Rename CredentialIssuerConfig to CredentialIssuer.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
This commit is contained in:
Matt Moyer 2020-11-02 15:39:43 -06:00
parent b13a8075e4
commit 59263ea733
No known key found for this signature in database
GPG Key ID: EAE88AD172C5AE2D
88 changed files with 2393 additions and 2406 deletions

View File

@ -30,8 +30,8 @@ func init() {
// Adds the list of known types to the given scheme. // Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error { func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion, scheme.AddKnownTypes(SchemeGroupVersion,
&CredentialIssuerConfig{}, &CredentialIssuer{},
&CredentialIssuerConfigList{}, &CredentialIssuerList{},
) )
metav1.AddToGroupVersion(scheme, SchemeGroupVersion) metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil return nil

View File

@ -25,17 +25,17 @@ const (
) )
// Status of a credential issuer. // Status of a credential issuer.
type CredentialIssuerConfigStatus struct { type CredentialIssuerStatus struct {
// List of integration strategies that were attempted by Pinniped. // List of integration strategies that were attempted by Pinniped.
Strategies []CredentialIssuerConfigStrategy `json:"strategies"` Strategies []CredentialIssuerStrategy `json:"strategies"`
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
// +optional // +optional
KubeConfigInfo *CredentialIssuerConfigKubeConfigInfo `json:"kubeConfigInfo,omitempty"` KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
} }
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
type CredentialIssuerConfigKubeConfigInfo struct { type CredentialIssuerKubeConfigInfo struct {
// The K8s API server URL. // The K8s API server URL.
// +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://|^http://` // +kubebuilder:validation:Pattern=`^https://|^http://`
@ -47,7 +47,7 @@ type CredentialIssuerConfigKubeConfigInfo struct {
} }
// Status of an integration strategy that was attempted by Pinniped. // Status of an integration strategy that was attempted by Pinniped.
type CredentialIssuerConfigStrategy struct { type CredentialIssuerStrategy struct {
// Type of integration attempted. // Type of integration attempted.
Type StrategyType `json:"type"` Type StrategyType `json:"type"`
@ -68,22 +68,21 @@ type CredentialIssuerConfigStrategy struct {
// Describes the configuration status of a Pinniped credential issuer. // Describes the configuration status of a Pinniped credential issuer.
// +genclient // +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:resource:shortName=cic
type CredentialIssuerConfig struct { type CredentialIssuer struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"` metav1.ObjectMeta `json:"metadata,omitempty"`
// Status of the credential issuer. // Status of the credential issuer.
Status CredentialIssuerConfigStatus `json:"status"` Status CredentialIssuerStatus `json:"status"`
} }
// List of CredentialIssuerConfig objects. // List of CredentialIssuer objects.
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type CredentialIssuerConfigList struct { type CredentialIssuerList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"` metav1.ListMeta `json:"metadata,omitempty"`
Items []CredentialIssuerConfig `json:"items"` Items []CredentialIssuer `json:"items"`
} }

View File

@ -124,13 +124,13 @@ func (c *getKubeConfigCommand) run(cmd *cobra.Command, args []string) error {
} }
} }
credentialIssuerConfig, err := fetchPinnipedCredentialIssuerConfig(clientset, c.flags.namespace) credentialIssuer, err := fetchPinnipedCredentialIssuer(clientset, c.flags.namespace)
if err != nil { if err != nil {
return err return err
} }
if credentialIssuerConfig.Status.KubeConfigInfo == nil { if credentialIssuer.Status.KubeConfigInfo == nil {
return constable.Error(`CredentialIssuerConfig "pinniped-config" was missing KubeConfigInfo`) return constable.Error(`CredentialIssuer "pinniped-config" was missing KubeConfigInfo`)
} }
v1Cluster, err := copyCurrentClusterFromExistingKubeConfig(currentKubeConfig, c.flags.contextOverride) v1Cluster, err := copyCurrentClusterFromExistingKubeConfig(currentKubeConfig, c.flags.contextOverride)
@ -138,7 +138,7 @@ func (c *getKubeConfigCommand) run(cmd *cobra.Command, args []string) error {
return err return err
} }
err = issueWarningForNonMatchingServerOrCA(v1Cluster, credentialIssuerConfig, cmd.ErrOrStderr()) err = issueWarningForNonMatchingServerOrCA(v1Cluster, credentialIssuer, cmd.ErrOrStderr())
if err != nil { if err != nil {
return err return err
} }
@ -153,14 +153,14 @@ func (c *getKubeConfigCommand) run(cmd *cobra.Command, args []string) error {
return nil return nil
} }
func issueWarningForNonMatchingServerOrCA(v1Cluster v1.Cluster, credentialIssuerConfig *configv1alpha1.CredentialIssuerConfig, warningsWriter io.Writer) error { func issueWarningForNonMatchingServerOrCA(v1Cluster v1.Cluster, credentialIssuer *configv1alpha1.CredentialIssuer, warningsWriter io.Writer) error {
credentialIssuerConfigCA, err := base64.StdEncoding.DecodeString(credentialIssuerConfig.Status.KubeConfigInfo.CertificateAuthorityData) credentialIssuerCA, err := base64.StdEncoding.DecodeString(credentialIssuer.Status.KubeConfigInfo.CertificateAuthorityData)
if err != nil { if err != nil {
return err return err
} }
if v1Cluster.Server != credentialIssuerConfig.Status.KubeConfigInfo.Server || if v1Cluster.Server != credentialIssuer.Status.KubeConfigInfo.Server ||
!bytes.Equal(v1Cluster.CertificateAuthorityData, credentialIssuerConfigCA) { !bytes.Equal(v1Cluster.CertificateAuthorityData, credentialIssuerCA) {
_, err := warningsWriter.Write([]byte("WARNING: Server and certificate authority did not match between local kubeconfig and Pinniped's CredentialIssuerConfig on the cluster. Using local kubeconfig values.\n")) _, err := warningsWriter.Write([]byte("WARNING: Server and certificate authority did not match between local kubeconfig and Pinniped's CredentialIssuer on the cluster. Using local kubeconfig values.\n"))
if err != nil { if err != nil {
return fmt.Errorf("output write error: %w", err) return fmt.Errorf("output write error: %w", err)
} }
@ -207,31 +207,31 @@ func getDefaultAuthenticator(clientset pinnipedclientset.Interface, namespace st
return authenticators[0].authenticatorType, authenticators[0].authenticatorName, nil return authenticators[0].authenticatorType, authenticators[0].authenticatorName, nil
} }
func fetchPinnipedCredentialIssuerConfig(clientset pinnipedclientset.Interface, pinnipedInstallationNamespace string) (*configv1alpha1.CredentialIssuerConfig, error) { func fetchPinnipedCredentialIssuer(clientset pinnipedclientset.Interface, pinnipedInstallationNamespace string) (*configv1alpha1.CredentialIssuer, error) {
ctx, cancelFunc := context.WithTimeout(context.Background(), time.Second*20) ctx, cancelFunc := context.WithTimeout(context.Background(), time.Second*20)
defer cancelFunc() defer cancelFunc()
credentialIssuerConfigs, err := clientset.ConfigV1alpha1().CredentialIssuerConfigs(pinnipedInstallationNamespace).List(ctx, metav1.ListOptions{}) credentialIssuers, err := clientset.ConfigV1alpha1().CredentialIssuers(pinnipedInstallationNamespace).List(ctx, metav1.ListOptions{})
if err != nil { if err != nil {
return nil, err return nil, err
} }
if len(credentialIssuerConfigs.Items) == 0 { if len(credentialIssuers.Items) == 0 {
return nil, constable.Error(fmt.Sprintf( return nil, constable.Error(fmt.Sprintf(
`No CredentialIssuerConfig was found in namespace "%s". Is Pinniped installed on this cluster in namespace "%s"?`, `No CredentialIssuer was found in namespace "%s". Is Pinniped installed on this cluster in namespace "%s"?`,
pinnipedInstallationNamespace, pinnipedInstallationNamespace,
pinnipedInstallationNamespace, pinnipedInstallationNamespace,
)) ))
} }
if len(credentialIssuerConfigs.Items) > 1 { if len(credentialIssuers.Items) > 1 {
return nil, constable.Error(fmt.Sprintf( return nil, constable.Error(fmt.Sprintf(
`More than one CredentialIssuerConfig was found in namespace "%s"`, `More than one CredentialIssuer was found in namespace "%s"`,
pinnipedInstallationNamespace, pinnipedInstallationNamespace,
)) ))
} }
return &credentialIssuerConfigs.Items[0], nil return &credentialIssuers.Items[0], nil
} }
func newClientConfig(kubeconfigPathOverride string, currentContextName string) clientcmd.ClientConfig { func newClientConfig(kubeconfigPathOverride string, currentContextName string) clientcmd.ClientConfig {

View File

@ -170,18 +170,18 @@ func (e expectedKubeconfigYAML) String() string {
`, e.clusterCAData, e.clusterServer, e.command, e.pinnipedEndpoint, e.pinnipedCABundle, e.namespace, e.token, e.authenticatorType, e.authenticatorName) `, e.clusterCAData, e.clusterServer, e.command, e.pinnipedEndpoint, e.pinnipedCABundle, e.namespace, e.token, e.authenticatorType, e.authenticatorName)
} }
func newCredentialIssuerConfig(name, namespace, server, certificateAuthorityData string) *configv1alpha1.CredentialIssuerConfig { func newCredentialIssuer(name, namespace, server, certificateAuthorityData string) *configv1alpha1.CredentialIssuer {
return &configv1alpha1.CredentialIssuerConfig{ return &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{ TypeMeta: metav1.TypeMeta{
Kind: "CredentialIssuerConfig", Kind: "CredentialIssuer",
APIVersion: configv1alpha1.SchemeGroupVersion.String(), APIVersion: configv1alpha1.SchemeGroupVersion.String(),
}, },
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: name, Name: name,
Namespace: namespace, Namespace: namespace,
}, },
Status: configv1alpha1.CredentialIssuerConfigStatus{ Status: configv1alpha1.CredentialIssuerStatus{
KubeConfigInfo: &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{ KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: server, Server: server,
CertificateAuthorityData: base64.StdEncoding.EncodeToString([]byte(certificateAuthorityData)), CertificateAuthorityData: base64.StdEncoding.EncodeToString([]byte(certificateAuthorityData)),
}, },
@ -264,59 +264,59 @@ func TestRun(t *testing.T) {
wantError: `multiple authenticators were found in namespace "test-namespace", so --authenticator-name/--authenticator-type must be specified`, wantError: `multiple authenticators were found in namespace "test-namespace", so --authenticator-name/--authenticator-type must be specified`,
}, },
{ {
name: "fail to get CredentialIssuerConfigs", name: "fail to get CredentialIssuers",
mocks: func(cmd *getKubeConfigCommand) { mocks: func(cmd *getKubeConfigCommand) {
clientset := pinnipedfake.NewSimpleClientset() clientset := pinnipedfake.NewSimpleClientset()
clientset.PrependReactor("*", "*", func(_ coretesting.Action) (bool, runtime.Object, error) { clientset.PrependReactor("*", "*", func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, fmt.Errorf("some error getting CredentialIssuerConfigs") return true, nil, fmt.Errorf("some error getting CredentialIssuers")
}) })
cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) { cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) {
return clientset, nil return clientset, nil
} }
}, },
wantError: "some error getting CredentialIssuerConfigs", wantError: "some error getting CredentialIssuers",
}, },
{ {
name: "zero CredentialIssuerConfigs found", name: "zero CredentialIssuers found",
mocks: func(cmd *getKubeConfigCommand) { mocks: func(cmd *getKubeConfigCommand) {
cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) { cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) {
return pinnipedfake.NewSimpleClientset( return pinnipedfake.NewSimpleClientset(
newCredentialIssuerConfig("pinniped-config-1", "not-the-test-namespace", "", ""), newCredentialIssuer("pinniped-config-1", "not-the-test-namespace", "", ""),
), nil ), nil
} }
}, },
wantError: `No CredentialIssuerConfig was found in namespace "test-namespace". Is Pinniped installed on this cluster in namespace "test-namespace"?`, wantError: `No CredentialIssuer was found in namespace "test-namespace". Is Pinniped installed on this cluster in namespace "test-namespace"?`,
}, },
{ {
name: "multiple CredentialIssuerConfigs found", name: "multiple CredentialIssuers found",
mocks: func(cmd *getKubeConfigCommand) { mocks: func(cmd *getKubeConfigCommand) {
cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) { cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) {
return pinnipedfake.NewSimpleClientset( return pinnipedfake.NewSimpleClientset(
newCredentialIssuerConfig("pinniped-config-1", "test-namespace", "", ""), newCredentialIssuer("pinniped-config-1", "test-namespace", "", ""),
newCredentialIssuerConfig("pinniped-config-2", "test-namespace", "", ""), newCredentialIssuer("pinniped-config-2", "test-namespace", "", ""),
), nil ), nil
} }
}, },
wantError: `More than one CredentialIssuerConfig was found in namespace "test-namespace"`, wantError: `More than one CredentialIssuer was found in namespace "test-namespace"`,
}, },
{ {
name: "CredentialIssuerConfig missing KubeConfigInfo", name: "CredentialIssuer missing KubeConfigInfo",
mocks: func(cmd *getKubeConfigCommand) { mocks: func(cmd *getKubeConfigCommand) {
cic := newCredentialIssuerConfig("pinniped-config", "test-namespace", "", "") ci := newCredentialIssuer("pinniped-config", "test-namespace", "", "")
cic.Status.KubeConfigInfo = nil ci.Status.KubeConfigInfo = nil
cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) { cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) {
return pinnipedfake.NewSimpleClientset(cic), nil return pinnipedfake.NewSimpleClientset(ci), nil
} }
}, },
wantError: `CredentialIssuerConfig "pinniped-config" was missing KubeConfigInfo`, wantError: `CredentialIssuer "pinniped-config" was missing KubeConfigInfo`,
}, },
{ {
name: "KubeConfigInfo has invalid base64", name: "KubeConfigInfo has invalid base64",
mocks: func(cmd *getKubeConfigCommand) { mocks: func(cmd *getKubeConfigCommand) {
cic := newCredentialIssuerConfig("pinniped-config", "test-namespace", "https://example.com", "") ci := newCredentialIssuer("pinniped-config", "test-namespace", "https://example.com", "")
cic.Status.KubeConfigInfo.CertificateAuthorityData = "invalid-base64-test-ca" ci.Status.KubeConfigInfo.CertificateAuthorityData = "invalid-base64-test-ca"
cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) { cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) {
return pinnipedfake.NewSimpleClientset(cic), nil return pinnipedfake.NewSimpleClientset(ci), nil
} }
}, },
wantError: `illegal base64 data at input byte 7`, wantError: `illegal base64 data at input byte 7`,
@ -324,9 +324,9 @@ func TestRun(t *testing.T) {
{ {
name: "success using remote CA data", name: "success using remote CA data",
mocks: func(cmd *getKubeConfigCommand) { mocks: func(cmd *getKubeConfigCommand) {
cic := newCredentialIssuerConfig("pinniped-config", "test-namespace", "https://fake-server-url-value", "fake-certificate-authority-data-value") ci := newCredentialIssuer("pinniped-config", "test-namespace", "https://fake-server-url-value", "fake-certificate-authority-data-value")
cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) { cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) {
return pinnipedfake.NewSimpleClientset(cic), nil return pinnipedfake.NewSimpleClientset(ci), nil
} }
}, },
wantStdout: expectedKubeconfigYAML{ wantStdout: expectedKubeconfigYAML{
@ -350,11 +350,11 @@ func TestRun(t *testing.T) {
cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) { cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) {
return pinnipedfake.NewSimpleClientset( return pinnipedfake.NewSimpleClientset(
&authv1alpha.WebhookAuthenticator{ObjectMeta: metav1.ObjectMeta{Namespace: "test-namespace", Name: "discovered-authenticator"}}, &authv1alpha.WebhookAuthenticator{ObjectMeta: metav1.ObjectMeta{Namespace: "test-namespace", Name: "discovered-authenticator"}},
newCredentialIssuerConfig("pinniped-config", "test-namespace", "https://example.com", "test-ca"), newCredentialIssuer("pinniped-config", "test-namespace", "https://example.com", "test-ca"),
), nil ), nil
} }
}, },
wantStderr: `WARNING: Server and certificate authority did not match between local kubeconfig and Pinniped's CredentialIssuerConfig on the cluster. Using local kubeconfig values.`, wantStderr: `WARNING: Server and certificate authority did not match between local kubeconfig and Pinniped's CredentialIssuer on the cluster. Using local kubeconfig values.`,
wantStdout: expectedKubeconfigYAML{ wantStdout: expectedKubeconfigYAML{
clusterCAData: "ZmFrZS1jZXJ0aWZpY2F0ZS1hdXRob3JpdHktZGF0YS12YWx1ZQ==", clusterCAData: "ZmFrZS1jZXJ0aWZpY2F0ZS1hdXRob3JpdHktZGF0YS12YWx1ZQ==",
clusterServer: "https://fake-server-url-value", clusterServer: "https://fake-server-url-value",

View File

@ -6,16 +6,14 @@ metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.4.0 controller-gen.kubebuilder.io/version: v0.4.0
creationTimestamp: null creationTimestamp: null
name: credentialissuerconfigs.config.concierge.pinniped.dev name: credentialissuers.config.concierge.pinniped.dev
spec: spec:
group: config.concierge.pinniped.dev group: config.concierge.pinniped.dev
names: names:
kind: CredentialIssuerConfig kind: CredentialIssuer
listKind: CredentialIssuerConfigList listKind: CredentialIssuerList
plural: credentialissuerconfigs plural: credentialissuers
shortNames: singular: credentialissuer
- cic
singular: credentialissuerconfig
scope: Namespaced scope: Namespaced
versions: versions:
- name: v1alpha1 - name: v1alpha1

View File

@ -39,7 +39,7 @@ data:
renewBeforeSeconds: (@= str(data.values.api_serving_certificate_renew_before_seconds) @) renewBeforeSeconds: (@= str(data.values.api_serving_certificate_renew_before_seconds) @)
names: names:
servingCertificateSecret: (@= defaultResourceNameWithSuffix("api-tls-serving-certificate") @) servingCertificateSecret: (@= defaultResourceNameWithSuffix("api-tls-serving-certificate") @)
credentialIssuerConfig: (@= defaultResourceNameWithSuffix("config") @) credentialIssuer: (@= defaultResourceNameWithSuffix("config") @)
apiService: (@= defaultResourceNameWithSuffix("api") @) apiService: (@= defaultResourceNameWithSuffix("api") @)
labels: (@= json.encode(labels()).rstrip() @) labels: (@= json.encode(labels()).rstrip() @)
kubeCertAgent: kubeCertAgent:

View File

@ -4,7 +4,7 @@
#@ load("@ytt:overlay", "overlay") #@ load("@ytt:overlay", "overlay")
#@ load("helpers.lib.yaml", "labels") #@ load("helpers.lib.yaml", "labels")
#@overlay/match by=overlay.subset({"kind": "CustomResourceDefinition", "metadata":{"name":"credentialissuerconfigs.config.concierge.pinniped.dev"}}), expects=1 #@overlay/match by=overlay.subset({"kind": "CustomResourceDefinition", "metadata":{"name":"credentialissuers.config.concierge.pinniped.dev"}}), expects=1
--- ---
metadata: metadata:
#@overlay/match missing_ok=True #@overlay/match missing_ok=True

View File

@ -131,14 +131,14 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfig"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuer"]
==== CredentialIssuerConfig ==== CredentialIssuer
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfiglist[$$CredentialIssuerConfigList$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
@ -146,18 +146,18 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
| Field | Description | Field | Description
| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. | *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`.
| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$]__ | Status of the credential issuer. | *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | Status of the credential issuer.
|=== |===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfigkubeconfiginfo"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"]
==== CredentialIssuerConfigKubeConfigInfo ==== CredentialIssuerKubeConfigInfo
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
@ -170,32 +170,32 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfigstatus"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerstatus"]
==== CredentialIssuerConfigStatus ==== CredentialIssuerStatus
Status of a credential issuer. Status of a credential issuer.
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfig[$$CredentialIssuerConfig$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
|=== |===
| Field | Description | Field | Description
| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfigstrategy[$$CredentialIssuerConfigStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. | *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped.
| *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfigkubeconfiginfo[$$CredentialIssuerConfigKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. | *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
|=== |===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfigstrategy"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerstrategy"]
==== CredentialIssuerConfigStrategy ==== CredentialIssuerStrategy
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]

View File

@ -30,8 +30,8 @@ func init() {
// Adds the list of known types to the given scheme. // Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error { func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion, scheme.AddKnownTypes(SchemeGroupVersion,
&CredentialIssuerConfig{}, &CredentialIssuer{},
&CredentialIssuerConfigList{}, &CredentialIssuerList{},
) )
metav1.AddToGroupVersion(scheme, SchemeGroupVersion) metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil return nil

View File

@ -25,17 +25,17 @@ const (
) )
// Status of a credential issuer. // Status of a credential issuer.
type CredentialIssuerConfigStatus struct { type CredentialIssuerStatus struct {
// List of integration strategies that were attempted by Pinniped. // List of integration strategies that were attempted by Pinniped.
Strategies []CredentialIssuerConfigStrategy `json:"strategies"` Strategies []CredentialIssuerStrategy `json:"strategies"`
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
// +optional // +optional
KubeConfigInfo *CredentialIssuerConfigKubeConfigInfo `json:"kubeConfigInfo,omitempty"` KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
} }
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
type CredentialIssuerConfigKubeConfigInfo struct { type CredentialIssuerKubeConfigInfo struct {
// The K8s API server URL. // The K8s API server URL.
// +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://|^http://` // +kubebuilder:validation:Pattern=`^https://|^http://`
@ -47,7 +47,7 @@ type CredentialIssuerConfigKubeConfigInfo struct {
} }
// Status of an integration strategy that was attempted by Pinniped. // Status of an integration strategy that was attempted by Pinniped.
type CredentialIssuerConfigStrategy struct { type CredentialIssuerStrategy struct {
// Type of integration attempted. // Type of integration attempted.
Type StrategyType `json:"type"` Type StrategyType `json:"type"`
@ -68,22 +68,21 @@ type CredentialIssuerConfigStrategy struct {
// Describes the configuration status of a Pinniped credential issuer. // Describes the configuration status of a Pinniped credential issuer.
// +genclient // +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:resource:shortName=cic
type CredentialIssuerConfig struct { type CredentialIssuer struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"` metav1.ObjectMeta `json:"metadata,omitempty"`
// Status of the credential issuer. // Status of the credential issuer.
Status CredentialIssuerConfigStatus `json:"status"` Status CredentialIssuerStatus `json:"status"`
} }
// List of CredentialIssuerConfig objects. // List of CredentialIssuer objects.
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type CredentialIssuerConfigList struct { type CredentialIssuerList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"` metav1.ListMeta `json:"metadata,omitempty"`
Items []CredentialIssuerConfig `json:"items"` Items []CredentialIssuer `json:"items"`
} }

