEM, string(actualKeyPEM))
})
when("there is already a CredentialIssuerConfig", func() {
var initialCredentialIssuerConfig *configv1alpha1.CredentialIssuerConfig
when("there is already a CredentialIssuer", func() {
var initialCredentialIssuer *configv1alpha1.CredentialIssuer
it.Before(func() {
initialCredentialIssuerConfig = &configv1alpha1.CredentialIssuerConfig{
initialCredentialIssuer = &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName,
Namespace: credentialIssuerConfigNamespaceName,
Name: credentialIssuerResourceName,
Namespace: credentialIssuerNamespaceName,
},
Status: configv1alpha1.CredentialIssuerConfigStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: "some-server",
CertificateAuthorityData: "some-ca-value",
},
},
}
r.NoError(pinnipedAPIClient.Tracker().Add(initialCredentialIssuerConfig))
r.NoError(pinnipedAPIClient.Tracker().Add(initialCredentialIssuer))
})
it("also updates the the existing CredentialIssuerConfig status field", func() {
it("also updates the the existing CredentialIssuer status field", func() {
startInformersAndController()
r.NoError(controllerlib.TestSync(t, subject, *syncContext))
expectedCredentialIssuerConfig := initialCredentialIssuerConfig.DeepCopy()
expectedCredentialIssuerConfig.Status.Strategies = []configv1alpha1.CredentialIssuerConfigStrategy{
expectedCredentialIssuer := initialCredentialIssuer.DeepCopy()
expectedCredentialIssuer.Status.Strategies = []configv1alpha1.CredentialIssuerStrategy{
{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.SuccessStrategyStatus,
@ -361,16 +361,16 @@ func TestManagerControllerSync(t *testing.T) {
LastUpdateTime: metav1.NewTime(frozenNow),
},
}
expectedGetAction := coretesting.NewGetAction(credentialIssuerConfigGVR, credentialIssuerConfigNamespaceName, credentialIssuerConfigResourceName)
expectedCreateAction := coretesting.NewUpdateAction(credentialIssuerConfigGVR, credentialIssuerConfigNamespaceName, expectedCredentialIssuerConfig)
expectedGetAction := coretesting.NewGetAction(credentialIssuerGVR, credentialIssuerNamespaceName, credentialIssuerResourceName)
expectedCreateAction := coretesting.NewUpdateAction(credentialIssuerGVR, credentialIssuerNamespaceName, expectedCredentialIssuer)
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions())
})
when("updating the CredentialIssuerConfig fails", func() {
when("updating the CredentialIssuer fails", func() {
it.Before(func() {
pinnipedAPIClient.PrependReactor(
"update",
"credentialissuerconfigs",
"credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("some update error")
},
@ -380,27 +380,27 @@ func TestManagerControllerSync(t *testing.T) {
it("returns an error", func() {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
r.EqualError(err, "could not create or update credentialissuerconfig: some update error")
r.EqualError(err, "could not create or update credentialissuer: some update error")
})
})
})
when("there is not already a CredentialIssuerConfig", func() {
when("there is not already a CredentialIssuer", func() {
it.Before(func() {
startInformersAndController()
})
it("also creates the the CredentialIssuerConfig with the appropriate status field", func() {
it("also creates the the CredentialIssuer with the appropriate status field", func() {
r.NoError(controllerlib.TestSync(t, subject, *syncContext))
expectedCredentialIssuerConfig := &configv1alpha1.CredentialIssuerConfig{
expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName,
Namespace: credentialIssuerConfigNamespaceName,
Name: credentialIssuerResourceName,
Namespace: credentialIssuerNamespaceName,
},
Status: configv1alpha1.CredentialIssuerConfigStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{
{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.SuccessStrategyStatus,