View File

@ -12,7 +12,7 @@ import (
) )
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfig) DeepCopyInto(out *CredentialIssuerConfig) { func (in *CredentialIssuer) DeepCopyInto(out *CredentialIssuer) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
@ -20,18 +20,18 @@ func (in *CredentialIssuerConfig) DeepCopyInto(out *CredentialIssuerConfig) {
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfig. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuer.
func (in *CredentialIssuerConfig) DeepCopy() *CredentialIssuerConfig { func (in *CredentialIssuer) DeepCopy() *CredentialIssuer {
if in == nil { if in == nil {
return nil return nil
} }
out := new(CredentialIssuerConfig) out := new(CredentialIssuer)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *CredentialIssuerConfig) DeepCopyObject() runtime.Object { func (in *CredentialIssuer) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -39,29 +39,29 @@ func (in *CredentialIssuerConfig) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopyInto(out *CredentialIssuerConfigKubeConfigInfo) { func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) {
*out = *in *out = *in
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigKubeConfigInfo. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerKubeConfigInfo.
func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopy() *CredentialIssuerConfigKubeConfigInfo { func (in *CredentialIssuerKubeConfigInfo) DeepCopy() *CredentialIssuerKubeConfigInfo {
if in == nil { if in == nil {
return nil return nil
} }
out := new(CredentialIssuerConfigKubeConfigInfo) out := new(CredentialIssuerKubeConfigInfo)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigList) DeepCopyInto(out *CredentialIssuerConfigList) { func (in *CredentialIssuerList) DeepCopyInto(out *CredentialIssuerList) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta) in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil { if in.Items != nil {
in, out := &in.Items, &out.Items in, out := &in.Items, &out.Items
*out = make([]CredentialIssuerConfig, len(*in)) *out = make([]CredentialIssuer, len(*in))
for i := range *in { for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i]) (*in)[i].DeepCopyInto(&(*out)[i])
} }
@ -69,18 +69,18 @@ func (in *CredentialIssuerConfigList) DeepCopyInto(out *CredentialIssuerConfigLi
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigList. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerList.
func (in *CredentialIssuerConfigList) DeepCopy() *CredentialIssuerConfigList { func (in *CredentialIssuerList) DeepCopy() *CredentialIssuerList {
if in == nil { if in == nil {
return nil return nil
} }
out := new(CredentialIssuerConfigList) out := new(CredentialIssuerList)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *CredentialIssuerConfigList) DeepCopyObject() runtime.Object { func (in *CredentialIssuerList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -88,46 +88,46 @@ func (in *CredentialIssuerConfigList) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigStatus) DeepCopyInto(out *CredentialIssuerConfigStatus) { func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) {
*out = *in *out = *in
if in.Strategies != nil { if in.Strategies != nil {
in, out := &in.Strategies, &out.Strategies in, out := &in.Strategies, &out.Strategies
*out = make([]CredentialIssuerConfigStrategy, len(*in)) *out = make([]CredentialIssuerStrategy, len(*in))
for i := range *in { for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i]) (*in)[i].DeepCopyInto(&(*out)[i])
} }
} }
if in.KubeConfigInfo != nil { if in.KubeConfigInfo != nil {
in, out := &in.KubeConfigInfo, &out.KubeConfigInfo in, out := &in.KubeConfigInfo, &out.KubeConfigInfo
*out = new(CredentialIssuerConfigKubeConfigInfo) *out = new(CredentialIssuerKubeConfigInfo)
**out = **in **out = **in
} }
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStatus. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStatus.
func (in *CredentialIssuerConfigStatus) DeepCopy() *CredentialIssuerConfigStatus { func (in *CredentialIssuerStatus) DeepCopy() *CredentialIssuerStatus {
if in == nil { if in == nil {
return nil return nil
} }
out := new(CredentialIssuerConfigStatus) out := new(CredentialIssuerStatus)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigStrategy) DeepCopyInto(out *CredentialIssuerConfigStrategy) { func (in *CredentialIssuerStrategy) DeepCopyInto(out *CredentialIssuerStrategy) {
*out = *in *out = *in
in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime) in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime)
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStrategy. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStrategy.
func (in *CredentialIssuerConfigStrategy) DeepCopy() *CredentialIssuerConfigStrategy { func (in *CredentialIssuerStrategy) DeepCopy() *CredentialIssuerStrategy {
if in == nil { if in == nil {
return nil return nil
} }
out := new(CredentialIssuerConfigStrategy) out := new(CredentialIssuerStrategy)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }

View File

@ -13,7 +13,7 @@ import (
type ConfigV1alpha1Interface interface { type ConfigV1alpha1Interface interface {
RESTClient() rest.Interface RESTClient() rest.Interface
CredentialIssuerConfigsGetter CredentialIssuersGetter
} }
// ConfigV1alpha1Client is used to interact with features provided by the config.concierge.pinniped.dev group. // ConfigV1alpha1Client is used to interact with features provided by the config.concierge.pinniped.dev group.
@ -21,8 +21,8 @@ type ConfigV1alpha1Client struct {
restClient rest.Interface restClient rest.Interface
} }
func (c *ConfigV1alpha1Client) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface { func (c *ConfigV1alpha1Client) CredentialIssuers(namespace string) CredentialIssuerInterface {
return newCredentialIssuerConfigs(c, namespace) return newCredentialIssuers(c, namespace)
} }
// NewForConfig creates a new ConfigV1alpha1Client for the given config. // NewForConfig creates a new ConfigV1alpha1Client for the given config.

View File

@ -0,0 +1,178 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"time"
v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.17/client/concierge/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// CredentialIssuersGetter has a method to return a CredentialIssuerInterface.
// A group's client should implement this interface.
type CredentialIssuersGetter interface {
CredentialIssuers(namespace string) CredentialIssuerInterface
}
// CredentialIssuerInterface has methods to work with CredentialIssuer resources.
type CredentialIssuerInterface interface {
Create(*v1alpha1.CredentialIssuer) (*v1alpha1.CredentialIssuer, error)
Update(*v1alpha1.CredentialIssuer) (*v1alpha1.CredentialIssuer, error)
UpdateStatus(*v1alpha1.CredentialIssuer) (*v1alpha1.CredentialIssuer, error)
Delete(name string, options *v1.DeleteOptions) error
DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
Get(name string, options v1.GetOptions) (*v1alpha1.CredentialIssuer, error)
List(opts v1.ListOptions) (*v1alpha1.CredentialIssuerList, error)
Watch(opts v1.ListOptions) (watch.Interface, error)
Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CredentialIssuer, err error)
CredentialIssuerExpansion
}
// credentialIssuers implements CredentialIssuerInterface
type credentialIssuers struct {
client rest.Interface
ns string
}
// newCredentialIssuers returns a CredentialIssuers
func newCredentialIssuers(c *ConfigV1alpha1Client, namespace string) *credentialIssuers {
return &credentialIssuers{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any.
func (c *credentialIssuers) Get(name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do().
Into(result)
return
}
// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors.
func (c *credentialIssuers) List(opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.CredentialIssuerList{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do().
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested credentialIssuers.
func (c *credentialIssuers) Watch(opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch()
}
// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *credentialIssuers) Create(credentialIssuer *v1alpha1.CredentialIssuer) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Post().
Namespace(c.ns).
Resource("credentialissuers").
Body(credentialIssuer).
Do().
Into(result)
return
}
// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *credentialIssuers) Update(credentialIssuer *v1alpha1.CredentialIssuer) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuers").
Name(credentialIssuer.Name).
Body(credentialIssuer).
Do().
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *credentialIssuers) UpdateStatus(credentialIssuer *v1alpha1.CredentialIssuer) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuers").
Name(credentialIssuer.Name).
SubResource("status").
Body(credentialIssuer).
Do().
Into(result)
return
}
// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs.
func (c *credentialIssuers) Delete(name string, options *v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuers").
Name(name).
Body(options).
Do().
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *credentialIssuers) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
var timeout time.Duration
if listOptions.TimeoutSeconds != nil {
timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&listOptions, scheme.ParameterCodec).
Timeout(timeout).
Body(options).
Do().
Error()
}
// Patch applies the patch and returns the patched credentialIssuer.
func (c *credentialIssuers) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("credentialissuers").
SubResource(subresources...).
Name(name).
Body(data).
Do().
Into(result)
return
}

View File

@ -1,178 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"time"
v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.17/client/concierge/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// CredentialIssuerConfigsGetter has a method to return a CredentialIssuerConfigInterface.
// A group's client should implement this interface.
type CredentialIssuerConfigsGetter interface {
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface
}
// CredentialIssuerConfigInterface has methods to work with CredentialIssuerConfig resources.
type CredentialIssuerConfigInterface interface {
Create(*v1alpha1.CredentialIssuerConfig) (*v1alpha1.CredentialIssuerConfig, error)
Update(*v1alpha1.CredentialIssuerConfig) (*v1alpha1.CredentialIssuerConfig, error)
UpdateStatus(*v1alpha1.CredentialIssuerConfig) (*v1alpha1.CredentialIssuerConfig, error)
Delete(name string, options *v1.DeleteOptions) error
DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
Get(name string, options v1.GetOptions) (*v1alpha1.CredentialIssuerConfig, error)
List(opts v1.ListOptions) (*v1alpha1.CredentialIssuerConfigList, error)
Watch(opts v1.ListOptions) (watch.Interface, error)
Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error)
CredentialIssuerConfigExpansion
}
// credentialIssuerConfigs implements CredentialIssuerConfigInterface
type credentialIssuerConfigs struct {
client rest.Interface
ns string
}
// newCredentialIssuerConfigs returns a CredentialIssuerConfigs
func newCredentialIssuerConfigs(c *ConfigV1alpha1Client, namespace string) *credentialIssuerConfigs {
return &credentialIssuerConfigs{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *credentialIssuerConfigs) Get(name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do().
Into(result)
return
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *credentialIssuerConfigs) List(opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.CredentialIssuerConfigList{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do().
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *credentialIssuerConfigs) Watch(opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch()
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Create(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Post().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Body(credentialIssuerConfig).
Do().
Into(result)
return
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Update(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
Body(credentialIssuerConfig).
Do().
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *credentialIssuerConfigs) UpdateStatus(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
SubResource("status").
Body(credentialIssuerConfig).
Do().
Into(result)
return
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *credentialIssuerConfigs) Delete(name string, options *v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
Body(options).
Do().
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *credentialIssuerConfigs) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
var timeout time.Duration
if listOptions.TimeoutSeconds != nil {
timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&listOptions, scheme.ParameterCodec).
Timeout(timeout).
Body(options).
Do().
Error()
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *credentialIssuerConfigs) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("credentialissuerconfigs").
SubResource(subresources...).
Name(name).
Body(data).
Do().
Into(result)
return
}

View File

@ -15,8 +15,8 @@ type FakeConfigV1alpha1 struct {
*testing.Fake *testing.Fake
} }
func (c *FakeConfigV1alpha1) CredentialIssuerConfigs(namespace string) v1alpha1.CredentialIssuerConfigInterface { func (c *FakeConfigV1alpha1) CredentialIssuers(namespace string) v1alpha1.CredentialIssuerInterface {
return &FakeCredentialIssuerConfigs{c, namespace} return &FakeCredentialIssuers{c, namespace}
} }
// RESTClient returns a RESTClient that is used to communicate // RESTClient returns a RESTClient that is used to communicate

View File

@ -0,0 +1,127 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeCredentialIssuers implements CredentialIssuerInterface
type FakeCredentialIssuers struct {
Fake *FakeConfigV1alpha1
ns string
}
var credentialissuersResource = schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuers"}
var credentialissuersKind = schema.GroupVersionKind{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuer"}
// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any.
func (c *FakeCredentialIssuers) Get(name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(credentialissuersResource, c.ns, name), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors.
func (c *FakeCredentialIssuers) List(opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(credentialissuersResource, credentialissuersKind, c.ns, opts), &v1alpha1.CredentialIssuerList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.CredentialIssuerList{ListMeta: obj.(*v1alpha1.CredentialIssuerList).ListMeta}
for _, item := range obj.(*v1alpha1.CredentialIssuerList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested credentialIssuers.
func (c *FakeCredentialIssuers) Watch(opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(credentialissuersResource, c.ns, opts))
}
// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *FakeCredentialIssuers) Create(credentialIssuer *v1alpha1.CredentialIssuer) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(credentialissuersResource, c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *FakeCredentialIssuers) Update(credentialIssuer *v1alpha1.CredentialIssuer) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(credentialissuersResource, c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeCredentialIssuers) UpdateStatus(credentialIssuer *v1alpha1.CredentialIssuer) (*v1alpha1.CredentialIssuer, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(credentialissuersResource, "status", c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs.
func (c *FakeCredentialIssuers) Delete(name string, options *v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(credentialissuersResource, c.ns, name), &v1alpha1.CredentialIssuer{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeCredentialIssuers) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(credentialissuersResource, c.ns, listOptions)
_, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerList{})
return err
}
// Patch applies the patch and returns the patched credentialIssuer.
func (c *FakeCredentialIssuers) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(credentialissuersResource, c.ns, name, pt, data, subresources...), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}

View File

@ -1,127 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeCredentialIssuerConfigs implements CredentialIssuerConfigInterface
type FakeCredentialIssuerConfigs struct {
Fake *FakeConfigV1alpha1
ns string
}
var credentialissuerconfigsResource = schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuerconfigs"}
var credentialissuerconfigsKind = schema.GroupVersionKind{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuerConfig"}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *FakeCredentialIssuerConfigs) Get(name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *FakeCredentialIssuerConfigs) List(opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(credentialissuerconfigsResource, credentialissuerconfigsKind, c.ns, opts), &v1alpha1.CredentialIssuerConfigList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.CredentialIssuerConfigList{ListMeta: obj.(*v1alpha1.CredentialIssuerConfigList).ListMeta}
for _, item := range obj.(*v1alpha1.CredentialIssuerConfigList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *FakeCredentialIssuerConfigs) Watch(opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(credentialissuerconfigsResource, c.ns, opts))
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Create(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Update(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeCredentialIssuerConfigs) UpdateStatus(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (*v1alpha1.CredentialIssuerConfig, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(credentialissuerconfigsResource, "status", c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *FakeCredentialIssuerConfigs) Delete(name string, options *v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeCredentialIssuerConfigs) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(credentialissuerconfigsResource, c.ns, listOptions)
_, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerConfigList{})
return err
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *FakeCredentialIssuerConfigs) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(credentialissuerconfigsResource, c.ns, name, pt, data, subresources...), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}

View File

@ -5,4 +5,4 @@
package v1alpha1 package v1alpha1
type CredentialIssuerConfigExpansion interface{} type CredentialIssuerExpansion interface{}

View File

@ -0,0 +1,76 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.17/client/concierge/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.17/client/concierge/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.17/client/concierge/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// CredentialIssuerInformer provides access to a shared informer and lister for
// CredentialIssuers.
type CredentialIssuerInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.CredentialIssuerLister
}
type credentialIssuerInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewCredentialIssuerInformer constructs a new informer for CredentialIssuer type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewCredentialIssuerInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredCredentialIssuerInformer constructs a new informer for CredentialIssuer type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredCredentialIssuerInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuers(namespace).List(options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuers(namespace).Watch(options)
},
},
&configv1alpha1.CredentialIssuer{},
resyncPeriod,
indexers,
)
}
func (f *credentialIssuerInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *credentialIssuerInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.CredentialIssuer{}, f.defaultInformer)
}
func (f *credentialIssuerInformer) Lister() v1alpha1.CredentialIssuerLister {
return v1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer())
}

View File

@ -1,76 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.17/client/concierge/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.17/client/concierge/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.17/client/concierge/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigInformer provides access to a shared informer and lister for
// CredentialIssuerConfigs.
type CredentialIssuerConfigInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.CredentialIssuerConfigLister
}
type credentialIssuerConfigInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuerConfigs(namespace).List(options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuerConfigs(namespace).Watch(options)
},
},
&configv1alpha1.CredentialIssuerConfig{},
resyncPeriod,
indexers,
)
}
func (f *credentialIssuerConfigInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *credentialIssuerConfigInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.CredentialIssuerConfig{}, f.defaultInformer)
}
func (f *credentialIssuerConfigInformer) Lister() v1alpha1.CredentialIssuerConfigLister {
return v1alpha1.NewCredentialIssuerConfigLister(f.Informer().GetIndexer())
}

View File

@ -11,8 +11,8 @@ import (
// Interface provides access to all the informers in this group version. // Interface provides access to all the informers in this group version.
type Interface interface { type Interface interface {
// CredentialIssuerConfigs returns a CredentialIssuerConfigInformer. // CredentialIssuers returns a CredentialIssuerInformer.
CredentialIssuerConfigs() CredentialIssuerConfigInformer CredentialIssuers() CredentialIssuerInformer
} }
type version struct { type version struct {
@ -26,7 +26,7 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
} }
// CredentialIssuerConfigs returns a CredentialIssuerConfigInformer. // CredentialIssuers returns a CredentialIssuerInformer.
func (v *version) CredentialIssuerConfigs() CredentialIssuerConfigInformer { func (v *version) CredentialIssuers() CredentialIssuerInformer {
return &credentialIssuerConfigInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} return &credentialIssuerInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
} }

View File

@ -46,8 +46,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil
// Group=config.concierge.pinniped.dev, Version=v1alpha1 // Group=config.concierge.pinniped.dev, Version=v1alpha1
case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuerconfigs"): case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuers"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuerConfigs().Informer()}, nil return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuers().Informer()}, nil
// Group=login.concierge.pinniped.dev, Version=v1alpha1 // Group=login.concierge.pinniped.dev, Version=v1alpha1
case loginv1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests"): case loginv1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests"):

View File

@ -0,0 +1,81 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// CredentialIssuerLister helps list CredentialIssuers.
type CredentialIssuerLister interface {
// List lists all CredentialIssuers in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error)
// CredentialIssuers returns an object that can list and get CredentialIssuers.
CredentialIssuers(namespace string) CredentialIssuerNamespaceLister
CredentialIssuerListerExpansion
}
// credentialIssuerLister implements the CredentialIssuerLister interface.
type credentialIssuerLister struct {
indexer cache.Indexer
}
// NewCredentialIssuerLister returns a new CredentialIssuerLister.
func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister {
return &credentialIssuerLister{indexer: indexer}
}
// List lists all CredentialIssuers in the indexer.
func (s *credentialIssuerLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuer))
})
return ret, err
}
// CredentialIssuers returns an object that can list and get CredentialIssuers.
func (s *credentialIssuerLister) CredentialIssuers(namespace string) CredentialIssuerNamespaceLister {
return credentialIssuerNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// CredentialIssuerNamespaceLister helps list and get CredentialIssuers.
type CredentialIssuerNamespaceLister interface {
// List lists all CredentialIssuers in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error)
// Get retrieves the CredentialIssuer from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.CredentialIssuer, error)
CredentialIssuerNamespaceListerExpansion
}
// credentialIssuerNamespaceLister implements the CredentialIssuerNamespaceLister
// interface.
type credentialIssuerNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all CredentialIssuers in the indexer for a given namespace.
func (s credentialIssuerNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuer))
})
return ret, err
}
// Get retrieves the CredentialIssuer from the indexer for a given namespace and name.
func (s credentialIssuerNamespaceLister) Get(name string) (*v1alpha1.CredentialIssuer, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuer"), name)
}
return obj.(*v1alpha1.CredentialIssuer), nil
}

View File

@ -1,81 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigLister helps list CredentialIssuerConfigs.
type CredentialIssuerConfigLister interface {
// List lists all CredentialIssuerConfigs in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister
CredentialIssuerConfigListerExpansion
}
// credentialIssuerConfigLister implements the CredentialIssuerConfigLister interface.
type credentialIssuerConfigLister struct {
indexer cache.Indexer
}
// NewCredentialIssuerConfigLister returns a new CredentialIssuerConfigLister.
func NewCredentialIssuerConfigLister(indexer cache.Indexer) CredentialIssuerConfigLister {
return &credentialIssuerConfigLister{indexer: indexer}
}
// List lists all CredentialIssuerConfigs in the indexer.
func (s *credentialIssuerConfigLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
func (s *credentialIssuerConfigLister) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister {
return credentialIssuerConfigNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// CredentialIssuerConfigNamespaceLister helps list and get CredentialIssuerConfigs.
type CredentialIssuerConfigNamespaceLister interface {
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.CredentialIssuerConfig, error)
CredentialIssuerConfigNamespaceListerExpansion
}
// credentialIssuerConfigNamespaceLister implements the CredentialIssuerConfigNamespaceLister
// interface.
type credentialIssuerConfigNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
func (s credentialIssuerConfigNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
func (s credentialIssuerConfigNamespaceLister) Get(name string) (*v1alpha1.CredentialIssuerConfig, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuerconfig"), name)
}
return obj.(*v1alpha1.CredentialIssuerConfig), nil
}

View File

@ -5,10 +5,10 @@
package v1alpha1 package v1alpha1
// CredentialIssuerConfigListerExpansion allows custom methods to be added to // CredentialIssuerListerExpansion allows custom methods to be added to
// CredentialIssuerConfigLister. // CredentialIssuerLister.
type CredentialIssuerConfigListerExpansion interface{} type CredentialIssuerListerExpansion interface{}
// CredentialIssuerConfigNamespaceListerExpansion allows custom methods to be added to // CredentialIssuerNamespaceListerExpansion allows custom methods to be added to
// CredentialIssuerConfigNamespaceLister. // CredentialIssuerNamespaceLister.
type CredentialIssuerConfigNamespaceListerExpansion interface{} type CredentialIssuerNamespaceListerExpansion interface{}

View File

@ -23,11 +23,11 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
"go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorList": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref), "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorList": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref), "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref), "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfig": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref), "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuer": schema_apis_concierge_config_v1alpha1_CredentialIssuer(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref), "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo": schema_apis_concierge_config_v1alpha1_CredentialIssuerKubeConfigInfo(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigList": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref), "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerList": schema_apis_concierge_config_v1alpha1_CredentialIssuerList(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref), "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerStatus": schema_apis_concierge_config_v1alpha1_CredentialIssuerStatus(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStrategy(ref), "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerStrategy": schema_apis_concierge_config_v1alpha1_CredentialIssuerStrategy(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), "go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), "go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref),
"go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), "go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref),
@ -325,7 +325,7 @@ func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(re
} }
} }
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_concierge_config_v1alpha1_CredentialIssuer(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -353,7 +353,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.Ref
"status": { "status": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "Status of the credential issuer.", Description: "Status of the credential issuer.",
Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus"), Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerStatus"),
}, },
}, },
}, },
@ -361,11 +361,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.Ref
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
} }
} }
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_concierge_config_v1alpha1_CredentialIssuerKubeConfigInfo(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -393,7 +393,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(
} }
} }
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_concierge_config_v1alpha1_CredentialIssuerList(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -424,7 +424,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common
Items: &spec.SchemaOrArray{ Items: &spec.SchemaOrArray{
Schema: &spec.Schema{ Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfig"), Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuer"),
}, },
}, },
}, },
@ -435,11 +435,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfig", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuer", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
} }
} }
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_concierge_config_v1alpha1_CredentialIssuerStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -453,7 +453,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
Items: &spec.SchemaOrArray{ Items: &spec.SchemaOrArray{
Schema: &spec.Schema{ Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy"), Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerStrategy"),
}, },
}, },
}, },
@ -462,7 +462,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
"kubeConfigInfo": { "kubeConfigInfo": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.", Description: "Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.",
Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo"), Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo"),
}, },
}, },
}, },
@ -470,11 +470,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo", "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy"}, "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo", "go.pinniped.dev/generated/1.17/apis/concierge/config/v1alpha1.CredentialIssuerStrategy"},
} }
} }
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStrategy(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_concierge_config_v1alpha1_CredentialIssuerStrategy(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{

View File

@ -6,16 +6,14 @@ metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.4.0 controller-gen.kubebuilder.io/version: v0.4.0
creationTimestamp: null creationTimestamp: null
name: credentialissuerconfigs.config.concierge.pinniped.dev name: credentialissuers.config.concierge.pinniped.dev
spec: spec:
group: config.concierge.pinniped.dev group: config.concierge.pinniped.dev
names: names:
kind: CredentialIssuerConfig kind: CredentialIssuer
listKind: CredentialIssuerConfigList listKind: CredentialIssuerList
plural: credentialissuerconfigs plural: credentialissuers
shortNames: singular: credentialissuer
- cic
singular: credentialissuerconfig
scope: Namespaced scope: Namespaced
versions: versions:
- name: v1alpha1 - name: v1alpha1

View File

@ -131,14 +131,14 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfig"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuer"]
==== CredentialIssuerConfig ==== CredentialIssuer
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfiglist[$$CredentialIssuerConfigList$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
@ -146,18 +146,18 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
| Field | Description | Field | Description
| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. | *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`.
| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$]__ | Status of the credential issuer. | *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | Status of the credential issuer.
|=== |===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfigkubeconfiginfo"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"]
==== CredentialIssuerConfigKubeConfigInfo ==== CredentialIssuerKubeConfigInfo
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
@ -170,32 +170,32 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfigstatus"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerstatus"]
==== CredentialIssuerConfigStatus ==== CredentialIssuerStatus
Status of a credential issuer. Status of a credential issuer.
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfig[$$CredentialIssuerConfig$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
|=== |===
| Field | Description | Field | Description
| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfigstrategy[$$CredentialIssuerConfigStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. | *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped.
| *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfigkubeconfiginfo[$$CredentialIssuerConfigKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. | *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
|=== |===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfigstrategy"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerstrategy"]
==== CredentialIssuerConfigStrategy ==== CredentialIssuerStrategy
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]

View File

@ -30,8 +30,8 @@ func init() {
// Adds the list of known types to the given scheme. // Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error { func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion, scheme.AddKnownTypes(SchemeGroupVersion,
&CredentialIssuerConfig{}, &CredentialIssuer{},
&CredentialIssuerConfigList{}, &CredentialIssuerList{},
) )
metav1.AddToGroupVersion(scheme, SchemeGroupVersion) metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil return nil

View File

@ -25,17 +25,17 @@ const (
) )
// Status of a credential issuer. // Status of a credential issuer.
type CredentialIssuerConfigStatus struct { type CredentialIssuerStatus struct {
// List of integration strategies that were attempted by Pinniped. // List of integration strategies that were attempted by Pinniped.
Strategies []CredentialIssuerConfigStrategy `json:"strategies"` Strategies []CredentialIssuerStrategy `json:"strategies"`
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
// +optional // +optional
KubeConfigInfo *CredentialIssuerConfigKubeConfigInfo `json:"kubeConfigInfo,omitempty"` KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
} }
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
type CredentialIssuerConfigKubeConfigInfo struct { type CredentialIssuerKubeConfigInfo struct {
// The K8s API server URL. // The K8s API server URL.
// +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://|^http://` // +kubebuilder:validation:Pattern=`^https://|^http://`
@ -47,7 +47,7 @@ type CredentialIssuerConfigKubeConfigInfo struct {
} }
// Status of an integration strategy that was attempted by Pinniped. // Status of an integration strategy that was attempted by Pinniped.
type CredentialIssuerConfigStrategy struct { type CredentialIssuerStrategy struct {
// Type of integration attempted. // Type of integration attempted.
Type StrategyType `json:"type"` Type StrategyType `json:"type"`
@ -68,22 +68,21 @@ type CredentialIssuerConfigStrategy struct {
// Describes the configuration status of a Pinniped credential issuer. // Describes the configuration status of a Pinniped credential issuer.
// +genclient // +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:resource:shortName=cic
type CredentialIssuerConfig struct { type CredentialIssuer struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"` metav1.ObjectMeta `json:"metadata,omitempty"`
// Status of the credential issuer. // Status of the credential issuer.
Status CredentialIssuerConfigStatus `json:"status"` Status CredentialIssuerStatus `json:"status"`
} }
// List of CredentialIssuerConfig objects. // List of CredentialIssuer objects.
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type CredentialIssuerConfigList struct { type CredentialIssuerList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"` metav1.ListMeta `json:"metadata,omitempty"`
Items []CredentialIssuerConfig `json:"items"` Items []CredentialIssuer `json:"items"`
} }

View File

@ -12,7 +12,7 @@ import (
) )
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfig) DeepCopyInto(out *CredentialIssuerConfig) { func (in *CredentialIssuer) DeepCopyInto(out *CredentialIssuer) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
@ -20,18 +20,18 @@ func (in *CredentialIssuerConfig) DeepCopyInto(out *CredentialIssuerConfig) {
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfig. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuer.
func (in *CredentialIssuerConfig) DeepCopy() *CredentialIssuerConfig { func (in *CredentialIssuer) DeepCopy() *CredentialIssuer {
if in == nil { if in == nil {
return nil return nil
} }
out := new(CredentialIssuerConfig) out := new(CredentialIssuer)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *CredentialIssuerConfig) DeepCopyObject() runtime.Object { func (in *CredentialIssuer) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -39,29 +39,29 @@ func (in *CredentialIssuerConfig) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopyInto(out *CredentialIssuerConfigKubeConfigInfo) { func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) {
*out = *in *out = *in
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigKubeConfigInfo. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerKubeConfigInfo.
func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopy() *CredentialIssuerConfigKubeConfigInfo { func (in *CredentialIssuerKubeConfigInfo) DeepCopy() *CredentialIssuerKubeConfigInfo {
if in == nil { if in == nil {
return nil return nil
} }
out := new(CredentialIssuerConfigKubeConfigInfo) out := new(CredentialIssuerKubeConfigInfo)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigList) DeepCopyInto(out *CredentialIssuerConfigList) { func (in *CredentialIssuerList) DeepCopyInto(out *CredentialIssuerList) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta) in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil { if in.Items != nil {
in, out := &in.Items, &out.Items in, out := &in.Items, &out.Items
*out = make([]CredentialIssuerConfig, len(*in)) *out = make([]CredentialIssuer, len(*in))
for i := range *in { for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i]) (*in)[i].DeepCopyInto(&(*out)[i])
} }
@ -69,18 +69,18 @@ func (in *CredentialIssuerConfigList) DeepCopyInto(out *CredentialIssuerConfigLi
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigList. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerList.
func (in *CredentialIssuerConfigList) DeepCopy() *CredentialIssuerConfigList { func (in *CredentialIssuerList) DeepCopy() *CredentialIssuerList {
if in == nil { if in == nil {
return nil return nil
} }
out := new(CredentialIssuerConfigList) out := new(CredentialIssuerList)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *CredentialIssuerConfigList) DeepCopyObject() runtime.Object { func (in *CredentialIssuerList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -88,46 +88,46 @@ func (in *CredentialIssuerConfigList) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigStatus) DeepCopyInto(out *CredentialIssuerConfigStatus) { func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) {
*out = *in *out = *in
if in.Strategies != nil { if in.Strategies != nil {
in, out := &in.Strategies, &out.Strategies in, out := &in.Strategies, &out.Strategies
*out = make([]CredentialIssuerConfigStrategy, len(*in)) *out = make([]CredentialIssuerStrategy, len(*in))
for i := range *in { for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i]) (*in)[i].DeepCopyInto(&(*out)[i])
} }
} }
if in.KubeConfigInfo != nil { if in.KubeConfigInfo != nil {
in, out := &in.KubeConfigInfo, &out.KubeConfigInfo in, out := &in.KubeConfigInfo, &out.KubeConfigInfo
*out = new(CredentialIssuerConfigKubeConfigInfo) *out = new(CredentialIssuerKubeConfigInfo)
**out = **in **out = **in
} }
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStatus. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStatus.
func (in *CredentialIssuerConfigStatus) DeepCopy() *CredentialIssuerConfigStatus { func (in *CredentialIssuerStatus) DeepCopy() *CredentialIssuerStatus {
if in == nil { if in == nil {
return nil return nil
} }
out := new(CredentialIssuerConfigStatus) out := new(CredentialIssuerStatus)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigStrategy) DeepCopyInto(out *CredentialIssuerConfigStrategy) { func (in *CredentialIssuerStrategy) DeepCopyInto(out *CredentialIssuerStrategy) {
*out = *in *out = *in
in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime) in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime)
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStrategy. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStrategy.
func (in *CredentialIssuerConfigStrategy) DeepCopy() *CredentialIssuerConfigStrategy { func (in *CredentialIssuerStrategy) DeepCopy() *CredentialIssuerStrategy {
if in == nil { if in == nil {
return nil return nil
} }
out := new(CredentialIssuerConfigStrategy) out := new(CredentialIssuerStrategy)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }

View File

@ -13,7 +13,7 @@ import (
type ConfigV1alpha1Interface interface { type ConfigV1alpha1Interface interface {
RESTClient() rest.Interface RESTClient() rest.Interface
CredentialIssuerConfigsGetter CredentialIssuersGetter
} }
// ConfigV1alpha1Client is used to interact with features provided by the config.concierge.pinniped.dev group. // ConfigV1alpha1Client is used to interact with features provided by the config.concierge.pinniped.dev group.
@ -21,8 +21,8 @@ type ConfigV1alpha1Client struct {
restClient rest.Interface restClient rest.Interface
} }
func (c *ConfigV1alpha1Client) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface { func (c *ConfigV1alpha1Client) CredentialIssuers(namespace string) CredentialIssuerInterface {
return newCredentialIssuerConfigs(c, namespace) return newCredentialIssuers(c, namespace)
} }
// NewForConfig creates a new ConfigV1alpha1Client for the given config. // NewForConfig creates a new ConfigV1alpha1Client for the given config.

View File

@ -0,0 +1,182 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.18/client/concierge/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// CredentialIssuersGetter has a method to return a CredentialIssuerInterface.
// A group's client should implement this interface.
type CredentialIssuersGetter interface {
CredentialIssuers(namespace string) CredentialIssuerInterface
}
// CredentialIssuerInterface has methods to work with CredentialIssuer resources.
type CredentialIssuerInterface interface {
Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (*v1alpha1.CredentialIssuer, error)
Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error)
UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuer, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error)
CredentialIssuerExpansion
}
// credentialIssuers implements CredentialIssuerInterface
type credentialIssuers struct {
client rest.Interface
ns string
}
// newCredentialIssuers returns a CredentialIssuers
func newCredentialIssuers(c *ConfigV1alpha1Client, namespace string) *credentialIssuers {
return &credentialIssuers{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any.
func (c *credentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors.
func (c *credentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.CredentialIssuerList{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested credentialIssuers.
func (c *credentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *credentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Post().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuer).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *credentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuers").
Name(credentialIssuer.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuer).
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *credentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuers").
Name(credentialIssuer.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuer).
Do(ctx).
Into(result)
return
}
// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs.
func (c *credentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuers").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *credentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched credentialIssuer.
func (c *credentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("credentialissuers").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

View File

@ -1,182 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.18/client/concierge/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// CredentialIssuerConfigsGetter has a method to return a CredentialIssuerConfigInterface.
// A group's client should implement this interface.
type CredentialIssuerConfigsGetter interface {
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface
}
// CredentialIssuerConfigInterface has methods to work with CredentialIssuerConfig resources.
type CredentialIssuerConfigInterface interface {
Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (*v1alpha1.CredentialIssuerConfig, error)
Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error)
UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuerConfig, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerConfigList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error)
CredentialIssuerConfigExpansion
}
// credentialIssuerConfigs implements CredentialIssuerConfigInterface
type credentialIssuerConfigs struct {
client rest.Interface
ns string
}
// newCredentialIssuerConfigs returns a CredentialIssuerConfigs
func newCredentialIssuerConfigs(c *ConfigV1alpha1Client, namespace string) *credentialIssuerConfigs {
return &credentialIssuerConfigs{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *credentialIssuerConfigs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *credentialIssuerConfigs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.CredentialIssuerConfigList{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *credentialIssuerConfigs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Post().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *credentialIssuerConfigs) UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *credentialIssuerConfigs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *credentialIssuerConfigs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *credentialIssuerConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

View File

@ -15,8 +15,8 @@ type FakeConfigV1alpha1 struct {
*testing.Fake *testing.Fake
} }
func (c *FakeConfigV1alpha1) CredentialIssuerConfigs(namespace string) v1alpha1.CredentialIssuerConfigInterface { func (c *FakeConfigV1alpha1) CredentialIssuers(namespace string) v1alpha1.CredentialIssuerInterface {
return &FakeCredentialIssuerConfigs{c, namespace} return &FakeCredentialIssuers{c, namespace}
} }
// RESTClient returns a RESTClient that is used to communicate // RESTClient returns a RESTClient that is used to communicate

View File

@ -0,0 +1,129 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeCredentialIssuers implements CredentialIssuerInterface
type FakeCredentialIssuers struct {
Fake *FakeConfigV1alpha1
ns string
}
var credentialissuersResource = schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuers"}
var credentialissuersKind = schema.GroupVersionKind{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuer"}
// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any.
func (c *FakeCredentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(credentialissuersResource, c.ns, name), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors.
func (c *FakeCredentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(credentialissuersResource, credentialissuersKind, c.ns, opts), &v1alpha1.CredentialIssuerList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.CredentialIssuerList{ListMeta: obj.(*v1alpha1.CredentialIssuerList).ListMeta}
for _, item := range obj.(*v1alpha1.CredentialIssuerList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested credentialIssuers.
func (c *FakeCredentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(credentialissuersResource, c.ns, opts))
}
// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *FakeCredentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(credentialissuersResource, c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *FakeCredentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(credentialissuersResource, c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeCredentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(credentialissuersResource, "status", c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs.
func (c *FakeCredentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(credentialissuersResource, c.ns, name), &v1alpha1.CredentialIssuer{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeCredentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(credentialissuersResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerList{})
return err
}
// Patch applies the patch and returns the patched credentialIssuer.
func (c *FakeCredentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(credentialissuersResource, c.ns, name, pt, data, subresources...), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}

View File

@ -1,129 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeCredentialIssuerConfigs implements CredentialIssuerConfigInterface
type FakeCredentialIssuerConfigs struct {
Fake *FakeConfigV1alpha1
ns string
}
var credentialissuerconfigsResource = schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuerconfigs"}
var credentialissuerconfigsKind = schema.GroupVersionKind{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuerConfig"}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *FakeCredentialIssuerConfigs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *FakeCredentialIssuerConfigs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(credentialissuerconfigsResource, credentialissuerconfigsKind, c.ns, opts), &v1alpha1.CredentialIssuerConfigList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.CredentialIssuerConfigList{ListMeta: obj.(*v1alpha1.CredentialIssuerConfigList).ListMeta}
for _, item := range obj.(*v1alpha1.CredentialIssuerConfigList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *FakeCredentialIssuerConfigs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(credentialissuerconfigsResource, c.ns, opts))
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeCredentialIssuerConfigs) UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(credentialissuerconfigsResource, "status", c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *FakeCredentialIssuerConfigs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeCredentialIssuerConfigs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(credentialissuerconfigsResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerConfigList{})
return err
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *FakeCredentialIssuerConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(credentialissuerconfigsResource, c.ns, name, pt, data, subresources...), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}

View File

@ -5,4 +5,4 @@
package v1alpha1 package v1alpha1
type CredentialIssuerConfigExpansion interface{} type CredentialIssuerExpansion interface{}

View File

@ -0,0 +1,77 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.18/client/concierge/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.18/client/concierge/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.18/client/concierge/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// CredentialIssuerInformer provides access to a shared informer and lister for
// CredentialIssuers.
type CredentialIssuerInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.CredentialIssuerLister
}
type credentialIssuerInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewCredentialIssuerInformer constructs a new informer for CredentialIssuer type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewCredentialIssuerInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredCredentialIssuerInformer constructs a new informer for CredentialIssuer type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredCredentialIssuerInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuers(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuers(namespace).Watch(context.TODO(), options)
},
},
&configv1alpha1.CredentialIssuer{},
resyncPeriod,
indexers,
)
}
func (f *credentialIssuerInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *credentialIssuerInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.CredentialIssuer{}, f.defaultInformer)
}
func (f *credentialIssuerInformer) Lister() v1alpha1.CredentialIssuerLister {
return v1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer())
}

View File

@ -1,77 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.18/client/concierge/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.18/client/concierge/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.18/client/concierge/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigInformer provides access to a shared informer and lister for
// CredentialIssuerConfigs.
type CredentialIssuerConfigInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.CredentialIssuerConfigLister
}
type credentialIssuerConfigInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuerConfigs(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuerConfigs(namespace).Watch(context.TODO(), options)
},
},
&configv1alpha1.CredentialIssuerConfig{},
resyncPeriod,
indexers,
)
}
func (f *credentialIssuerConfigInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *credentialIssuerConfigInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.CredentialIssuerConfig{}, f.defaultInformer)
}
func (f *credentialIssuerConfigInformer) Lister() v1alpha1.CredentialIssuerConfigLister {
return v1alpha1.NewCredentialIssuerConfigLister(f.Informer().GetIndexer())
}

View File

@ -11,8 +11,8 @@ import (
// Interface provides access to all the informers in this group version. // Interface provides access to all the informers in this group version.
type Interface interface { type Interface interface {
// CredentialIssuerConfigs returns a CredentialIssuerConfigInformer. // CredentialIssuers returns a CredentialIssuerInformer.
CredentialIssuerConfigs() CredentialIssuerConfigInformer CredentialIssuers() CredentialIssuerInformer
} }
type version struct { type version struct {
@ -26,7 +26,7 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
} }
// CredentialIssuerConfigs returns a CredentialIssuerConfigInformer. // CredentialIssuers returns a CredentialIssuerInformer.
func (v *version) CredentialIssuerConfigs() CredentialIssuerConfigInformer { func (v *version) CredentialIssuers() CredentialIssuerInformer {
return &credentialIssuerConfigInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} return &credentialIssuerInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
} }

View File

@ -46,8 +46,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil
// Group=config.concierge.pinniped.dev, Version=v1alpha1 // Group=config.concierge.pinniped.dev, Version=v1alpha1
case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuerconfigs"): case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuers"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuerConfigs().Informer()}, nil return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuers().Informer()}, nil
// Group=login.concierge.pinniped.dev, Version=v1alpha1 // Group=login.concierge.pinniped.dev, Version=v1alpha1
case loginv1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests"): case loginv1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests"):

View File

@ -0,0 +1,81 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// CredentialIssuerLister helps list CredentialIssuers.
type CredentialIssuerLister interface {
// List lists all CredentialIssuers in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error)
// CredentialIssuers returns an object that can list and get CredentialIssuers.
CredentialIssuers(namespace string) CredentialIssuerNamespaceLister
CredentialIssuerListerExpansion
}
// credentialIssuerLister implements the CredentialIssuerLister interface.
type credentialIssuerLister struct {
indexer cache.Indexer
}
// NewCredentialIssuerLister returns a new CredentialIssuerLister.
func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister {
return &credentialIssuerLister{indexer: indexer}
}
// List lists all CredentialIssuers in the indexer.
func (s *credentialIssuerLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuer))
})
return ret, err
}
// CredentialIssuers returns an object that can list and get CredentialIssuers.
func (s *credentialIssuerLister) CredentialIssuers(namespace string) CredentialIssuerNamespaceLister {
return credentialIssuerNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// CredentialIssuerNamespaceLister helps list and get CredentialIssuers.
type CredentialIssuerNamespaceLister interface {
// List lists all CredentialIssuers in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error)
// Get retrieves the CredentialIssuer from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.CredentialIssuer, error)
CredentialIssuerNamespaceListerExpansion
}
// credentialIssuerNamespaceLister implements the CredentialIssuerNamespaceLister
// interface.
type credentialIssuerNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all CredentialIssuers in the indexer for a given namespace.
func (s credentialIssuerNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuer))
})
return ret, err
}
// Get retrieves the CredentialIssuer from the indexer for a given namespace and name.
func (s credentialIssuerNamespaceLister) Get(name string) (*v1alpha1.CredentialIssuer, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuer"), name)
}
return obj.(*v1alpha1.CredentialIssuer), nil
}