@ -411,8 +411,8 @@ func TestManagerControllerSync(t *testing.T) {
},
},
}
expectedGetAction := coretesting.NewGetAction(credentialIssuerConfigGVR, credentialIssuerConfigNamespaceName, credentialIssuerConfigResourceName)
expectedCreateAction := coretesting.NewCreateAction(credentialIssuerConfigGVR, credentialIssuerConfigNamespaceName, expectedCredentialIssuerConfig)
expectedGetAction := coretesting.NewGetAction(credentialIssuerGVR, credentialIssuerNamespaceName, credentialIssuerResourceName)
expectedCreateAction := coretesting.NewCreateAction(credentialIssuerGVR, credentialIssuerNamespaceName, expectedCredentialIssuer)
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions())
})
})
@ -433,17 +433,17 @@ func TestManagerControllerSync(t *testing.T) {
requireDynamicCertProviderHasDefaultValues()
})
it("creates or updates the the CredentialIssuerConfig status field with an error", func() {
it("creates or updates the the CredentialIssuer status field with an error", func() {
r.EqualError(controllerlib.TestSync(t, subject, *syncContext), podExecErrorMessage)
expectedCredentialIssuerConfig := &configv1alpha1.CredentialIssuerConfig{
expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName,
Namespace: credentialIssuerConfigNamespaceName,
Name: credentialIssuerResourceName,
Namespace: credentialIssuerNamespaceName,
},
Status: configv1alpha1.CredentialIssuerConfigStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{
{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus,
@ -454,8 +454,8 @@ func TestManagerControllerSync(t *testing.T) {
},
},
}
expectedGetAction := coretesting.NewGetAction(credentialIssuerConfigGVR, credentialIssuerConfigNamespaceName, credentialIssuerConfigResourceName)
expectedCreateAction := coretesting.NewCreateAction(credentialIssuerConfigGVR, credentialIssuerConfigNamespaceName, expectedCredentialIssuerConfig)
expectedGetAction := coretesting.NewGetAction(credentialIssuerGVR, credentialIssuerNamespaceName, credentialIssuerResourceName)
expectedCreateAction := coretesting.NewCreateAction(credentialIssuerGVR, credentialIssuerNamespaceName, expectedCredentialIssuer)
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions())
})
})
@ -475,17 +475,17 @@ func TestManagerControllerSync(t *testing.T) {
requireDynamicCertProviderHasDefaultValues()
})
it("creates or updates the the CredentialIssuerConfig status field with an error", func() {
it("creates or updates the the CredentialIssuer status field with an error", func() {
r.EqualError(controllerlib.TestSync(t, subject, *syncContext), podExecErrorMessage)
expectedCredentialIssuerConfig := &configv1alpha1.CredentialIssuerConfig{
expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName,
Namespace: credentialIssuerConfigNamespaceName,
Name: credentialIssuerResourceName,
Namespace: credentialIssuerNamespaceName,
},
Status: configv1alpha1.CredentialIssuerConfigStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{
{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus,
@ -496,8 +496,8 @@ func TestManagerControllerSync(t *testing.T) {
},
},
}
expectedGetAction := coretesting.NewGetAction(credentialIssuerConfigGVR, credentialIssuerConfigNamespaceName, credentialIssuerConfigResourceName)
expectedCreateAction := coretesting.NewCreateAction(credentialIssuerConfigGVR, credentialIssuerConfigNamespaceName, expectedCredentialIssuerConfig)
expectedGetAction := coretesting.NewGetAction(credentialIssuerGVR, credentialIssuerNamespaceName, credentialIssuerResourceName)
expectedCreateAction := coretesting.NewCreateAction(credentialIssuerGVR, credentialIssuerNamespaceName, expectedCredentialIssuer)
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions())
})
})