View File

@ -1,81 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigLister helps list CredentialIssuerConfigs.
type CredentialIssuerConfigLister interface {
// List lists all CredentialIssuerConfigs in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister
CredentialIssuerConfigListerExpansion
}
// credentialIssuerConfigLister implements the CredentialIssuerConfigLister interface.
type credentialIssuerConfigLister struct {
indexer cache.Indexer
}
// NewCredentialIssuerConfigLister returns a new CredentialIssuerConfigLister.
func NewCredentialIssuerConfigLister(indexer cache.Indexer) CredentialIssuerConfigLister {
return &credentialIssuerConfigLister{indexer: indexer}
}
// List lists all CredentialIssuerConfigs in the indexer.
func (s *credentialIssuerConfigLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
func (s *credentialIssuerConfigLister) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister {
return credentialIssuerConfigNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// CredentialIssuerConfigNamespaceLister helps list and get CredentialIssuerConfigs.
type CredentialIssuerConfigNamespaceLister interface {
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.CredentialIssuerConfig, error)
CredentialIssuerConfigNamespaceListerExpansion
}
// credentialIssuerConfigNamespaceLister implements the CredentialIssuerConfigNamespaceLister
// interface.
type credentialIssuerConfigNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
func (s credentialIssuerConfigNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
func (s credentialIssuerConfigNamespaceLister) Get(name string) (*v1alpha1.CredentialIssuerConfig, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuerconfig"), name)
}
return obj.(*v1alpha1.CredentialIssuerConfig), nil
}

View File

@ -5,10 +5,10 @@
package v1alpha1 package v1alpha1
// CredentialIssuerConfigListerExpansion allows custom methods to be added to // CredentialIssuerListerExpansion allows custom methods to be added to
// CredentialIssuerConfigLister. // CredentialIssuerLister.
type CredentialIssuerConfigListerExpansion interface{} type CredentialIssuerListerExpansion interface{}
// CredentialIssuerConfigNamespaceListerExpansion allows custom methods to be added to // CredentialIssuerNamespaceListerExpansion allows custom methods to be added to
// CredentialIssuerConfigNamespaceLister. // CredentialIssuerNamespaceLister.
type CredentialIssuerConfigNamespaceListerExpansion interface{} type CredentialIssuerNamespaceListerExpansion interface{}

View File

@ -23,11 +23,11 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
"go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorList": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref), "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorList": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref), "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref), "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfig": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref), "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuer": schema_apis_concierge_config_v1alpha1_CredentialIssuer(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref), "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo": schema_apis_concierge_config_v1alpha1_CredentialIssuerKubeConfigInfo(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigList": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref), "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerList": schema_apis_concierge_config_v1alpha1_CredentialIssuerList(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref), "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerStatus": schema_apis_concierge_config_v1alpha1_CredentialIssuerStatus(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStrategy(ref), "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerStrategy": schema_apis_concierge_config_v1alpha1_CredentialIssuerStrategy(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), "go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), "go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref),
"go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), "go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref),
@ -325,7 +325,7 @@ func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(re
} }
} }
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_concierge_config_v1alpha1_CredentialIssuer(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -353,7 +353,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.Ref
"status": { "status": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "Status of the credential issuer.", Description: "Status of the credential issuer.",
Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus"), Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerStatus"),
}, },
}, },
}, },
@ -361,11 +361,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.Ref
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
} }
} }
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_concierge_config_v1alpha1_CredentialIssuerKubeConfigInfo(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -393,7 +393,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(
} }
} }
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_concierge_config_v1alpha1_CredentialIssuerList(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -424,7 +424,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common
Items: &spec.SchemaOrArray{ Items: &spec.SchemaOrArray{
Schema: &spec.Schema{ Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfig"), Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuer"),
}, },
}, },
}, },
@ -435,11 +435,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfig", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuer", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
} }
} }
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_concierge_config_v1alpha1_CredentialIssuerStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -453,7 +453,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
Items: &spec.SchemaOrArray{ Items: &spec.SchemaOrArray{
Schema: &spec.Schema{ Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy"), Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerStrategy"),
}, },
}, },
}, },
@ -462,7 +462,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
"kubeConfigInfo": { "kubeConfigInfo": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.", Description: "Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.",
Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo"), Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo"),
}, },
}, },
}, },
@ -470,11 +470,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo", "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy"}, "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo", "go.pinniped.dev/generated/1.18/apis/concierge/config/v1alpha1.CredentialIssuerStrategy"},
} }
} }
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStrategy(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_concierge_config_v1alpha1_CredentialIssuerStrategy(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{

View File

@ -6,16 +6,14 @@ metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.4.0 controller-gen.kubebuilder.io/version: v0.4.0
creationTimestamp: null creationTimestamp: null
name: credentialissuerconfigs.config.concierge.pinniped.dev name: credentialissuers.config.concierge.pinniped.dev
spec: spec:
group: config.concierge.pinniped.dev group: config.concierge.pinniped.dev
names: names:
kind: CredentialIssuerConfig kind: CredentialIssuer
listKind: CredentialIssuerConfigList listKind: CredentialIssuerList
plural: credentialissuerconfigs plural: credentialissuers
shortNames: singular: credentialissuer
- cic
singular: credentialissuerconfig
scope: Namespaced scope: Namespaced
versions: versions:
- name: v1alpha1 - name: v1alpha1

View File

@ -131,14 +131,14 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfig"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuer"]
==== CredentialIssuerConfig ==== CredentialIssuer
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfiglist[$$CredentialIssuerConfigList$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerlist[$$CredentialIssuerList$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
@ -146,18 +146,18 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
| Field | Description | Field | Description
| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. | *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`.
| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$]__ | Status of the credential issuer. | *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]__ | Status of the credential issuer.
|=== |===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfigkubeconfiginfo"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"]
==== CredentialIssuerConfigKubeConfigInfo ==== CredentialIssuerKubeConfigInfo
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
@ -170,32 +170,32 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfigstatus"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerstatus"]
==== CredentialIssuerConfigStatus ==== CredentialIssuerStatus
Status of a credential issuer. Status of a credential issuer.
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfig[$$CredentialIssuerConfig$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuer[$$CredentialIssuer$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
|=== |===
| Field | Description | Field | Description
| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfigstrategy[$$CredentialIssuerConfigStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. | *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped.
| *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfigkubeconfiginfo[$$CredentialIssuerConfigKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. | *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
|=== |===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfigstrategy"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerstrategy"]
==== CredentialIssuerConfigStrategy ==== CredentialIssuerStrategy
.Appears In: .Appears In:
**** ****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerconfigstatus[$$CredentialIssuerConfigStatus$$] - xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]
**** ****
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]

View File

@ -30,8 +30,8 @@ func init() {
// Adds the list of known types to the given scheme. // Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error { func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion, scheme.AddKnownTypes(SchemeGroupVersion,
&CredentialIssuerConfig{}, &CredentialIssuer{},
&CredentialIssuerConfigList{}, &CredentialIssuerList{},
) )
metav1.AddToGroupVersion(scheme, SchemeGroupVersion) metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil return nil

View File

@ -25,17 +25,17 @@ const (
) )
// Status of a credential issuer. // Status of a credential issuer.
type CredentialIssuerConfigStatus struct { type CredentialIssuerStatus struct {
// List of integration strategies that were attempted by Pinniped. // List of integration strategies that were attempted by Pinniped.
Strategies []CredentialIssuerConfigStrategy `json:"strategies"` Strategies []CredentialIssuerStrategy `json:"strategies"`
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
// +optional // +optional
KubeConfigInfo *CredentialIssuerConfigKubeConfigInfo `json:"kubeConfigInfo,omitempty"` KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
} }
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
type CredentialIssuerConfigKubeConfigInfo struct { type CredentialIssuerKubeConfigInfo struct {
// The K8s API server URL. // The K8s API server URL.
// +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://|^http://` // +kubebuilder:validation:Pattern=`^https://|^http://`
@ -47,7 +47,7 @@ type CredentialIssuerConfigKubeConfigInfo struct {
} }
// Status of an integration strategy that was attempted by Pinniped. // Status of an integration strategy that was attempted by Pinniped.
type CredentialIssuerConfigStrategy struct { type CredentialIssuerStrategy struct {
// Type of integration attempted. // Type of integration attempted.
Type StrategyType `json:"type"` Type StrategyType `json:"type"`
@ -68,22 +68,21 @@ type CredentialIssuerConfigStrategy struct {
// Describes the configuration status of a Pinniped credential issuer. // Describes the configuration status of a Pinniped credential issuer.
// +genclient // +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:resource:shortName=cic
type CredentialIssuerConfig struct { type CredentialIssuer struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"` metav1.ObjectMeta `json:"metadata,omitempty"`
// Status of the credential issuer. // Status of the credential issuer.
Status CredentialIssuerConfigStatus `json:"status"` Status CredentialIssuerStatus `json:"status"`
} }
// List of CredentialIssuerConfig objects. // List of CredentialIssuer objects.
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type CredentialIssuerConfigList struct { type CredentialIssuerList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"` metav1.ListMeta `json:"metadata,omitempty"`
Items []CredentialIssuerConfig `json:"items"` Items []CredentialIssuer `json:"items"`
} }

View File

@ -12,7 +12,7 @@ import (
) )
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfig) DeepCopyInto(out *CredentialIssuerConfig) { func (in *CredentialIssuer) DeepCopyInto(out *CredentialIssuer) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
@ -20,18 +20,18 @@ func (in *CredentialIssuerConfig) DeepCopyInto(out *CredentialIssuerConfig) {
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfig. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuer.
func (in *CredentialIssuerConfig) DeepCopy() *CredentialIssuerConfig { func (in *CredentialIssuer) DeepCopy() *CredentialIssuer {
if in == nil { if in == nil {
return nil return nil
} }
out := new(CredentialIssuerConfig) out := new(CredentialIssuer)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *CredentialIssuerConfig) DeepCopyObject() runtime.Object { func (in *CredentialIssuer) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -39,29 +39,29 @@ func (in *CredentialIssuerConfig) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopyInto(out *CredentialIssuerConfigKubeConfigInfo) { func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) {
*out = *in *out = *in
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigKubeConfigInfo. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerKubeConfigInfo.
func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopy() *CredentialIssuerConfigKubeConfigInfo { func (in *CredentialIssuerKubeConfigInfo) DeepCopy() *CredentialIssuerKubeConfigInfo {
if in == nil { if in == nil {
return nil return nil
} }
out := new(CredentialIssuerConfigKubeConfigInfo) out := new(CredentialIssuerKubeConfigInfo)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigList) DeepCopyInto(out *CredentialIssuerConfigList) { func (in *CredentialIssuerList) DeepCopyInto(out *CredentialIssuerList) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta) in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil { if in.Items != nil {
in, out := &in.Items, &out.Items in, out := &in.Items, &out.Items
*out = make([]CredentialIssuerConfig, len(*in)) *out = make([]CredentialIssuer, len(*in))
for i := range *in { for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i]) (*in)[i].DeepCopyInto(&(*out)[i])
} }
@ -69,18 +69,18 @@ func (in *CredentialIssuerConfigList) DeepCopyInto(out *CredentialIssuerConfigLi
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigList. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerList.
func (in *CredentialIssuerConfigList) DeepCopy() *CredentialIssuerConfigList { func (in *CredentialIssuerList) DeepCopy() *CredentialIssuerList {
if in == nil { if in == nil {
return nil return nil
} }
out := new(CredentialIssuerConfigList) out := new(CredentialIssuerList)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *CredentialIssuerConfigList) DeepCopyObject() runtime.Object { func (in *CredentialIssuerList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -88,46 +88,46 @@ func (in *CredentialIssuerConfigList) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigStatus) DeepCopyInto(out *CredentialIssuerConfigStatus) { func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) {
*out = *in *out = *in
if in.Strategies != nil { if in.Strategies != nil {
in, out := &in.Strategies, &out.Strategies in, out := &in.Strategies, &out.Strategies
*out = make([]CredentialIssuerConfigStrategy, len(*in)) *out = make([]CredentialIssuerStrategy, len(*in))
for i := range *in { for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i]) (*in)[i].DeepCopyInto(&(*out)[i])
} }
} }
if in.KubeConfigInfo != nil { if in.KubeConfigInfo != nil {
in, out := &in.KubeConfigInfo, &out.KubeConfigInfo in, out := &in.KubeConfigInfo, &out.KubeConfigInfo
*out = new(CredentialIssuerConfigKubeConfigInfo) *out = new(CredentialIssuerKubeConfigInfo)
**out = **in **out = **in
} }
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStatus. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStatus.
func (in *CredentialIssuerConfigStatus) DeepCopy() *CredentialIssuerConfigStatus { func (in *CredentialIssuerStatus) DeepCopy() *CredentialIssuerStatus {
if in == nil { if in == nil {
return nil return nil
} }
out := new(CredentialIssuerConfigStatus) out := new(CredentialIssuerStatus)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigStrategy) DeepCopyInto(out *CredentialIssuerConfigStrategy) { func (in *CredentialIssuerStrategy) DeepCopyInto(out *CredentialIssuerStrategy) {
*out = *in *out = *in
in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime) in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime)
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStrategy. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStrategy.
func (in *CredentialIssuerConfigStrategy) DeepCopy() *CredentialIssuerConfigStrategy { func (in *CredentialIssuerStrategy) DeepCopy() *CredentialIssuerStrategy {
if in == nil { if in == nil {
return nil return nil
} }
out := new(CredentialIssuerConfigStrategy) out := new(CredentialIssuerStrategy)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }

View File

@ -13,7 +13,7 @@ import (
type ConfigV1alpha1Interface interface { type ConfigV1alpha1Interface interface {
RESTClient() rest.Interface RESTClient() rest.Interface
CredentialIssuerConfigsGetter CredentialIssuersGetter
} }
// ConfigV1alpha1Client is used to interact with features provided by the config.concierge.pinniped.dev group. // ConfigV1alpha1Client is used to interact with features provided by the config.concierge.pinniped.dev group.
@ -21,8 +21,8 @@ type ConfigV1alpha1Client struct {
restClient rest.Interface restClient rest.Interface
} }
func (c *ConfigV1alpha1Client) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface { func (c *ConfigV1alpha1Client) CredentialIssuers(namespace string) CredentialIssuerInterface {
return newCredentialIssuerConfigs(c, namespace) return newCredentialIssuers(c, namespace)
} }
// NewForConfig creates a new ConfigV1alpha1Client for the given config. // NewForConfig creates a new ConfigV1alpha1Client for the given config.

View File

@ -0,0 +1,182 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.19/client/concierge/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// CredentialIssuersGetter has a method to return a CredentialIssuerInterface.
// A group's client should implement this interface.
type CredentialIssuersGetter interface {
CredentialIssuers(namespace string) CredentialIssuerInterface
}
// CredentialIssuerInterface has methods to work with CredentialIssuer resources.
type CredentialIssuerInterface interface {
Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (*v1alpha1.CredentialIssuer, error)
Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error)
UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuer, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error)
CredentialIssuerExpansion
}
// credentialIssuers implements CredentialIssuerInterface
type credentialIssuers struct {
client rest.Interface
ns string
}
// newCredentialIssuers returns a CredentialIssuers
func newCredentialIssuers(c *ConfigV1alpha1Client, namespace string) *credentialIssuers {
return &credentialIssuers{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any.
func (c *credentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors.
func (c *credentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.CredentialIssuerList{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested credentialIssuers.
func (c *credentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *credentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Post().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuer).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *credentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuers").
Name(credentialIssuer.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuer).
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *credentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuers").
Name(credentialIssuer.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuer).
Do(ctx).
Into(result)
return
}
// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs.
func (c *credentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuers").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *credentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuers").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched credentialIssuer.
func (c *credentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) {
result = &v1alpha1.CredentialIssuer{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("credentialissuers").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

View File

@ -1,182 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1"
scheme "go.pinniped.dev/generated/1.19/client/concierge/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// CredentialIssuerConfigsGetter has a method to return a CredentialIssuerConfigInterface.
// A group's client should implement this interface.
type CredentialIssuerConfigsGetter interface {
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface
}
// CredentialIssuerConfigInterface has methods to work with CredentialIssuerConfig resources.
type CredentialIssuerConfigInterface interface {
Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (*v1alpha1.CredentialIssuerConfig, error)
Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error)
UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuerConfig, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerConfigList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error)
CredentialIssuerConfigExpansion
}
// credentialIssuerConfigs implements CredentialIssuerConfigInterface
type credentialIssuerConfigs struct {
client rest.Interface
ns string
}
// newCredentialIssuerConfigs returns a CredentialIssuerConfigs
func newCredentialIssuerConfigs(c *ConfigV1alpha1Client, namespace string) *credentialIssuerConfigs {
return &credentialIssuerConfigs{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *credentialIssuerConfigs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *credentialIssuerConfigs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.CredentialIssuerConfigList{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *credentialIssuerConfigs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Post().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *credentialIssuerConfigs) UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *credentialIssuerConfigs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *credentialIssuerConfigs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *credentialIssuerConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

View File

@ -15,8 +15,8 @@ type FakeConfigV1alpha1 struct {
*testing.Fake *testing.Fake
} }
func (c *FakeConfigV1alpha1) CredentialIssuerConfigs(namespace string) v1alpha1.CredentialIssuerConfigInterface { func (c *FakeConfigV1alpha1) CredentialIssuers(namespace string) v1alpha1.CredentialIssuerInterface {
return &FakeCredentialIssuerConfigs{c, namespace} return &FakeCredentialIssuers{c, namespace}
} }
// RESTClient returns a RESTClient that is used to communicate // RESTClient returns a RESTClient that is used to communicate

View File

@ -0,0 +1,129 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeCredentialIssuers implements CredentialIssuerInterface
type FakeCredentialIssuers struct {
Fake *FakeConfigV1alpha1
ns string
}
var credentialissuersResource = schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuers"}
var credentialissuersKind = schema.GroupVersionKind{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuer"}
// Get takes name of the credentialIssuer, and returns the corresponding credentialIssuer object, and an error if there is any.
func (c *FakeCredentialIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(credentialissuersResource, c.ns, name), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// List takes label and field selectors, and returns the list of CredentialIssuers that match those selectors.
func (c *FakeCredentialIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(credentialissuersResource, credentialissuersKind, c.ns, opts), &v1alpha1.CredentialIssuerList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.CredentialIssuerList{ListMeta: obj.(*v1alpha1.CredentialIssuerList).ListMeta}
for _, item := range obj.(*v1alpha1.CredentialIssuerList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested credentialIssuers.
func (c *FakeCredentialIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(credentialissuersResource, c.ns, opts))
}
// Create takes the representation of a credentialIssuer and creates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *FakeCredentialIssuers) Create(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(credentialissuersResource, c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// Update takes the representation of a credentialIssuer and updates it. Returns the server's representation of the credentialIssuer, and an error, if there is any.
func (c *FakeCredentialIssuers) Update(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(credentialissuersResource, c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeCredentialIssuers) UpdateStatus(ctx context.Context, credentialIssuer *v1alpha1.CredentialIssuer, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuer, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(credentialissuersResource, "status", c.ns, credentialIssuer), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}
// Delete takes name of the credentialIssuer and deletes it. Returns an error if one occurs.
func (c *FakeCredentialIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(credentialissuersResource, c.ns, name), &v1alpha1.CredentialIssuer{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeCredentialIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(credentialissuersResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerList{})
return err
}
// Patch applies the patch and returns the patched credentialIssuer.
func (c *FakeCredentialIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuer, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(credentialissuersResource, c.ns, name, pt, data, subresources...), &v1alpha1.CredentialIssuer{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuer), err
}

View File

@ -1,129 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeCredentialIssuerConfigs implements CredentialIssuerConfigInterface
type FakeCredentialIssuerConfigs struct {
Fake *FakeConfigV1alpha1
ns string
}
var credentialissuerconfigsResource = schema.GroupVersionResource{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuerconfigs"}
var credentialissuerconfigsKind = schema.GroupVersionKind{Group: "config.concierge.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuerConfig"}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *FakeCredentialIssuerConfigs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *FakeCredentialIssuerConfigs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(credentialissuerconfigsResource, credentialissuerconfigsKind, c.ns, opts), &v1alpha1.CredentialIssuerConfigList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.CredentialIssuerConfigList{ListMeta: obj.(*v1alpha1.CredentialIssuerConfigList).ListMeta}
for _, item := range obj.(*v1alpha1.CredentialIssuerConfigList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *FakeCredentialIssuerConfigs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(credentialissuerconfigsResource, c.ns, opts))
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeCredentialIssuerConfigs) UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(credentialissuerconfigsResource, "status", c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *FakeCredentialIssuerConfigs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeCredentialIssuerConfigs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(credentialissuerconfigsResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerConfigList{})
return err
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *FakeCredentialIssuerConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(credentialissuerconfigsResource, c.ns, name, pt, data, subresources...), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}

View File

@ -5,4 +5,4 @@
package v1alpha1 package v1alpha1
type CredentialIssuerConfigExpansion interface{} type CredentialIssuerExpansion interface{}

View File

@ -0,0 +1,77 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.19/client/concierge/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.19/client/concierge/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.19/client/concierge/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// CredentialIssuerInformer provides access to a shared informer and lister for
// CredentialIssuers.
type CredentialIssuerInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.CredentialIssuerLister
}
type credentialIssuerInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewCredentialIssuerInformer constructs a new informer for CredentialIssuer type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewCredentialIssuerInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredCredentialIssuerInformer constructs a new informer for CredentialIssuer type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredCredentialIssuerInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuers(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuers(namespace).Watch(context.TODO(), options)
},
},
&configv1alpha1.CredentialIssuer{},
resyncPeriod,
indexers,
)
}
func (f *credentialIssuerInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *credentialIssuerInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.CredentialIssuer{}, f.defaultInformer)
}
func (f *credentialIssuerInformer) Lister() v1alpha1.CredentialIssuerLister {
return v1alpha1.NewCredentialIssuerLister(f.Informer().GetIndexer())
}

View File

@ -1,77 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
configv1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1"
versioned "go.pinniped.dev/generated/1.19/client/concierge/clientset/versioned"
internalinterfaces "go.pinniped.dev/generated/1.19/client/concierge/informers/externalversions/internalinterfaces"
v1alpha1 "go.pinniped.dev/generated/1.19/client/concierge/listers/config/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigInformer provides access to a shared informer and lister for
// CredentialIssuerConfigs.
type CredentialIssuerConfigInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.CredentialIssuerConfigLister
}
type credentialIssuerConfigInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuerConfigs(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ConfigV1alpha1().CredentialIssuerConfigs(namespace).Watch(context.TODO(), options)
},
},
&configv1alpha1.CredentialIssuerConfig{},
resyncPeriod,
indexers,
)
}
func (f *credentialIssuerConfigInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *credentialIssuerConfigInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&configv1alpha1.CredentialIssuerConfig{}, f.defaultInformer)
}
func (f *credentialIssuerConfigInformer) Lister() v1alpha1.CredentialIssuerConfigLister {
return v1alpha1.NewCredentialIssuerConfigLister(f.Informer().GetIndexer())
}

View File

@ -11,8 +11,8 @@ import (
// Interface provides access to all the informers in this group version. // Interface provides access to all the informers in this group version.
type Interface interface { type Interface interface {
// CredentialIssuerConfigs returns a CredentialIssuerConfigInformer. // CredentialIssuers returns a CredentialIssuerInformer.
CredentialIssuerConfigs() CredentialIssuerConfigInformer CredentialIssuers() CredentialIssuerInformer
} }
type version struct { type version struct {
@ -26,7 +26,7 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
} }
// CredentialIssuerConfigs returns a CredentialIssuerConfigInformer. // CredentialIssuers returns a CredentialIssuerInformer.
func (v *version) CredentialIssuerConfigs() CredentialIssuerConfigInformer { func (v *version) CredentialIssuers() CredentialIssuerInformer {
return &credentialIssuerConfigInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} return &credentialIssuerInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
} }

View File

@ -46,8 +46,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil
// Group=config.concierge.pinniped.dev, Version=v1alpha1 // Group=config.concierge.pinniped.dev, Version=v1alpha1
case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuerconfigs"): case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuers"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuerConfigs().Informer()}, nil return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuers().Informer()}, nil
// Group=login.concierge.pinniped.dev, Version=v1alpha1 // Group=login.concierge.pinniped.dev, Version=v1alpha1
case loginv1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests"): case loginv1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests"):

View File

@ -0,0 +1,86 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// CredentialIssuerLister helps list CredentialIssuers.
// All objects returned here must be treated as read-only.
type CredentialIssuerLister interface {
// List lists all CredentialIssuers in the indexer.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error)
// CredentialIssuers returns an object that can list and get CredentialIssuers.
CredentialIssuers(namespace string) CredentialIssuerNamespaceLister
CredentialIssuerListerExpansion
}
// credentialIssuerLister implements the CredentialIssuerLister interface.
type credentialIssuerLister struct {
indexer cache.Indexer
}
// NewCredentialIssuerLister returns a new CredentialIssuerLister.
func NewCredentialIssuerLister(indexer cache.Indexer) CredentialIssuerLister {
return &credentialIssuerLister{indexer: indexer}
}
// List lists all CredentialIssuers in the indexer.
func (s *credentialIssuerLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuer))
})
return ret, err
}
// CredentialIssuers returns an object that can list and get CredentialIssuers.
func (s *credentialIssuerLister) CredentialIssuers(namespace string) CredentialIssuerNamespaceLister {
return credentialIssuerNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// CredentialIssuerNamespaceLister helps list and get CredentialIssuers.
// All objects returned here must be treated as read-only.
type CredentialIssuerNamespaceLister interface {
// List lists all CredentialIssuers in the indexer for a given namespace.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error)
// Get retrieves the CredentialIssuer from the indexer for a given namespace and name.
// Objects returned here must be treated as read-only.
Get(name string) (*v1alpha1.CredentialIssuer, error)
CredentialIssuerNamespaceListerExpansion
}
// credentialIssuerNamespaceLister implements the CredentialIssuerNamespaceLister
// interface.
type credentialIssuerNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all CredentialIssuers in the indexer for a given namespace.
func (s credentialIssuerNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuer, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuer))
})
return ret, err
}
// Get retrieves the CredentialIssuer from the indexer for a given namespace and name.
func (s credentialIssuerNamespaceLister) Get(name string) (*v1alpha1.CredentialIssuer, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuer"), name)
}
return obj.(*v1alpha1.CredentialIssuer), nil
}

View File

@ -1,86 +0,0 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigLister helps list CredentialIssuerConfigs.
// All objects returned here must be treated as read-only.
type CredentialIssuerConfigLister interface {
// List lists all CredentialIssuerConfigs in the indexer.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister
CredentialIssuerConfigListerExpansion
}
// credentialIssuerConfigLister implements the CredentialIssuerConfigLister interface.
type credentialIssuerConfigLister struct {
indexer cache.Indexer
}
// NewCredentialIssuerConfigLister returns a new CredentialIssuerConfigLister.
func NewCredentialIssuerConfigLister(indexer cache.Indexer) CredentialIssuerConfigLister {
return &credentialIssuerConfigLister{indexer: indexer}
}
// List lists all CredentialIssuerConfigs in the indexer.
func (s *credentialIssuerConfigLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
func (s *credentialIssuerConfigLister) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister {
return credentialIssuerConfigNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// CredentialIssuerConfigNamespaceLister helps list and get CredentialIssuerConfigs.
// All objects returned here must be treated as read-only.
type CredentialIssuerConfigNamespaceLister interface {
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
// Objects returned here must be treated as read-only.
Get(name string) (*v1alpha1.CredentialIssuerConfig, error)
CredentialIssuerConfigNamespaceListerExpansion
}
// credentialIssuerConfigNamespaceLister implements the CredentialIssuerConfigNamespaceLister
// interface.
type credentialIssuerConfigNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
func (s credentialIssuerConfigNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
func (s credentialIssuerConfigNamespaceLister) Get(name string) (*v1alpha1.CredentialIssuerConfig, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuerconfig"), name)
}
return obj.(*v1alpha1.CredentialIssuerConfig), nil
}

View File

@ -5,10 +5,10 @@
package v1alpha1 package v1alpha1
// CredentialIssuerConfigListerExpansion allows custom methods to be added to // CredentialIssuerListerExpansion allows custom methods to be added to
// CredentialIssuerConfigLister. // CredentialIssuerLister.
type CredentialIssuerConfigListerExpansion interface{} type CredentialIssuerListerExpansion interface{}
// CredentialIssuerConfigNamespaceListerExpansion allows custom methods to be added to // CredentialIssuerNamespaceListerExpansion allows custom methods to be added to
// CredentialIssuerConfigNamespaceLister. // CredentialIssuerNamespaceLister.
type CredentialIssuerConfigNamespaceListerExpansion interface{} type CredentialIssuerNamespaceListerExpansion interface{}

View File

@ -23,11 +23,11 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
"go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorList": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref), "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorList": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref), "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref), "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfig": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref), "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuer": schema_apis_concierge_config_v1alpha1_CredentialIssuer(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref), "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo": schema_apis_concierge_config_v1alpha1_CredentialIssuerKubeConfigInfo(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigList": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref), "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerList": schema_apis_concierge_config_v1alpha1_CredentialIssuerList(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref), "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerStatus": schema_apis_concierge_config_v1alpha1_CredentialIssuerStatus(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy": schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStrategy(ref), "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerStrategy": schema_apis_concierge_config_v1alpha1_CredentialIssuerStrategy(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref),
"go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref),
@ -326,7 +326,7 @@ func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(re
} }
} }
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_concierge_config_v1alpha1_CredentialIssuer(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -354,7 +354,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.Ref
"status": { "status": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "Status of the credential issuer.", Description: "Status of the credential issuer.",
Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus"), Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerStatus"),
}, },
}, },
}, },
@ -362,11 +362,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfig(ref common.Ref
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
} }
} }
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_concierge_config_v1alpha1_CredentialIssuerKubeConfigInfo(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -394,7 +394,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(
} }
} }
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_concierge_config_v1alpha1_CredentialIssuerList(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -425,7 +425,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common
Items: &spec.SchemaOrArray{ Items: &spec.SchemaOrArray{
Schema: &spec.Schema{ Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfig"), Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuer"),
}, },
}, },
}, },
@ -436,11 +436,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigList(ref common
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfig", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuer", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
} }
} }
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_concierge_config_v1alpha1_CredentialIssuerStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -454,7 +454,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
Items: &spec.SchemaOrArray{ Items: &spec.SchemaOrArray{
Schema: &spec.Schema{ Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy"), Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerStrategy"),
}, },
}, },
}, },
@ -463,7 +463,7 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
"kubeConfigInfo": { "kubeConfigInfo": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.", Description: "Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.",
Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo"), Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo"),
}, },
}, },
}, },
@ -471,11 +471,11 @@ func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStatus(ref comm
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo", "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerConfigStrategy"}, "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerKubeConfigInfo", "go.pinniped.dev/generated/1.19/apis/concierge/config/v1alpha1.CredentialIssuerStrategy"},
} }
} }
func schema_apis_concierge_config_v1alpha1_CredentialIssuerConfigStrategy(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_apis_concierge_config_v1alpha1_CredentialIssuerStrategy(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{

View File

@ -6,16 +6,14 @@ metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.4.0 controller-gen.kubebuilder.io/version: v0.4.0
creationTimestamp: null creationTimestamp: null
name: credentialissuerconfigs.config.concierge.pinniped.dev name: credentialissuers.config.concierge.pinniped.dev
spec: spec:
group: config.concierge.pinniped.dev group: config.concierge.pinniped.dev
names: names:
kind: CredentialIssuerConfig kind: CredentialIssuer
listKind: CredentialIssuerConfigList listKind: CredentialIssuerList
plural: credentialissuerconfigs plural: credentialissuers
shortNames: singular: credentialissuer
- cic
singular: credentialissuerconfig
scope: Namespaced scope: Namespaced
versions: versions:
- name: v1alpha1 - name: v1alpha1

View File

@ -169,7 +169,7 @@ k8s_resource(
'pinniped-concierge-kube-system-pod-read:rolebinding', 'pinniped-concierge-kube-system-pod-read:rolebinding',
'pinniped-concierge:clusterrolebinding', 'pinniped-concierge:clusterrolebinding',
'pinniped-concierge:serviceaccount', 'pinniped-concierge:serviceaccount',
'credentialissuerconfigs.config.concierge.pinniped.dev:customresourcedefinition', 'credentialissuers.config.concierge.pinniped.dev:customresourcedefinition',
'webhookauthenticators.authentication.concierge.pinniped.dev:customresourcedefinition', 'webhookauthenticators.authentication.concierge.pinniped.dev:customresourcedefinition',
'v1alpha1.login.concierge.pinniped.dev:apiservice', 'v1alpha1.login.concierge.pinniped.dev:apiservice',
], ],

View File

@ -79,13 +79,13 @@ func maybeSetKubeCertAgentDefaults(cfg *KubeCertAgentSpec) {
func validateNames(names *NamesConfigSpec) error { func validateNames(names *NamesConfigSpec) error {
missingNames := []string{} missingNames := []string{}
if names == nil { if names == nil {
missingNames = append(missingNames, "servingCertificateSecret", "credentialIssuerConfig", "apiService") missingNames = append(missingNames, "servingCertificateSecret", "credentialIssuer", "apiService")
} else { } else {
if names.ServingCertificateSecret == "" { if names.ServingCertificateSecret == "" {
missingNames = append(missingNames, "servingCertificateSecret") missingNames = append(missingNames, "servingCertificateSecret")
} }
if names.CredentialIssuerConfig == "" { if names.CredentialIssuer == "" {
missingNames = append(missingNames, "credentialIssuerConfig") missingNames = append(missingNames, "credentialIssuer")
} }
if names.APIService == "" { if names.APIService == "" {
missingNames = append(missingNames, "apiService") missingNames = append(missingNames, "apiService")

View File

@ -32,7 +32,7 @@ func TestFromPath(t *testing.T) {
renewBeforeSeconds: 2400 renewBeforeSeconds: 2400
names: names:
servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate
credentialIssuerConfig: pinniped-config credentialIssuer: pinniped-config
apiService: pinniped-api apiService: pinniped-api
kubeCertAgentPrefix: kube-cert-agent-prefix kubeCertAgentPrefix: kube-cert-agent-prefix
labels: labels:
@ -55,7 +55,7 @@ func TestFromPath(t *testing.T) {
}, },
NamesConfig: NamesConfigSpec{ NamesConfig: NamesConfigSpec{
ServingCertificateSecret: "pinniped-concierge-api-tls-serving-certificate", ServingCertificateSecret: "pinniped-concierge-api-tls-serving-certificate",
CredentialIssuerConfig: "pinniped-config", CredentialIssuer: "pinniped-config",
APIService: "pinniped-api", APIService: "pinniped-api",
}, },
Labels: map[string]string{ Labels: map[string]string{
@ -75,7 +75,7 @@ func TestFromPath(t *testing.T) {
--- ---
names: names:
servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate
credentialIssuerConfig: pinniped-config credentialIssuer: pinniped-config
apiService: pinniped-api apiService: pinniped-api
`), `),
wantConfig: &Config{ wantConfig: &Config{
@ -90,7 +90,7 @@ func TestFromPath(t *testing.T) {
}, },
NamesConfig: NamesConfigSpec{ NamesConfig: NamesConfigSpec{
ServingCertificateSecret: "pinniped-concierge-api-tls-serving-certificate", ServingCertificateSecret: "pinniped-concierge-api-tls-serving-certificate",
CredentialIssuerConfig: "pinniped-config", CredentialIssuer: "pinniped-config",
APIService: "pinniped-api", APIService: "pinniped-api",
}, },
Labels: map[string]string{}, Labels: map[string]string{},
@ -103,7 +103,7 @@ func TestFromPath(t *testing.T) {
{ {
name: "Empty", name: "Empty",
yaml: here.Doc(``), yaml: here.Doc(``),
wantError: "validate names: missing required names: servingCertificateSecret, credentialIssuerConfig, apiService", wantError: "validate names: missing required names: servingCertificateSecret, credentialIssuer, apiService",
}, },
{ {
name: "Missing apiService name", name: "Missing apiService name",
@ -111,26 +111,26 @@ func TestFromPath(t *testing.T) {
--- ---
names: names:
servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate
credentialIssuerConfig: pinniped-config credentialIssuer: pinniped-config
`), `),
wantError: "validate names: missing required names: apiService", wantError: "validate names: missing required names: apiService",
}, },
{ {
name: "Missing credentialIssuerConfig name", name: "Missing credentialIssuer name",
yaml: here.Doc(` yaml: here.Doc(`
--- ---
names: names:
servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate
apiService: pinniped-api apiService: pinniped-api
`), `),
wantError: "validate names: missing required names: credentialIssuerConfig", wantError: "validate names: missing required names: credentialIssuer",
}, },
{ {
name: "Missing servingCertificateSecret name", name: "Missing servingCertificateSecret name",
yaml: here.Doc(` yaml: here.Doc(`
--- ---
names: names:
credentialIssuerConfig: pinniped-config credentialIssuer: pinniped-config
apiService: pinniped-api apiService: pinniped-api
`), `),
wantError: "validate names: missing required names: servingCertificateSecret", wantError: "validate names: missing required names: servingCertificateSecret",
@ -145,7 +145,7 @@ func TestFromPath(t *testing.T) {
renewBeforeSeconds: 3600 renewBeforeSeconds: 3600
names: names:
servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate
credentialIssuerConfig: pinniped-config credentialIssuer: pinniped-config
apiService: pinniped-api apiService: pinniped-api
`), `),
wantError: "validate api: durationSeconds cannot be smaller than renewBeforeSeconds", wantError: "validate api: durationSeconds cannot be smaller than renewBeforeSeconds",
@ -160,7 +160,7 @@ func TestFromPath(t *testing.T) {
renewBeforeSeconds: -10 renewBeforeSeconds: -10
names: names:
servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate
credentialIssuerConfig: pinniped-config credentialIssuer: pinniped-config
apiService: pinniped-api apiService: pinniped-api
`), `),
wantError: "validate api: renewBefore must be positive", wantError: "validate api: renewBefore must be positive",
@ -175,7 +175,7 @@ func TestFromPath(t *testing.T) {
renewBeforeSeconds: -10 renewBeforeSeconds: -10
names: names:
servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate servingCertificateSecret: pinniped-concierge-api-tls-serving-certificate
credentialIssuerConfig: pinniped-config credentialIssuer: pinniped-config
apiService: pinniped-api apiService: pinniped-api
`), `),
wantError: "validate api: renewBefore must be positive", wantError: "validate api: renewBefore must be positive",

View File

@ -30,7 +30,7 @@ type APIConfigSpec struct {
// NamesConfigSpec configures the names of some Kubernetes resources for the Concierge. // NamesConfigSpec configures the names of some Kubernetes resources for the Concierge.
type NamesConfigSpec struct { type NamesConfigSpec struct {
ServingCertificateSecret string `json:"servingCertificateSecret"` ServingCertificateSecret string `json:"servingCertificateSecret"`
CredentialIssuerConfig string `json:"credentialIssuerConfig"` CredentialIssuer string `json:"credentialIssuer"`
APIService string `json:"apiService"` APIService string `json:"apiService"`
} }

View File

@ -17,48 +17,48 @@ import (
pinnipedclientset "go.pinniped.dev/generated/1.19/client/concierge/clientset/versioned" pinnipedclientset "go.pinniped.dev/generated/1.19/client/concierge/clientset/versioned"
) )
func CreateOrUpdateCredentialIssuerConfig( func CreateOrUpdateCredentialIssuer(
ctx context.Context, ctx context.Context,
credentialIssuerConfigNamespace string, credentialIssuerNamespace string,
credentialIssuerConfigResourceName string, credentialIssuerResourceName string,
credentialIssuerConfigLabels map[string]string, credentialIssuerLabels map[string]string,
pinnipedClient pinnipedclientset.Interface, pinnipedClient pinnipedclientset.Interface,
applyUpdatesToCredentialIssuerConfigFunc func(configToUpdate *configv1alpha1.CredentialIssuerConfig), applyUpdatesToCredentialIssuerFunc func(configToUpdate *configv1alpha1.CredentialIssuer),
) error { ) error {
err := retry.RetryOnConflict(retry.DefaultRetry, func() error { err := retry.RetryOnConflict(retry.DefaultRetry, func() error {
existingCredentialIssuerConfig, err := pinnipedClient. existingCredentialIssuer, err := pinnipedClient.
ConfigV1alpha1(). ConfigV1alpha1().
CredentialIssuerConfigs(credentialIssuerConfigNamespace). CredentialIssuers(credentialIssuerNamespace).
Get(ctx, credentialIssuerConfigResourceName, metav1.GetOptions{}) Get(ctx, credentialIssuerResourceName, metav1.GetOptions{})
notFound := k8serrors.IsNotFound(err) notFound := k8serrors.IsNotFound(err)
if err != nil && !notFound { if err != nil && !notFound {
return fmt.Errorf("get failed: %w", err) return fmt.Errorf("get failed: %w", err)
} }
credentialIssuerConfigsClient := pinnipedClient.ConfigV1alpha1().CredentialIssuerConfigs(credentialIssuerConfigNamespace) credentialIssuersClient := pinnipedClient.ConfigV1alpha1().CredentialIssuers(credentialIssuerNamespace)
if notFound { if notFound {
// Create it // Create it
credentialIssuerConfig := minimalValidCredentialIssuerConfig( credentialIssuer := minimalValidCredentialIssuer(
credentialIssuerConfigResourceName, credentialIssuerConfigNamespace, credentialIssuerConfigLabels, credentialIssuerResourceName, credentialIssuerNamespace, credentialIssuerLabels,
) )
applyUpdatesToCredentialIssuerConfigFunc(credentialIssuerConfig) applyUpdatesToCredentialIssuerFunc(credentialIssuer)
if _, err := credentialIssuerConfigsClient.Create(ctx, credentialIssuerConfig, metav1.CreateOptions{}); err != nil { if _, err := credentialIssuersClient.Create(ctx, credentialIssuer, metav1.CreateOptions{}); err != nil {
return fmt.Errorf("create failed: %w", err) return fmt.Errorf("create failed: %w", err)
} }
} else { } else {
// Already exists, so check to see if we need to update it // Already exists, so check to see if we need to update it
credentialIssuerConfig := existingCredentialIssuerConfig.DeepCopy() credentialIssuer := existingCredentialIssuer.DeepCopy()
applyUpdatesToCredentialIssuerConfigFunc(credentialIssuerConfig) applyUpdatesToCredentialIssuerFunc(credentialIssuer)
if equality.Semantic.DeepEqual(existingCredentialIssuerConfig, credentialIssuerConfig) { if equality.Semantic.DeepEqual(existingCredentialIssuer, credentialIssuer) {
// Nothing interesting would change as a result of this update, so skip it // Nothing interesting would change as a result of this update, so skip it
return nil return nil
} }
if _, err := credentialIssuerConfigsClient.Update(ctx, credentialIssuerConfig, metav1.UpdateOptions{}); err != nil { if _, err := credentialIssuersClient.Update(ctx, credentialIssuer, metav1.UpdateOptions{}); err != nil {
return err return err
} }
} }
@ -66,25 +66,25 @@ func CreateOrUpdateCredentialIssuerConfig(
}) })
if err != nil { if err != nil {
return fmt.Errorf("could not create or update credentialissuerconfig: %w", err) return fmt.Errorf("could not create or update credentialissuer: %w", err)
} }
return nil return nil
} }
func minimalValidCredentialIssuerConfig( func minimalValidCredentialIssuer(
credentialIssuerConfigName string, credentialIssuerName string,
credentialIssuerConfigNamespace string, credentialIssuerNamespace string,
credentialIssuerConfigLabels map[string]string, credentialIssuerLabels map[string]string,
) *configv1alpha1.CredentialIssuerConfig { ) *configv1alpha1.CredentialIssuer {
return &configv1alpha1.CredentialIssuerConfig{ return &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{}, TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigName, Name: credentialIssuerName,
Namespace: credentialIssuerConfigNamespace, Namespace: credentialIssuerNamespace,
Labels: credentialIssuerConfigLabels, Labels: credentialIssuerLabels,
}, },
Status: configv1alpha1.CredentialIssuerConfigStatus{ Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{}, Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: nil, KubeConfigInfo: nil,
}, },
} }