34
internal/controller/kubecertagent/kubecertagent.go
View File

@ -73,11 +73,11 @@ type AgentPodConfig struct {
AdditionalLabels map[string]string
}
type CredentialIssuerConfigLocationConfig struct {
// The namespace in which the CredentialIssuerConfig should be created/updated.
type CredentialIssuerLocationConfig struct {
// The namespace in which the CredentialIssuer should be created/updated.
Namespace string
// The resource name for the CredentialIssuerConfig to be created/updated.
// The resource name for the CredentialIssuer to be created/updated.
Name string
}
@ -283,35 +283,35 @@ func findControllerManagerPodForSpecificAgentPod(
return maybeControllerManagerPod, nil
}
func createOrUpdateCredentialIssuerConfig(ctx context.Context,
cicConfig CredentialIssuerConfigLocationConfig,
credentialIssuerConfigLabels map[string]string,
func createOrUpdateCredentialIssuer(ctx context.Context,
ciConfig CredentialIssuerLocationConfig,
credentialIssuerLabels map[string]string,
clock clock.Clock,
pinnipedAPIClient pinnipedclientset.Interface,
err error,
) error {
return issuerconfig.CreateOrUpdateCredentialIssuerConfig(
return issuerconfig.CreateOrUpdateCredentialIssuer(
ctx,
cicConfig.Namespace,
cicConfig.Name,
credentialIssuerConfigLabels,
ciConfig.Namespace,
ciConfig.Name,
credentialIssuerLabels,
pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuerConfig) {
var strategyResult configv1alpha1.CredentialIssuerConfigStrategy
func(configToUpdate *configv1alpha1.CredentialIssuer) {
var strategyResult configv1alpha1.CredentialIssuerStrategy
if err == nil {
strategyResult = strategySuccess(clock)
} else {
strategyResult = strategyError(clock, err)
}
configToUpdate.Status.Strategies = []configv1alpha1.CredentialIssuerConfigStrategy{
configToUpdate.Status.Strategies = []configv1alpha1.CredentialIssuerStrategy{
strategyResult,
}
},
)
}
func strategySuccess(clock clock.Clock) configv1alpha1.CredentialIssuerConfigStrategy {
return configv1alpha1.CredentialIssuerConfigStrategy{
func strategySuccess(clock clock.Clock) configv1alpha1.CredentialIssuerStrategy {
return configv1alpha1.CredentialIssuerStrategy{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.SuccessStrategyStatus,
Reason: configv1alpha1.FetchedKeyStrategyReason,
@ -320,8 +320,8 @@ func strategySuccess(clock clock.Clock) configv1alpha1.CredentialIssuerConfigStr
}
}
func strategyError(clock clock.Clock, err error) configv1alpha1.CredentialIssuerConfigStrategy {
return configv1alpha1.CredentialIssuerConfigStrategy{
func strategyError(clock clock.Clock, err error) configv1alpha1.CredentialIssuerStrategy {
return configv1alpha1.CredentialIssuerStrategy{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus,
Reason: configv1alpha1.CouldNotFetchKeyStrategyReason,

4
internal/controller/kubecertagent/kubecertagent_test.go
View File

@ -131,7 +131,7 @@ func defineSharedKubecertagentFilterSpecs(
name string,
newFunc func(
agentPodConfig *AgentPodConfig,
credentialIssuerConfigLocationConfig *CredentialIssuerConfigLocationConfig,
credentialIssuerLocationConfig *CredentialIssuerLocationConfig,
kubeSystemPodInformer corev1informers.PodInformer,
agentPodInformer corev1informers.PodInformer,
observableWithInformerOption *testutil.ObservableWithInformerOption,
@ -149,7 +149,7 @@ func defineSharedKubecertagentFilterSpecs(
kubeSystemPodInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().Pods()
agentPodInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().Pods()
observableWithInformerOption := testutil.NewObservableWithInformerOption()
newFunc(&AgentPodConfig{}, &CredentialIssuerConfigLocationConfig{}, kubeSystemPodInformer, agentPodInformer, observableWithInformerOption)
newFunc(&AgentPodConfig{}, &CredentialIssuerLocationConfig{}, kubeSystemPodInformer, agentPodInformer, observableWithInformerOption)
kubeSystemPodInformerFilter = observableWithInformerOption.GetFilterForInformer(kubeSystemPodInformer)
agentPodInformerFilter = observableWithInformerOption.GetFilterForInformer(agentPodInformer)