View File

@ -23,63 +23,63 @@ import (
pinnipedfake "go.pinniped.dev/generated/1.19/client/concierge/clientset/versioned/fake" pinnipedfake "go.pinniped.dev/generated/1.19/client/concierge/clientset/versioned/fake"
) )
func TestCreateOrUpdateCredentialIssuerConfig(t *testing.T) { func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
spec.Run(t, "specs", func(t *testing.T, when spec.G, it spec.S) { spec.Run(t, "specs", func(t *testing.T, when spec.G, it spec.S) {
var r *require.Assertions var r *require.Assertions
var ctx context.Context var ctx context.Context
var pinnipedAPIClient *pinnipedfake.Clientset var pinnipedAPIClient *pinnipedfake.Clientset
var credentialIssuerConfigGVR schema.GroupVersionResource var credentialIssuerGVR schema.GroupVersionResource
const installationNamespace = "some-namespace" const installationNamespace = "some-namespace"
const credentialIssuerConfigResourceName = "some-resource-name" const credentialIssuerResourceName = "some-resource-name"
it.Before(func() { it.Before(func() {
r = require.New(t) r = require.New(t)
ctx = context.Background() ctx = context.Background()
pinnipedAPIClient = pinnipedfake.NewSimpleClientset() pinnipedAPIClient = pinnipedfake.NewSimpleClientset()
credentialIssuerConfigGVR = schema.GroupVersionResource{ credentialIssuerGVR = schema.GroupVersionResource{
Group: configv1alpha1.GroupName, Group: configv1alpha1.GroupName,
Version: configv1alpha1.SchemeGroupVersion.Version, Version: configv1alpha1.SchemeGroupVersion.Version,
Resource: "credentialissuerconfigs", Resource: "credentialissuers",
} }
}) })
when("the config does not exist", func() { when("the config does not exist", func() {
it("creates a new config which includes only the updates made by the func parameter", func() { it("creates a new config which includes only the updates made by the func parameter", func() {
err := CreateOrUpdateCredentialIssuerConfig( err := CreateOrUpdateCredentialIssuer(
ctx, ctx,
installationNamespace, installationNamespace,
credentialIssuerConfigResourceName, credentialIssuerResourceName,
map[string]string{ map[string]string{
"myLabelKey1": "myLabelValue1", "myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2", "myLabelKey2": "myLabelValue2",
}, },
pinnipedAPIClient, pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuerConfig) { func(configToUpdate *configv1alpha1.CredentialIssuer) {
configToUpdate.Status.KubeConfigInfo = &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{ configToUpdate.Status.KubeConfigInfo = &configv1alpha1.CredentialIssuerKubeConfigInfo{
CertificateAuthorityData: "some-ca-value", CertificateAuthorityData: "some-ca-value",
} }
}, },
) )
r.NoError(err) r.NoError(err)
expectedGetAction := coretesting.NewGetAction(credentialIssuerConfigGVR, installationNamespace, credentialIssuerConfigResourceName) expectedGetAction := coretesting.NewGetAction(credentialIssuerGVR, installationNamespace, credentialIssuerResourceName)
expectedCreateAction := coretesting.NewCreateAction( expectedCreateAction := coretesting.NewCreateAction(
credentialIssuerConfigGVR, credentialIssuerGVR,
installationNamespace, installationNamespace,
&configv1alpha1.CredentialIssuerConfig{ &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{}, TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName, Name: credentialIssuerResourceName,
Namespace: installationNamespace, Namespace: installationNamespace,
Labels: map[string]string{ Labels: map[string]string{
"myLabelKey1": "myLabelValue1", "myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2", "myLabelKey2": "myLabelValue2",
}, },
}, },
Status: configv1alpha1.CredentialIssuerConfigStatus{ Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{}, Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{ KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: "", Server: "",
CertificateAuthorityData: "some-ca-value", CertificateAuthorityData: "some-ca-value",
}, },
@ -92,40 +92,40 @@ func TestCreateOrUpdateCredentialIssuerConfig(t *testing.T) {
when("there is an unexpected error while creating the existing object", func() { when("there is an unexpected error while creating the existing object", func() {
it.Before(func() { it.Before(func() {
pinnipedAPIClient.PrependReactor("create", "credentialissuerconfigs", func(_ coretesting.Action) (bool, runtime.Object, error) { pinnipedAPIClient.PrependReactor("create", "credentialissuers", func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, fmt.Errorf("error on create") return true, nil, fmt.Errorf("error on create")
}) })
}) })
it("returns an error", func() { it("returns an error", func() {
err := CreateOrUpdateCredentialIssuerConfig( err := CreateOrUpdateCredentialIssuer(
ctx, ctx,
installationNamespace, installationNamespace,
credentialIssuerConfigResourceName, credentialIssuerResourceName,
map[string]string{}, map[string]string{},
pinnipedAPIClient, pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuerConfig) {}, func(configToUpdate *configv1alpha1.CredentialIssuer) {},
) )
r.EqualError(err, "could not create or update credentialissuerconfig: create failed: error on create") r.EqualError(err, "could not create or update credentialissuer: create failed: error on create")
}) })
}) })
}) })
when("the config already exists", func() { when("the config already exists", func() {
var existingConfig *configv1alpha1.CredentialIssuerConfig var existingConfig *configv1alpha1.CredentialIssuer
it.Before(func() { it.Before(func() {
existingConfig = &configv1alpha1.CredentialIssuerConfig{ existingConfig = &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{}, TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName, Name: credentialIssuerResourceName,
Namespace: installationNamespace, Namespace: installationNamespace,
Labels: map[string]string{ Labels: map[string]string{
"myLabelKey1": "myLabelValue1", "myLabelKey1": "myLabelValue1",
}, },
}, },
Status: configv1alpha1.CredentialIssuerConfigStatus{ Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{ Strategies: []configv1alpha1.CredentialIssuerStrategy{
{ {
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.SuccessStrategyStatus, Status: configv1alpha1.SuccessStrategyStatus,
@ -134,7 +134,7 @@ func TestCreateOrUpdateCredentialIssuerConfig(t *testing.T) {
LastUpdateTime: metav1.Now(), LastUpdateTime: metav1.Now(),
}, },
}, },
KubeConfigInfo: &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{ KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: "initial-server-value", Server: "initial-server-value",
CertificateAuthorityData: "initial-ca-value", CertificateAuthorityData: "initial-ca-value",
}, },
@ -144,39 +144,39 @@ func TestCreateOrUpdateCredentialIssuerConfig(t *testing.T) {
}) })
it("updates the existing config to only apply the updates made by the func parameter", func() { it("updates the existing config to only apply the updates made by the func parameter", func() {
err := CreateOrUpdateCredentialIssuerConfig( err := CreateOrUpdateCredentialIssuer(
ctx, ctx,
installationNamespace, installationNamespace,
credentialIssuerConfigResourceName, credentialIssuerResourceName,
map[string]string{ map[string]string{
"myLabelKey1": "myLabelValue1", "myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2", "myLabelKey2": "myLabelValue2",
}, },
pinnipedAPIClient, pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuerConfig) { func(configToUpdate *configv1alpha1.CredentialIssuer) {
configToUpdate.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value" configToUpdate.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
}, },
) )
r.NoError(err) r.NoError(err)
expectedGetAction := coretesting.NewGetAction(credentialIssuerConfigGVR, installationNamespace, credentialIssuerConfigResourceName) expectedGetAction := coretesting.NewGetAction(credentialIssuerGVR, installationNamespace, credentialIssuerResourceName)
// Only the edited field should be changed. // Only the edited field should be changed.
expectedUpdatedConfig := existingConfig.DeepCopy() expectedUpdatedConfig := existingConfig.DeepCopy()
expectedUpdatedConfig.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value" expectedUpdatedConfig.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
expectedUpdateAction := coretesting.NewUpdateAction(credentialIssuerConfigGVR, installationNamespace, expectedUpdatedConfig) expectedUpdateAction := coretesting.NewUpdateAction(credentialIssuerGVR, installationNamespace, expectedUpdatedConfig)
r.Equal([]coretesting.Action{expectedGetAction, expectedUpdateAction}, pinnipedAPIClient.Actions()) r.Equal([]coretesting.Action{expectedGetAction, expectedUpdateAction}, pinnipedAPIClient.Actions())
}) })
it("avoids the cost of an update if the local updates made by the func parameter did not actually change anything", func() { it("avoids the cost of an update if the local updates made by the func parameter did not actually change anything", func() {
err := CreateOrUpdateCredentialIssuerConfig( err := CreateOrUpdateCredentialIssuer(
ctx, ctx,
installationNamespace, installationNamespace,
credentialIssuerConfigResourceName, credentialIssuerResourceName,
map[string]string{}, map[string]string{},
pinnipedAPIClient, pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuerConfig) { func(configToUpdate *configv1alpha1.CredentialIssuer) {
configToUpdate.Status.KubeConfigInfo.CertificateAuthorityData = "initial-ca-value" configToUpdate.Status.KubeConfigInfo.CertificateAuthorityData = "initial-ca-value"
t := configToUpdate.Status.Strategies[0].LastUpdateTime t := configToUpdate.Status.Strategies[0].LastUpdateTime
@ -187,70 +187,70 @@ func TestCreateOrUpdateCredentialIssuerConfig(t *testing.T) {
) )
r.NoError(err) r.NoError(err)
expectedGetAction := coretesting.NewGetAction(credentialIssuerConfigGVR, installationNamespace, credentialIssuerConfigResourceName) expectedGetAction := coretesting.NewGetAction(credentialIssuerGVR, installationNamespace, credentialIssuerResourceName)
r.Equal([]coretesting.Action{expectedGetAction}, pinnipedAPIClient.Actions()) r.Equal([]coretesting.Action{expectedGetAction}, pinnipedAPIClient.Actions())
}) })
when("there is an unexpected error while getting the existing object", func() { when("there is an unexpected error while getting the existing object", func() {
it.Before(func() { it.Before(func() {
pinnipedAPIClient.PrependReactor("get", "credentialissuerconfigs", func(_ coretesting.Action) (bool, runtime.Object, error) { pinnipedAPIClient.PrependReactor("get", "credentialissuers", func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, fmt.Errorf("error on get") return true, nil, fmt.Errorf("error on get")
}) })
}) })
it("returns an error", func() { it("returns an error", func() {
err := CreateOrUpdateCredentialIssuerConfig( err := CreateOrUpdateCredentialIssuer(
ctx, ctx,
installationNamespace, installationNamespace,
credentialIssuerConfigResourceName, credentialIssuerResourceName,
map[string]string{}, map[string]string{},
pinnipedAPIClient, pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuerConfig) {}, func(configToUpdate *configv1alpha1.CredentialIssuer) {},
) )
r.EqualError(err, "could not create or update credentialissuerconfig: get failed: error on get") r.EqualError(err, "could not create or update credentialissuer: get failed: error on get")
}) })
}) })
when("there is an unexpected error while updating the existing object", func() { when("there is an unexpected error while updating the existing object", func() {
it.Before(func() { it.Before(func() {
pinnipedAPIClient.PrependReactor("update", "credentialissuerconfigs", func(_ coretesting.Action) (bool, runtime.Object, error) { pinnipedAPIClient.PrependReactor("update", "credentialissuers", func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, fmt.Errorf("error on update") return true, nil, fmt.Errorf("error on update")
}) })
}) })
it("returns an error", func() { it("returns an error", func() {
err := CreateOrUpdateCredentialIssuerConfig( err := CreateOrUpdateCredentialIssuer(
ctx, ctx,
installationNamespace, installationNamespace,
credentialIssuerConfigResourceName, credentialIssuerResourceName,
map[string]string{}, map[string]string{},
pinnipedAPIClient, pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuerConfig) { func(configToUpdate *configv1alpha1.CredentialIssuer) {
configToUpdate.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value" configToUpdate.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
}, },
) )
r.EqualError(err, "could not create or update credentialissuerconfig: error on update") r.EqualError(err, "could not create or update credentialissuer: error on update")
}) })
}) })
when("there is a conflict error while updating the existing object on the first try and the next try succeeds", func() { when("there is a conflict error while updating the existing object on the first try and the next try succeeds", func() {
var slightlyDifferentExistingConfig *configv1alpha1.CredentialIssuerConfig var slightlyDifferentExistingConfig *configv1alpha1.CredentialIssuer
it.Before(func() { it.Before(func() {
hit := false hit := false
slightlyDifferentExistingConfig = existingConfig.DeepCopy() slightlyDifferentExistingConfig = existingConfig.DeepCopy()
slightlyDifferentExistingConfig.Status.KubeConfigInfo.Server = "some-other-server-value-from-conflicting-update" slightlyDifferentExistingConfig.Status.KubeConfigInfo.Server = "some-other-server-value-from-conflicting-update"
pinnipedAPIClient.PrependReactor("update", "credentialissuerconfigs", func(_ coretesting.Action) (bool, runtime.Object, error) { pinnipedAPIClient.PrependReactor("update", "credentialissuers", func(_ coretesting.Action) (bool, runtime.Object, error) {
// Return an error on the first call, then fall through to the default (successful) response. // Return an error on the first call, then fall through to the default (successful) response.
if !hit { if !hit {
// Before the update fails, also change the object that will be returned by the next Get(), // Before the update fails, also change the object that will be returned by the next Get(),
// to make sure that the production code does a fresh Get() after detecting a conflict. // to make sure that the production code does a fresh Get() after detecting a conflict.
r.NoError(pinnipedAPIClient.Tracker().Update(credentialIssuerConfigGVR, slightlyDifferentExistingConfig, installationNamespace)) r.NoError(pinnipedAPIClient.Tracker().Update(credentialIssuerGVR, slightlyDifferentExistingConfig, installationNamespace))
hit = true hit = true
return true, nil, apierrors.NewConflict(schema.GroupResource{ return true, nil, apierrors.NewConflict(schema.GroupResource{
Group: apiregistrationv1.GroupName, Group: apiregistrationv1.GroupName,
Resource: "credentialissuerconfigs", Resource: "credentialissuers",
}, "alphav1.pinniped.dev", fmt.Errorf("there was a conflict")) }, "alphav1.pinniped.dev", fmt.Errorf("there was a conflict"))
} }
return false, nil, nil return false, nil, nil
@ -258,33 +258,33 @@ func TestCreateOrUpdateCredentialIssuerConfig(t *testing.T) {
}) })
it("retries updates on conflict", func() { it("retries updates on conflict", func() {
err := CreateOrUpdateCredentialIssuerConfig( err := CreateOrUpdateCredentialIssuer(
ctx, ctx,
installationNamespace, installationNamespace,
credentialIssuerConfigResourceName, credentialIssuerResourceName,
map[string]string{ map[string]string{
"myLabelKey1": "myLabelValue1", "myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2", "myLabelKey2": "myLabelValue2",
}, },
pinnipedAPIClient, pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuerConfig) { func(configToUpdate *configv1alpha1.CredentialIssuer) {
configToUpdate.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value" configToUpdate.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
}, },
) )
r.NoError(err) r.NoError(err)
expectedGetAction := coretesting.NewGetAction(credentialIssuerConfigGVR, installationNamespace, credentialIssuerConfigResourceName) expectedGetAction := coretesting.NewGetAction(credentialIssuerGVR, installationNamespace, credentialIssuerResourceName)
// The first attempted update only includes its own edits. // The first attempted update only includes its own edits.
firstExpectedUpdatedConfig := existingConfig.DeepCopy() firstExpectedUpdatedConfig := existingConfig.DeepCopy()
firstExpectedUpdatedConfig.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value" firstExpectedUpdatedConfig.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
firstExpectedUpdateAction := coretesting.NewUpdateAction(credentialIssuerConfigGVR, installationNamespace, firstExpectedUpdatedConfig) firstExpectedUpdateAction := coretesting.NewUpdateAction(credentialIssuerGVR, installationNamespace, firstExpectedUpdatedConfig)
// Both the edits made by this update and the edits made by the conflicting update should be included. // Both the edits made by this update and the edits made by the conflicting update should be included.
secondExpectedUpdatedConfig := existingConfig.DeepCopy() secondExpectedUpdatedConfig := existingConfig.DeepCopy()
secondExpectedUpdatedConfig.Status.KubeConfigInfo.Server = "some-other-server-value-from-conflicting-update" secondExpectedUpdatedConfig.Status.KubeConfigInfo.Server = "some-other-server-value-from-conflicting-update"
secondExpectedUpdatedConfig.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value" secondExpectedUpdatedConfig.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
secondExpectedUpdateAction := coretesting.NewUpdateAction(credentialIssuerConfigGVR, installationNamespace, secondExpectedUpdatedConfig) secondExpectedUpdateAction := coretesting.NewUpdateAction(credentialIssuerGVR, installationNamespace, secondExpectedUpdatedConfig)
expectedActions := []coretesting.Action{ expectedActions := []coretesting.Action{
expectedGetAction, expectedGetAction,

View File

@ -1,5 +1,5 @@
// Copyright 2020 the Pinniped contributors. All Rights Reserved. // Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0 // SPDX-License-Identifier: Apache-2.0
// Package issuerconfig contains controller(s) for reconciling CredentialIssuerConfig's. // Package issuerconfig contains controller(s) for reconciling CredentialIssuer's.
package issuerconfig package issuerconfig

View File

@ -25,21 +25,21 @@ const (
) )
type kubeConigInfoPublisherController struct { type kubeConigInfoPublisherController struct {
credentialIssuerConfigNamespaceName string credentialIssuerNamespaceName string
credentialIssuerConfigResourceName string credentialIssuerResourceName string
credentialIssuerConfigLabels map[string]string credentialIssuerLabels map[string]string
serverOverride *string serverOverride *string
pinnipedClient pinnipedclientset.Interface pinnipedClient pinnipedclientset.Interface
configMapInformer corev1informers.ConfigMapInformer configMapInformer corev1informers.ConfigMapInformer
} }
// NewKubeConfigInfoPublisherController returns a controller that syncs the // NewKubeConfigInfoPublisherController returns a controller that syncs the
// configv1alpha1.CredentialIssuerConfig.Status.KubeConfigInfo field with the cluster-info ConfigMap // configv1alpha1.CredentialIssuer.Status.KubeConfigInfo field with the cluster-info ConfigMap
// in the kube-public namespace. // in the kube-public namespace.
func NewKubeConfigInfoPublisherController( func NewKubeConfigInfoPublisherController(
credentialIssuerConfigNamespaceName string, credentialIssuerNamespaceName string,
credentialIssuerConfigResourceName string, credentialIssuerResourceName string,
credentialIssuerConfigLabels map[string]string, credentialIssuerLabels map[string]string,
serverOverride *string, serverOverride *string,
pinnipedClient pinnipedclientset.Interface, pinnipedClient pinnipedclientset.Interface,
configMapInformer corev1informers.ConfigMapInformer, configMapInformer corev1informers.ConfigMapInformer,
@ -49,9 +49,9 @@ func NewKubeConfigInfoPublisherController(
controllerlib.Config{ controllerlib.Config{
Name: "publisher-controller", Name: "publisher-controller",
Syncer: &kubeConigInfoPublisherController{ Syncer: &kubeConigInfoPublisherController{
credentialIssuerConfigResourceName: credentialIssuerConfigResourceName, credentialIssuerResourceName: credentialIssuerResourceName,
credentialIssuerConfigNamespaceName: credentialIssuerConfigNamespaceName, credentialIssuerNamespaceName: credentialIssuerNamespaceName,
credentialIssuerConfigLabels: credentialIssuerConfigLabels, credentialIssuerLabels: credentialIssuerLabels,
serverOverride: serverOverride, serverOverride: serverOverride,
pinnipedClient: pinnipedClient, pinnipedClient: pinnipedClient,
configMapInformer: configMapInformer, configMapInformer: configMapInformer,
@ -106,18 +106,18 @@ func (c *kubeConigInfoPublisherController) Sync(ctx controllerlib.Context) error
server = *c.serverOverride server = *c.serverOverride
} }
updateServerAndCAFunc := func(c *configv1alpha1.CredentialIssuerConfig) { updateServerAndCAFunc := func(c *configv1alpha1.CredentialIssuer) {
c.Status.KubeConfigInfo = &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{ c.Status.KubeConfigInfo = &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: server, Server: server,
CertificateAuthorityData: certificateAuthorityData, CertificateAuthorityData: certificateAuthorityData,
} }
} }
return CreateOrUpdateCredentialIssuerConfig( return CreateOrUpdateCredentialIssuer(
ctx.Context, ctx.Context,
c.credentialIssuerConfigNamespaceName, c.credentialIssuerNamespaceName,
c.credentialIssuerConfigResourceName, c.credentialIssuerResourceName,
c.credentialIssuerConfigLabels, c.credentialIssuerLabels,
c.pinnipedClient, c.pinnipedClient,
updateServerAndCAFunc, updateServerAndCAFunc,
) )

View File

@ -29,7 +29,7 @@ import (
func TestInformerFilters(t *testing.T) { func TestInformerFilters(t *testing.T) {
spec.Run(t, "informer filters", func(t *testing.T, when spec.G, it spec.S) { spec.Run(t, "informer filters", func(t *testing.T, when spec.G, it spec.S) {
const credentialIssuerConfigResourceName = "some-resource-name" const credentialIssuerResourceName = "some-resource-name"
const installedInNamespace = "some-namespace" const installedInNamespace = "some-namespace"
var r *require.Assertions var r *require.Assertions
@ -42,7 +42,7 @@ func TestInformerFilters(t *testing.T) {
configMapInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().ConfigMaps() configMapInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().ConfigMaps()
_ = NewKubeConfigInfoPublisherController( _ = NewKubeConfigInfoPublisherController(
installedInNamespace, installedInNamespace,
credentialIssuerConfigResourceName, credentialIssuerResourceName,
map[string]string{}, map[string]string{},
nil, nil,
nil, nil,
@ -104,7 +104,7 @@ func TestInformerFilters(t *testing.T) {
func TestSync(t *testing.T) { func TestSync(t *testing.T) {
spec.Run(t, "Sync", func(t *testing.T, when spec.G, it spec.S) { spec.Run(t, "Sync", func(t *testing.T, when spec.G, it spec.S) {
const credentialIssuerConfigResourceName = "some-resource-name" const credentialIssuerResourceName = "some-resource-name"
const installedInNamespace = "some-namespace" const installedInNamespace = "some-namespace"
var r *require.Assertions var r *require.Assertions
@ -118,30 +118,30 @@ func TestSync(t *testing.T) {
var timeoutContextCancel context.CancelFunc var timeoutContextCancel context.CancelFunc
var syncContext *controllerlib.Context var syncContext *controllerlib.Context
var expectedCredentialIssuerConfig = func(expectedNamespace, expectedServerURL, expectedCAData string) (schema.GroupVersionResource, *configv1alpha1.CredentialIssuerConfig) { var expectedCredentialIssuer = func(expectedNamespace, expectedServerURL, expectedCAData string) (schema.GroupVersionResource, *configv1alpha1.CredentialIssuer) {
expectedCredentialIssuerConfigGVR := schema.GroupVersionResource{ expectedCredentialIssuerGVR := schema.GroupVersionResource{
Group: configv1alpha1.GroupName, Group: configv1alpha1.GroupName,
Version: "v1alpha1", Version: "v1alpha1",
Resource: "credentialissuerconfigs", Resource: "credentialissuers",
} }
expectedCredentialIssuerConfig := &configv1alpha1.CredentialIssuerConfig{ expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName, Name: credentialIssuerResourceName,
Namespace: expectedNamespace, Namespace: expectedNamespace,
Labels: map[string]string{ Labels: map[string]string{
"myLabelKey1": "myLabelValue1", "myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2", "myLabelKey2": "myLabelValue2",
}, },
}, },
Status: configv1alpha1.CredentialIssuerConfigStatus{ Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{}, Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{ KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: expectedServerURL, Server: expectedServerURL,
CertificateAuthorityData: expectedCAData, CertificateAuthorityData: expectedCAData,
}, },
}, },
} }
return expectedCredentialIssuerConfigGVR, expectedCredentialIssuerConfig return expectedCredentialIssuerGVR, expectedCredentialIssuer
} }
// Defer starting the informers until the last possible moment so that the // Defer starting the informers until the last possible moment so that the
@ -150,7 +150,7 @@ func TestSync(t *testing.T) {
// Set this at the last second to allow for injection of server override. // Set this at the last second to allow for injection of server override.
subject = NewKubeConfigInfoPublisherController( subject = NewKubeConfigInfoPublisherController(
installedInNamespace, installedInNamespace,
credentialIssuerConfigResourceName, credentialIssuerResourceName,
map[string]string{ map[string]string{
"myLabelKey1": "myLabelValue1", "myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2", "myLabelKey2": "myLabelValue2",
@ -216,13 +216,13 @@ func TestSync(t *testing.T) {
r.NoError(err) r.NoError(err)
}) })
when("the CredentialIssuerConfig does not already exist", func() { when("the CredentialIssuer does not already exist", func() {
it("creates a CredentialIssuerConfig", func() { it("creates a CredentialIssuer", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
r.NoError(err) r.NoError(err)
expectedCredentialIssuerConfigGVR, expectedCredentialIssuerConfig := expectedCredentialIssuerConfig( expectedCredentialIssuerGVR, expectedCredentialIssuer := expectedCredentialIssuer(
installedInNamespace, installedInNamespace,
kubeServerURL, kubeServerURL,
caData, caData,
@ -230,22 +230,22 @@ func TestSync(t *testing.T) {
r.Equal( r.Equal(
[]coretesting.Action{ []coretesting.Action{
coretesting.NewGetAction(expectedCredentialIssuerConfigGVR, installedInNamespace, expectedCredentialIssuerConfig.Name), coretesting.NewGetAction(expectedCredentialIssuerGVR, installedInNamespace, expectedCredentialIssuer.Name),
coretesting.NewCreateAction( coretesting.NewCreateAction(
expectedCredentialIssuerConfigGVR, expectedCredentialIssuerGVR,
installedInNamespace, installedInNamespace,
expectedCredentialIssuerConfig, expectedCredentialIssuer,
), ),
}, },
pinnipedAPIClient.Actions(), pinnipedAPIClient.Actions(),
) )
}) })
when("creating the CredentialIssuerConfig fails", func() { when("creating the CredentialIssuer fails", func() {
it.Before(func() { it.Before(func() {
pinnipedAPIClient.PrependReactor( pinnipedAPIClient.PrependReactor(
"create", "create",
"credentialissuerconfigs", "credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) { func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("create failed") return true, nil, errors.New("create failed")
}, },
@ -255,7 +255,7 @@ func TestSync(t *testing.T) {
it("returns the create error", func() { it("returns the create error", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
r.EqualError(err, "could not create or update credentialissuerconfig: create failed: create failed") r.EqualError(err, "could not create or update credentialissuer: create failed: create failed")
}) })
}) })
@ -268,20 +268,20 @@ func TestSync(t *testing.T) {
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
r.NoError(err) r.NoError(err)
expectedCredentialIssuerConfigGVR, expectedCredentialIssuerConfig := expectedCredentialIssuerConfig( expectedCredentialIssuerGVR, expectedCredentialIssuer := expectedCredentialIssuer(
installedInNamespace, installedInNamespace,
kubeServerURL, kubeServerURL,
caData, caData,
) )
expectedCredentialIssuerConfig.Status.KubeConfigInfo.Server = "https://some-server-override" expectedCredentialIssuer.Status.KubeConfigInfo.Server = "https://some-server-override"
r.Equal( r.Equal(
[]coretesting.Action{ []coretesting.Action{
coretesting.NewGetAction(expectedCredentialIssuerConfigGVR, installedInNamespace, expectedCredentialIssuerConfig.Name), coretesting.NewGetAction(expectedCredentialIssuerGVR, installedInNamespace, expectedCredentialIssuer.Name),
coretesting.NewCreateAction( coretesting.NewCreateAction(
expectedCredentialIssuerConfigGVR, expectedCredentialIssuerGVR,
installedInNamespace, installedInNamespace,
expectedCredentialIssuerConfig, expectedCredentialIssuer,
), ),
}, },
pinnipedAPIClient.Actions(), pinnipedAPIClient.Actions(),
@ -290,72 +290,72 @@ func TestSync(t *testing.T) {
}) })
}) })
when("the CredentialIssuerConfig already exists", func() { when("the CredentialIssuer already exists", func() {
when("the CredentialIssuerConfig is already up to date according to the data in the ConfigMap", func() { when("the CredentialIssuer is already up to date according to the data in the ConfigMap", func() {
var credentialIssuerConfigGVR schema.GroupVersionResource var credentialIssuerGVR schema.GroupVersionResource
var credentialIssuerConfig *configv1alpha1.CredentialIssuerConfig var credentialIssuer *configv1alpha1.CredentialIssuer
it.Before(func() { it.Before(func() {
credentialIssuerConfigGVR, credentialIssuerConfig = expectedCredentialIssuerConfig( credentialIssuerGVR, credentialIssuer = expectedCredentialIssuer(
installedInNamespace, installedInNamespace,
kubeServerURL, kubeServerURL,
caData, caData,
) )
err := pinnipedAPIClient.Tracker().Add(credentialIssuerConfig) err := pinnipedAPIClient.Tracker().Add(credentialIssuer)
r.NoError(err) r.NoError(err)
}) })
it("does not update the CredentialIssuerConfig to avoid unnecessary etcd writes/api calls", func() { it("does not update the CredentialIssuer to avoid unnecessary etcd writes/api calls", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
r.NoError(err) r.NoError(err)
r.Equal( r.Equal(
[]coretesting.Action{ []coretesting.Action{
coretesting.NewGetAction(credentialIssuerConfigGVR, installedInNamespace, credentialIssuerConfig.Name), coretesting.NewGetAction(credentialIssuerGVR, installedInNamespace, credentialIssuer.Name),
}, },
pinnipedAPIClient.Actions(), pinnipedAPIClient.Actions(),
) )
}) })
}) })
when("the CredentialIssuerConfig is stale compared to the data in the ConfigMap", func() { when("the CredentialIssuer is stale compared to the data in the ConfigMap", func() {
it.Before(func() { it.Before(func() {
_, expectedCredentialIssuerConfig := expectedCredentialIssuerConfig( _, expectedCredentialIssuer := expectedCredentialIssuer(
installedInNamespace, installedInNamespace,
kubeServerURL, kubeServerURL,
caData, caData,
) )
expectedCredentialIssuerConfig.Status.KubeConfigInfo.Server = "https://some-other-server" expectedCredentialIssuer.Status.KubeConfigInfo.Server = "https://some-other-server"
r.NoError(pinnipedAPIClient.Tracker().Add(expectedCredentialIssuerConfig)) r.NoError(pinnipedAPIClient.Tracker().Add(expectedCredentialIssuer))
}) })
it("updates the existing CredentialIssuerConfig", func() { it("updates the existing CredentialIssuer", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
r.NoError(err) r.NoError(err)
expectedCredentialIssuerConfigGVR, expectedCredentialIssuerConfig := expectedCredentialIssuerConfig( expectedCredentialIssuerGVR, expectedCredentialIssuer := expectedCredentialIssuer(
installedInNamespace, installedInNamespace,
kubeServerURL, kubeServerURL,
caData, caData,
) )
expectedActions := []coretesting.Action{ expectedActions := []coretesting.Action{
coretesting.NewGetAction(expectedCredentialIssuerConfigGVR, installedInNamespace, expectedCredentialIssuerConfig.Name), coretesting.NewGetAction(expectedCredentialIssuerGVR, installedInNamespace, expectedCredentialIssuer.Name),
coretesting.NewUpdateAction( coretesting.NewUpdateAction(
expectedCredentialIssuerConfigGVR, expectedCredentialIssuerGVR,
installedInNamespace, installedInNamespace,
expectedCredentialIssuerConfig, expectedCredentialIssuer,
), ),
} }
r.Equal(expectedActions, pinnipedAPIClient.Actions()) r.Equal(expectedActions, pinnipedAPIClient.Actions())
}) })
when("updating the CredentialIssuerConfig fails", func() { when("updating the CredentialIssuer fails", func() {
it.Before(func() { it.Before(func() {
pinnipedAPIClient.PrependReactor( pinnipedAPIClient.PrependReactor(
"update", "update",
"credentialissuerconfigs", "credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) { func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("update failed") return true, nil, errors.New("update failed")
}, },
@ -365,7 +365,7 @@ func TestSync(t *testing.T) {
it("returns the update error", func() { it("returns the update error", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
r.EqualError(err, "could not create or update credentialissuerconfig: update failed") r.EqualError(err, "could not create or update credentialissuer: update failed")
}) })
}) })
}) })

View File

@ -30,7 +30,7 @@ const (
type annotaterController struct { type annotaterController struct {
agentPodConfig *AgentPodConfig agentPodConfig *AgentPodConfig
credentialIssuerConfigLocationConfig *CredentialIssuerConfigLocationConfig credentialIssuerLocationConfig *CredentialIssuerLocationConfig
clock clock.Clock clock clock.Clock
k8sClient kubernetes.Interface k8sClient kubernetes.Interface
pinnipedAPIClient pinnipedclientset.Interface pinnipedAPIClient pinnipedclientset.Interface
@ -44,11 +44,11 @@ type annotaterController struct {
// This controller will add annotations to agent pods with the best-guess paths to the kube API's // This controller will add annotations to agent pods with the best-guess paths to the kube API's
// certificate and key. // certificate and key.
// //
// It also is tasked with updating the CredentialIssuerConfig, located via the provided // It also is tasked with updating the CredentialIssuer, located via the provided
// credentialIssuerConfigLocationConfig, with any errors that it encounters. // credentialIssuerLocationConfig, with any errors that it encounters.
func NewAnnotaterController( func NewAnnotaterController(
agentPodConfig *AgentPodConfig, agentPodConfig *AgentPodConfig,
credentialIssuerConfigLocationConfig *CredentialIssuerConfigLocationConfig, credentialIssuerLocationConfig *CredentialIssuerLocationConfig,
clock clock.Clock, clock clock.Clock,
k8sClient kubernetes.Interface, k8sClient kubernetes.Interface,
pinnipedAPIClient pinnipedclientset.Interface, pinnipedAPIClient pinnipedclientset.Interface,
@ -61,7 +61,7 @@ func NewAnnotaterController(
Name: "kube-cert-agent-annotater-controller", Name: "kube-cert-agent-annotater-controller",
Syncer: &annotaterController{ Syncer: &annotaterController{
agentPodConfig: agentPodConfig, agentPodConfig: agentPodConfig,
credentialIssuerConfigLocationConfig: credentialIssuerConfigLocationConfig, credentialIssuerLocationConfig: credentialIssuerLocationConfig,
clock: clock, clock: clock,
k8sClient: k8sClient, k8sClient: k8sClient,
pinnipedAPIClient: pinnipedAPIClient, pinnipedAPIClient: pinnipedAPIClient,
@ -120,11 +120,11 @@ func (c *annotaterController) Sync(ctx controllerlib.Context) error {
keyPath, keyPath,
); err != nil { ); err != nil {
err = fmt.Errorf("cannot update agent pod: %w", err) err = fmt.Errorf("cannot update agent pod: %w", err)
strategyResultUpdateErr := createOrUpdateCredentialIssuerConfig(ctx.Context, *c.credentialIssuerConfigLocationConfig, nil, c.clock, c.pinnipedAPIClient, err) strategyResultUpdateErr := createOrUpdateCredentialIssuer(ctx.Context, *c.credentialIssuerLocationConfig, nil, c.clock, c.pinnipedAPIClient, err)
if strategyResultUpdateErr != nil { if strategyResultUpdateErr != nil {
// If the CIC update fails, then we probably want to try again. This controller will get // If the CI update fails, then we probably want to try again. This controller will get
// called again because of the pod create failure, so just try the CIC update again then. // called again because of the pod create failure, so just try the CI update again then.
klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuerConfig") klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuer")
} }
return err return err

View File

@ -34,14 +34,14 @@ func TestAnnotaterControllerFilter(t *testing.T) {
"AnnotaterControllerFilter", "AnnotaterControllerFilter",
func( func(
agentPodConfig *AgentPodConfig, agentPodConfig *AgentPodConfig,
_ *CredentialIssuerConfigLocationConfig, _ *CredentialIssuerLocationConfig,
kubeSystemPodInformer corev1informers.PodInformer, kubeSystemPodInformer corev1informers.PodInformer,
agentPodInformer corev1informers.PodInformer, agentPodInformer corev1informers.PodInformer,
observableWithInformerOption *testutil.ObservableWithInformerOption, observableWithInformerOption *testutil.ObservableWithInformerOption,
) { ) {
_ = NewAnnotaterController( _ = NewAnnotaterController(
agentPodConfig, agentPodConfig,
nil, // credentialIssuerConfigLocationConfig, shouldn't matter nil, // credentialIssuerLocationConfig, shouldn't matter
nil, // clock, shouldn't matter nil, // clock, shouldn't matter
nil, // k8sClient, shouldn't matter nil, // k8sClient, shouldn't matter
nil, // pinnipedClient, shouldn't matter nil, // pinnipedClient, shouldn't matter
@ -59,8 +59,8 @@ func TestAnnotaterControllerSync(t *testing.T) {
const agentPodNamespace = "agent-pod-namespace" const agentPodNamespace = "agent-pod-namespace"
const defaultKubeControllerManagerClusterSigningCertFileFlagValue = "/etc/kubernetes/ca/ca.pem" const defaultKubeControllerManagerClusterSigningCertFileFlagValue = "/etc/kubernetes/ca/ca.pem"
const defaultKubeControllerManagerClusterSigningKeyFileFlagValue = "/etc/kubernetes/ca/ca.key" const defaultKubeControllerManagerClusterSigningKeyFileFlagValue = "/etc/kubernetes/ca/ca.key"
const credentialIssuerConfigNamespaceName = "cic-namespace-name" const credentialIssuerNamespaceName = "ci-namespace-name"
const credentialIssuerConfigResourceName = "cic-resource-name" const credentialIssuerResourceName = "ci-resource-name"
const ( const (
certPath = "some-cert-path" certPath = "some-cert-path"
@ -84,7 +84,7 @@ func TestAnnotaterControllerSync(t *testing.T) {
var syncContext *controllerlib.Context var syncContext *controllerlib.Context
var controllerManagerPod, agentPod *corev1.Pod var controllerManagerPod, agentPod *corev1.Pod
var podsGVR schema.GroupVersionResource var podsGVR schema.GroupVersionResource
var credentialIssuerConfigGVR schema.GroupVersionResource var credentialIssuerGVR schema.GroupVersionResource
var frozenNow time.Time var frozenNow time.Time
// Defer starting the informers until the last possible moment so that the // Defer starting the informers until the last possible moment so that the
@ -101,9 +101,9 @@ func TestAnnotaterControllerSync(t *testing.T) {
"myLabelKey2": "myLabelValue2", "myLabelKey2": "myLabelValue2",
}, },
}, },
&CredentialIssuerConfigLocationConfig{ &CredentialIssuerLocationConfig{
Namespace: credentialIssuerConfigNamespaceName, Namespace: credentialIssuerNamespaceName,
Name: credentialIssuerConfigResourceName, Name: credentialIssuerResourceName,
}, },
clock.NewFakeClock(frozenNow), clock.NewFakeClock(frozenNow),
kubeAPIClient, kubeAPIClient,
@ -154,10 +154,10 @@ func TestAnnotaterControllerSync(t *testing.T) {
Resource: "pods", Resource: "pods",
} }
credentialIssuerConfigGVR = schema.GroupVersionResource{ credentialIssuerGVR = schema.GroupVersionResource{
Group: configv1alpha1.GroupName, Group: configv1alpha1.GroupName,
Version: configv1alpha1.SchemeGroupVersion.Version, Version: configv1alpha1.SchemeGroupVersion.Version,
Resource: "credentialissuerconfigs", Resource: "credentialissuers",
} }
frozenNow = time.Date(2020, time.September, 23, 7, 42, 0, 0, time.Local) frozenNow = time.Date(2020, time.September, 23, 7, 42, 0, 0, time.Local)
@ -229,33 +229,33 @@ func TestAnnotaterControllerSync(t *testing.T) {
r.EqualError(err, "cannot update agent pod: some update error") r.EqualError(err, "cannot update agent pod: some update error")
}) })
when("there is already a CredentialIssuerConfig", func() { when("there is already a CredentialIssuer", func() {
var initialCredentialIssuerConfig *configv1alpha1.CredentialIssuerConfig var initialCredentialIssuer *configv1alpha1.CredentialIssuer
it.Before(func() { it.Before(func() {
initialCredentialIssuerConfig = &configv1alpha1.CredentialIssuerConfig{ initialCredentialIssuer = &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{}, TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName, Name: credentialIssuerResourceName,
Namespace: credentialIssuerConfigNamespaceName, Namespace: credentialIssuerNamespaceName,
}, },
Status: configv1alpha1.CredentialIssuerConfigStatus{ Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{}, Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{ KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: "some-server", Server: "some-server",
CertificateAuthorityData: "some-ca-value", CertificateAuthorityData: "some-ca-value",
}, },
}, },
} }
r.NoError(pinnipedAPIClient.Tracker().Add(initialCredentialIssuerConfig)) r.NoError(pinnipedAPIClient.Tracker().Add(initialCredentialIssuer))
}) })
it("updates the CredentialIssuerConfig status with the error", func() { it("updates the CredentialIssuer status with the error", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
expectedCredentialIssuerConfig := initialCredentialIssuerConfig.DeepCopy() expectedCredentialIssuer := initialCredentialIssuer.DeepCopy()
expectedCredentialIssuerConfig.Status.Strategies = []configv1alpha1.CredentialIssuerConfigStrategy{ expectedCredentialIssuer.Status.Strategies = []configv1alpha1.CredentialIssuerStrategy{
{ {
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus, Status: configv1alpha1.ErrorStrategyStatus,
@ -265,14 +265,14 @@ func TestAnnotaterControllerSync(t *testing.T) {
}, },
} }
expectedGetAction := coretesting.NewGetAction( expectedGetAction := coretesting.NewGetAction(
credentialIssuerConfigGVR, credentialIssuerGVR,
credentialIssuerConfigNamespaceName, credentialIssuerNamespaceName,
credentialIssuerConfigResourceName, credentialIssuerResourceName,
) )
expectedUpdateAction := coretesting.NewUpdateAction( expectedUpdateAction := coretesting.NewUpdateAction(
credentialIssuerConfigGVR, credentialIssuerGVR,
credentialIssuerConfigNamespaceName, credentialIssuerNamespaceName,
expectedCredentialIssuerConfig, expectedCredentialIssuer,
) )
r.EqualError(err, "cannot update agent pod: some update error") r.EqualError(err, "cannot update agent pod: some update error")
@ -285,11 +285,11 @@ func TestAnnotaterControllerSync(t *testing.T) {
) )
}) })
when("updating the CredentialIssuerConfig fails", func() { when("updating the CredentialIssuer fails", func() {
it.Before(func() { it.Before(func() {
pinnipedAPIClient.PrependReactor( pinnipedAPIClient.PrependReactor(
"update", "update",
"credentialissuerconfigs", "credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) { func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("some update error") return true, nil, errors.New("some update error")
}, },
@ -304,19 +304,19 @@ func TestAnnotaterControllerSync(t *testing.T) {
}) })
}) })
when("there is not already a CredentialIssuerConfig", func() { when("there is not already a CredentialIssuer", func() {
it("creates the CredentialIssuerConfig status with the error", func() { it("creates the CredentialIssuer status with the error", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
expectedCredentialIssuerConfig := &configv1alpha1.CredentialIssuerConfig{ expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{}, TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName, Name: credentialIssuerResourceName,
Namespace: credentialIssuerConfigNamespaceName, Namespace: credentialIssuerNamespaceName,
}, },
Status: configv1alpha1.CredentialIssuerConfigStatus{ Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{ Strategies: []configv1alpha1.CredentialIssuerStrategy{
{ {
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus, Status: configv1alpha1.ErrorStrategyStatus,
@ -328,14 +328,14 @@ func TestAnnotaterControllerSync(t *testing.T) {
}, },
} }
expectedGetAction := coretesting.NewGetAction( expectedGetAction := coretesting.NewGetAction(
credentialIssuerConfigGVR, credentialIssuerGVR,
credentialIssuerConfigNamespaceName, credentialIssuerNamespaceName,
credentialIssuerConfigResourceName, credentialIssuerResourceName,
) )
expectedCreateAction := coretesting.NewCreateAction( expectedCreateAction := coretesting.NewCreateAction(
credentialIssuerConfigGVR, credentialIssuerGVR,
credentialIssuerConfigNamespaceName, credentialIssuerNamespaceName,
expectedCredentialIssuerConfig, expectedCredentialIssuer,
) )
r.EqualError(err, "cannot update agent pod: some update error") r.EqualError(err, "cannot update agent pod: some update error")