14
internal/controllermanager/prepare_controllers.go
View File

@ -101,9 +101,9 @@ func PrepareControllers(c *Config) (func(ctx context.Context), error) {
ContainerImagePullSecrets: c.KubeCertAgentConfig.ImagePullSecrets,
AdditionalLabels: c.Labels,
}
credentialIssuerConfigLocationConfig := &kubecertagent.CredentialIssuerConfigLocationConfig{
credentialIssuerLocationConfig := &kubecertagent.CredentialIssuerLocationConfig{
Namespace: c.ServerInstallationNamespace,
Name: c.NamesConfig.CredentialIssuerConfig,
Name: c.NamesConfig.CredentialIssuer,
}
// Create controller manager.
@ -111,11 +111,11 @@ func PrepareControllers(c *Config) (func(ctx context.Context), error) {
NewManager().
// KubeConfig info publishing controller is responsible for writing the KubeConfig information to the
// CredentialIssuerConfig resource and keeping that information up to date.
// CredentialIssuer resource and keeping that information up to date.
WithController(
issuerconfig.NewKubeConfigInfoPublisherController(
c.ServerInstallationNamespace,
c.NamesConfig.CredentialIssuerConfig,
c.NamesConfig.CredentialIssuer,
c.Labels,
c.DiscoveryURLOverride,
pinnipedClient,
@ -179,7 +179,7 @@ func PrepareControllers(c *Config) (func(ctx context.Context), error) {
WithController(
kubecertagent.NewCreaterController(
agentPodConfig,
credentialIssuerConfigLocationConfig,
credentialIssuerLocationConfig,
c.Labels,
clock.RealClock{},
k8sClient,
@ -194,7 +194,7 @@ func PrepareControllers(c *Config) (func(ctx context.Context), error) {
WithController(
kubecertagent.NewAnnotaterController(
agentPodConfig,
credentialIssuerConfigLocationConfig,
credentialIssuerLocationConfig,
clock.RealClock{},
k8sClient,
pinnipedClient,
@ -206,7 +206,7 @@ func PrepareControllers(c *Config) (func(ctx context.Context), error) {
).
WithController(
kubecertagent.NewExecerController(
credentialIssuerConfigLocationConfig,
credentialIssuerLocationConfig,
c.DynamicSigningCertProvider,
kubecertagent.NewPodCommandExecutor(kubeConfig, k8sClient),
pinnipedClient,

10
test/integration/concierge_credentialissuerconfig_test.go
View File

@ -16,7 +16,7 @@ import (
"go.pinniped.dev/test/library"
)
func TestCredentialIssuerConfig(t *testing.T) {
func TestCredentialIssuer(t *testing.T) {
env := library.IntegrationEnv(t)
config := library.NewClientConfig(t)
client := library.NewConciergeClientset(t)
@ -24,10 +24,10 @@ func TestCredentialIssuerConfig(t *testing.T) {
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
t.Run("test successful CredentialIssuerConfig", func(t *testing.T) {
t.Run("test successful CredentialIssuer", func(t *testing.T) {
actualConfigList, err := client.
ConfigV1alpha1().
CredentialIssuerConfigs(env.ConciergeNamespace).
CredentialIssuers(env.ConciergeNamespace).
List(ctx, metav1.ListOptions{})
require.NoError(t, err)
@ -37,7 +37,7 @@ func TestCredentialIssuerConfig(t *testing.T) {
actualStatusKubeConfigInfo := actualConfigList.Items[0].Status.KubeConfigInfo
for k, v := range env.ConciergeCustomLabels {
require.Equalf(t, v, actualConfig.Labels[k], "expected cic to have label `%s: %s`", k, v)
require.Equalf(t, v, actualConfig.Labels[k], "expected ci to have label `%s: %s`", k, v)
}
require.Equal(t, env.ConciergeAppName, actualConfig.Labels["app"])
@ -54,7 +54,7 @@ func TestCredentialIssuerConfig(t *testing.T) {
// Verify the published kube config info.
require.Equal(
t,
&configv1alpha1.CredentialIssuerConfigKubeConfigInfo{
&configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: config.Host,
CertificateAuthorityData: base64.StdEncoding.EncodeToString(config.TLSClientConfig.CAData),
},

7
test/integration/kube_api_discovery_test.go
View File

@ -98,12 +98,11 @@ func TestGetAPIResourceList(t *testing.T) {
resourceByVersion: map[string][]metav1.APIResource{
"config.concierge.pinniped.dev/v1alpha1": {
{
Name: "credentialissuerconfigs",
SingularName: "credentialissuerconfig",
Name: "credentialissuers",
SingularName: "credentialissuer",
Namespaced: true,
Kind: "CredentialIssuerConfig",
Kind: "CredentialIssuer",
Verbs: []string{"delete", "deletecollection", "get", "list", "patch", "create", "update", "watch"},
ShortNames: []string{"cic"},
},
},
},