View File

@ -22,8 +22,8 @@ import (
type createrController struct { type createrController struct {
agentPodConfig *AgentPodConfig agentPodConfig *AgentPodConfig
credentialIssuerConfigLocationConfig *CredentialIssuerConfigLocationConfig credentialIssuerLocationConfig *CredentialIssuerLocationConfig
credentialIssuerConfigLabels map[string]string credentialIssuerLabels map[string]string
clock clock.Clock clock clock.Clock
k8sClient kubernetes.Interface k8sClient kubernetes.Interface
pinnipedAPIClient pinnipedclientset.Interface pinnipedAPIClient pinnipedclientset.Interface
@ -34,12 +34,12 @@ type createrController struct {
// NewCreaterController returns a controller that creates new kube-cert-agent pods for every known // NewCreaterController returns a controller that creates new kube-cert-agent pods for every known
// kube-controller-manager pod. // kube-controller-manager pod.
// //
// It also is tasked with updating the CredentialIssuerConfig, located via the provided // It also is tasked with updating the CredentialIssuer, located via the provided
// credentialIssuerConfigLocationConfig, with any errors that it encounters. // credentialIssuerLocationConfig, with any errors that it encounters.
func NewCreaterController( func NewCreaterController(
agentPodConfig *AgentPodConfig, agentPodConfig *AgentPodConfig,
credentialIssuerConfigLocationConfig *CredentialIssuerConfigLocationConfig, credentialIssuerLocationConfig *CredentialIssuerLocationConfig,
credentialIssuerConfigLabels map[string]string, credentialIssuerLabels map[string]string,
clock clock.Clock, clock clock.Clock,
k8sClient kubernetes.Interface, k8sClient kubernetes.Interface,
pinnipedAPIClient pinnipedclientset.Interface, pinnipedAPIClient pinnipedclientset.Interface,
@ -54,8 +54,8 @@ func NewCreaterController(
Name: "kube-cert-agent-creater-controller", Name: "kube-cert-agent-creater-controller",
Syncer: &createrController{ Syncer: &createrController{
agentPodConfig: agentPodConfig, agentPodConfig: agentPodConfig,
credentialIssuerConfigLocationConfig: credentialIssuerConfigLocationConfig, credentialIssuerLocationConfig: credentialIssuerLocationConfig,
credentialIssuerConfigLabels: credentialIssuerConfigLabels, credentialIssuerLabels: credentialIssuerLabels,
clock: clock, clock: clock,
k8sClient: k8sClient, k8sClient: k8sClient,
pinnipedAPIClient: pinnipedAPIClient, pinnipedAPIClient: pinnipedAPIClient,
@ -73,7 +73,7 @@ func NewCreaterController(
pinnipedcontroller.SimpleFilter(isAgentPod), pinnipedcontroller.SimpleFilter(isAgentPod),
controllerlib.InformerOption{}, controllerlib.InformerOption{},
), ),
// Be sure to run once even to make sure the CIC is updated if there are no controller manager // Be sure to run once even to make sure the CI is updated if there are no controller manager
// pods. We should be able to pass an empty key since we don't use the key in the sync (we sync // pods. We should be able to pass an empty key since we don't use the key in the sync (we sync
// the world). // the world).
withInitialEvent(controllerlib.Key{}), withInitialEvent(controllerlib.Key{}),
@ -94,11 +94,11 @@ func (c *createrController) Sync(ctx controllerlib.Context) error {
if len(controllerManagerPods) == 0 { if len(controllerManagerPods) == 0 {
// If there are no controller manager pods, we alert the user that we can't find the keypair via // If there are no controller manager pods, we alert the user that we can't find the keypair via
// the CredentialIssuerConfig. // the CredentialIssuer.
return createOrUpdateCredentialIssuerConfig( return createOrUpdateCredentialIssuer(
ctx.Context, ctx.Context,
*c.credentialIssuerConfigLocationConfig, *c.credentialIssuerLocationConfig,
c.credentialIssuerConfigLabels, c.credentialIssuerLabels,
c.clock, c.clock,
c.pinnipedAPIClient, c.pinnipedAPIClient,
constable.Error("did not find kube-controller-manager pod(s)"), constable.Error("did not find kube-controller-manager pod(s)"),
@ -130,18 +130,18 @@ func (c *createrController) Sync(ctx controllerlib.Context) error {
Create(ctx.Context, agentPod, metav1.CreateOptions{}) Create(ctx.Context, agentPod, metav1.CreateOptions{})
if err != nil { if err != nil {
err = fmt.Errorf("cannot create agent pod: %w", err) err = fmt.Errorf("cannot create agent pod: %w", err)
strategyResultUpdateErr := createOrUpdateCredentialIssuerConfig( strategyResultUpdateErr := createOrUpdateCredentialIssuer(
ctx.Context, ctx.Context,
*c.credentialIssuerConfigLocationConfig, *c.credentialIssuerLocationConfig,
c.credentialIssuerConfigLabels, c.credentialIssuerLabels,
c.clock, c.clock,
c.pinnipedAPIClient, c.pinnipedAPIClient,
err, err,
) )
if strategyResultUpdateErr != nil { if strategyResultUpdateErr != nil {
// If the CIC update fails, then we probably want to try again. This controller will get // If the CI update fails, then we probably want to try again. This controller will get
// called again because of the pod create failure, so just try the CIC update again then. // called again because of the pod create failure, so just try the CI update again then.
klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuerConfig") klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuer")
} }
return err return err

View File

@ -34,14 +34,14 @@ func TestCreaterControllerFilter(t *testing.T) {
"CreaterControllerFilter", "CreaterControllerFilter",
func( func(
agentPodConfig *AgentPodConfig, agentPodConfig *AgentPodConfig,
credentialIssuerConfigLocationConfig *CredentialIssuerConfigLocationConfig, credentialIssuerLocationConfig *CredentialIssuerLocationConfig,
kubeSystemPodInformer corev1informers.PodInformer, kubeSystemPodInformer corev1informers.PodInformer,
agentPodInformer corev1informers.PodInformer, agentPodInformer corev1informers.PodInformer,
observableWithInformerOption *testutil.ObservableWithInformerOption, observableWithInformerOption *testutil.ObservableWithInformerOption,
) { ) {
_ = NewCreaterController( _ = NewCreaterController(
agentPodConfig, agentPodConfig,
credentialIssuerConfigLocationConfig, credentialIssuerLocationConfig,
map[string]string{}, map[string]string{},
nil, // clock, shouldn't matter nil, // clock, shouldn't matter
nil, // k8sClient, shouldn't matter nil, // k8sClient, shouldn't matter
@ -66,7 +66,7 @@ func TestCreaterControllerInitialEvent(t *testing.T) {
_ = NewCreaterController( _ = NewCreaterController(
nil, // agentPodConfig, shouldn't matter nil, // agentPodConfig, shouldn't matter
nil, // credentialIssuerConfigLocationConfig, shouldn't matter nil, // credentialIssuerLocationConfig, shouldn't matter
map[string]string{}, map[string]string{},
nil, // clock, shouldn't matter nil, // clock, shouldn't matter
nil, // k8sClient, shouldn't matter nil, // k8sClient, shouldn't matter
@ -83,8 +83,8 @@ func TestCreaterControllerSync(t *testing.T) {
spec.Run(t, "CreaterControllerSync", func(t *testing.T, when spec.G, it spec.S) { spec.Run(t, "CreaterControllerSync", func(t *testing.T, when spec.G, it spec.S) {
const kubeSystemNamespace = "kube-system" const kubeSystemNamespace = "kube-system"
const agentPodNamespace = "agent-pod-namespace" const agentPodNamespace = "agent-pod-namespace"
const credentialIssuerConfigNamespaceName = "cic-namespace-name" const credentialIssuerNamespaceName = "ci-namespace-name"
const credentialIssuerConfigResourceName = "cic-resource-name" const credentialIssuerResourceName = "ci-resource-name"
var r *require.Assertions var r *require.Assertions
@ -100,7 +100,7 @@ func TestCreaterControllerSync(t *testing.T) {
var syncContext *controllerlib.Context var syncContext *controllerlib.Context
var controllerManagerPod, agentPod *corev1.Pod var controllerManagerPod, agentPod *corev1.Pod
var podsGVR schema.GroupVersionResource var podsGVR schema.GroupVersionResource
var credentialIssuerConfigGVR schema.GroupVersionResource var credentialIssuerGVR schema.GroupVersionResource
var frozenNow time.Time var frozenNow time.Time
// Defer starting the informers until the last possible moment so that the // Defer starting the informers until the last possible moment so that the
@ -118,9 +118,9 @@ func TestCreaterControllerSync(t *testing.T) {
"myLabelKey2": "myLabelValue2", "myLabelKey2": "myLabelValue2",
}, },
}, },
&CredentialIssuerConfigLocationConfig{ &CredentialIssuerLocationConfig{
Namespace: credentialIssuerConfigNamespaceName, Namespace: credentialIssuerNamespaceName,
Name: credentialIssuerConfigResourceName, Name: credentialIssuerResourceName,
}, },
map[string]string{ map[string]string{
"myLabelKey1": "myLabelValue1", "myLabelKey1": "myLabelValue1",
@ -176,10 +176,10 @@ func TestCreaterControllerSync(t *testing.T) {
Resource: "pods", Resource: "pods",
} }
credentialIssuerConfigGVR = schema.GroupVersionResource{ credentialIssuerGVR = schema.GroupVersionResource{
Group: configv1alpha1.GroupName, Group: configv1alpha1.GroupName,
Version: configv1alpha1.SchemeGroupVersion.Version, Version: configv1alpha1.SchemeGroupVersion.Version,
Resource: "credentialissuerconfigs", Resource: "credentialissuers",
} }
frozenNow = time.Date(2020, time.September, 23, 7, 42, 0, 0, time.Local) frozenNow = time.Date(2020, time.September, 23, 7, 42, 0, 0, time.Local)
@ -300,33 +300,33 @@ func TestCreaterControllerSync(t *testing.T) {
) )
}) })
when("there is already a CredentialIssuerConfig", func() { when("there is already a CredentialIssuer", func() {
var initialCredentialIssuerConfig *configv1alpha1.CredentialIssuerConfig var initialCredentialIssuer *configv1alpha1.CredentialIssuer
it.Before(func() { it.Before(func() {
initialCredentialIssuerConfig = &configv1alpha1.CredentialIssuerConfig{ initialCredentialIssuer = &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{}, TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName, Name: credentialIssuerResourceName,
Namespace: credentialIssuerConfigNamespaceName, Namespace: credentialIssuerNamespaceName,
}, },
Status: configv1alpha1.CredentialIssuerConfigStatus{ Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{}, Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{ KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: "some-server", Server: "some-server",
CertificateAuthorityData: "some-ca-value", CertificateAuthorityData: "some-ca-value",
}, },
}, },
} }
r.NoError(pinnipedAPIClient.Tracker().Add(initialCredentialIssuerConfig)) r.NoError(pinnipedAPIClient.Tracker().Add(initialCredentialIssuer))
}) })
it("updates the CredentialIssuerConfig status saying that controller manager pods couldn't be found", func() { it("updates the CredentialIssuer status saying that controller manager pods couldn't be found", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
expectedCredentialIssuerConfig := initialCredentialIssuerConfig.DeepCopy() expectedCredentialIssuer := initialCredentialIssuer.DeepCopy()
expectedCredentialIssuerConfig.Status.Strategies = []configv1alpha1.CredentialIssuerConfigStrategy{ expectedCredentialIssuer.Status.Strategies = []configv1alpha1.CredentialIssuerStrategy{
{ {
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus, Status: configv1alpha1.ErrorStrategyStatus,
@ -336,14 +336,14 @@ func TestCreaterControllerSync(t *testing.T) {
}, },
} }
expectedGetAction := coretesting.NewGetAction( expectedGetAction := coretesting.NewGetAction(
credentialIssuerConfigGVR, credentialIssuerGVR,
credentialIssuerConfigNamespaceName, credentialIssuerNamespaceName,
credentialIssuerConfigResourceName, credentialIssuerResourceName,
) )
expectedUpdateAction := coretesting.NewUpdateAction( expectedUpdateAction := coretesting.NewUpdateAction(
credentialIssuerConfigGVR, credentialIssuerGVR,
credentialIssuerConfigNamespaceName, credentialIssuerNamespaceName,
expectedCredentialIssuerConfig, expectedCredentialIssuer,
) )
r.EqualError(err, "cannot create agent pod: some create error") r.EqualError(err, "cannot create agent pod: some create error")
@ -356,11 +356,11 @@ func TestCreaterControllerSync(t *testing.T) {
) )
}) })
when("the CredentialIssuerConfig operation fails", func() { when("the CredentialIssuer operation fails", func() {
it.Before(func() { it.Before(func() {
pinnipedAPIClient.PrependReactor( pinnipedAPIClient.PrependReactor(
"update", "update",
"credentialissuerconfigs", "credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) { func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("some update error") return true, nil, errors.New("some update error")
}, },
@ -375,23 +375,23 @@ func TestCreaterControllerSync(t *testing.T) {
}) })
}) })
when("there is not already a CredentialIssuerConfig", func() { when("there is not already a CredentialIssuer", func() {
it("returns an error and updates the CredentialIssuerConfig status", func() { it("returns an error and updates the CredentialIssuer status", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
expectedCredentialIssuerConfig := &configv1alpha1.CredentialIssuerConfig{ expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{}, TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName, Name: credentialIssuerResourceName,
Namespace: credentialIssuerConfigNamespaceName, Namespace: credentialIssuerNamespaceName,
Labels: map[string]string{ Labels: map[string]string{
"myLabelKey1": "myLabelValue1", "myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2", "myLabelKey2": "myLabelValue2",
}, },
}, },
Status: configv1alpha1.CredentialIssuerConfigStatus{ Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{ Strategies: []configv1alpha1.CredentialIssuerStrategy{
{ {
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus, Status: configv1alpha1.ErrorStrategyStatus,
@ -403,14 +403,14 @@ func TestCreaterControllerSync(t *testing.T) {
}, },
} }
expectedGetAction := coretesting.NewGetAction( expectedGetAction := coretesting.NewGetAction(
credentialIssuerConfigGVR, credentialIssuerGVR,
credentialIssuerConfigNamespaceName, credentialIssuerNamespaceName,
credentialIssuerConfigResourceName, credentialIssuerResourceName,
) )
expectedCreateAction := coretesting.NewCreateAction( expectedCreateAction := coretesting.NewCreateAction(
credentialIssuerConfigGVR, credentialIssuerGVR,
credentialIssuerConfigNamespaceName, credentialIssuerNamespaceName,
expectedCredentialIssuerConfig, expectedCredentialIssuer,
) )
r.EqualError(err, "cannot create agent pod: some create error") r.EqualError(err, "cannot create agent pod: some create error")
@ -428,33 +428,33 @@ func TestCreaterControllerSync(t *testing.T) {
}) })
when("there is no controller manager pod", func() { when("there is no controller manager pod", func() {
when("there is already a CredentialIssuerConfig", func() { when("there is already a CredentialIssuer", func() {
var initialCredentialIssuerConfig *configv1alpha1.CredentialIssuerConfig var initialCredentialIssuer *configv1alpha1.CredentialIssuer
it.Before(func() { it.Before(func() {
initialCredentialIssuerConfig = &configv1alpha1.CredentialIssuerConfig{ initialCredentialIssuer = &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{}, TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName, Name: credentialIssuerResourceName,
Namespace: credentialIssuerConfigNamespaceName, Namespace: credentialIssuerNamespaceName,
}, },
Status: configv1alpha1.CredentialIssuerConfigStatus{ Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{}, Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{ KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: "some-server", Server: "some-server",
CertificateAuthorityData: "some-ca-value", CertificateAuthorityData: "some-ca-value",
}, },
}, },
} }
r.NoError(pinnipedAPIClient.Tracker().Add(initialCredentialIssuerConfig)) r.NoError(pinnipedAPIClient.Tracker().Add(initialCredentialIssuer))
}) })
it("updates the CredentialIssuerConfig status saying that controller manager pods couldn't be found", func() { it("updates the CredentialIssuer status saying that controller manager pods couldn't be found", func() {
startInformersAndController() startInformersAndController()
r.NoError(controllerlib.TestSync(t, subject, *syncContext)) r.NoError(controllerlib.TestSync(t, subject, *syncContext))
expectedCredentialIssuerConfig := initialCredentialIssuerConfig.DeepCopy() expectedCredentialIssuer := initialCredentialIssuer.DeepCopy()
expectedCredentialIssuerConfig.Status.Strategies = []configv1alpha1.CredentialIssuerConfigStrategy{ expectedCredentialIssuer.Status.Strategies = []configv1alpha1.CredentialIssuerStrategy{
{ {
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus, Status: configv1alpha1.ErrorStrategyStatus,
@ -464,14 +464,14 @@ func TestCreaterControllerSync(t *testing.T) {
}, },
} }
expectedGetAction := coretesting.NewGetAction( expectedGetAction := coretesting.NewGetAction(
credentialIssuerConfigGVR, credentialIssuerGVR,
credentialIssuerConfigNamespaceName, credentialIssuerNamespaceName,
credentialIssuerConfigResourceName, credentialIssuerResourceName,
) )
expectedUpdateAction := coretesting.NewUpdateAction( expectedUpdateAction := coretesting.NewUpdateAction(
credentialIssuerConfigGVR, credentialIssuerGVR,
credentialIssuerConfigNamespaceName, credentialIssuerNamespaceName,
expectedCredentialIssuerConfig, expectedCredentialIssuer,
) )
r.Equal( r.Equal(
@ -483,11 +483,11 @@ func TestCreaterControllerSync(t *testing.T) {
) )
}) })
when("when updating the CredentialIssuerConfig fails", func() { when("when updating the CredentialIssuer fails", func() {
it.Before(func() { it.Before(func() {
pinnipedAPIClient.PrependReactor( pinnipedAPIClient.PrependReactor(
"update", "update",
"credentialissuerconfigs", "credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) { func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("some update error") return true, nil, errors.New("some update error")
}, },
@ -497,15 +497,15 @@ func TestCreaterControllerSync(t *testing.T) {
it("returns an error", func() { it("returns an error", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
r.EqualError(err, "could not create or update credentialissuerconfig: some update error") r.EqualError(err, "could not create or update credentialissuer: some update error")
}) })
}) })
when("when getting the CredentialIssuerConfig fails", func() { when("when getting the CredentialIssuer fails", func() {
it.Before(func() { it.Before(func() {
pinnipedAPIClient.PrependReactor( pinnipedAPIClient.PrependReactor(
"get", "get",
"credentialissuerconfigs", "credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) { func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("some get error") return true, nil, errors.New("some get error")
}, },
@ -515,28 +515,28 @@ func TestCreaterControllerSync(t *testing.T) {
it("returns an error", func() { it("returns an error", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
r.EqualError(err, "could not create or update credentialissuerconfig: get failed: some get error") r.EqualError(err, "could not create or update credentialissuer: get failed: some get error")
}) })
}) })
}) })
when("there is not already a CredentialIssuerConfig", func() { when("there is not already a CredentialIssuer", func() {
it("creates the CredentialIssuerConfig status saying that controller manager pods couldn't be found", func() { it("creates the CredentialIssuer status saying that controller manager pods couldn't be found", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
expectedCredentialIssuerConfig := &configv1alpha1.CredentialIssuerConfig{ expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{}, TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName, Name: credentialIssuerResourceName,
Namespace: credentialIssuerConfigNamespaceName, Namespace: credentialIssuerNamespaceName,
Labels: map[string]string{ Labels: map[string]string{
"myLabelKey1": "myLabelValue1", "myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2", "myLabelKey2": "myLabelValue2",
}, },
}, },
Status: configv1alpha1.CredentialIssuerConfigStatus{ Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{ Strategies: []configv1alpha1.CredentialIssuerStrategy{
{ {
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus, Status: configv1alpha1.ErrorStrategyStatus,
@ -548,14 +548,14 @@ func TestCreaterControllerSync(t *testing.T) {
}, },
} }
expectedGetAction := coretesting.NewGetAction( expectedGetAction := coretesting.NewGetAction(
credentialIssuerConfigGVR, credentialIssuerGVR,
credentialIssuerConfigNamespaceName, credentialIssuerNamespaceName,
credentialIssuerConfigResourceName, credentialIssuerResourceName,
) )
expectedCreateAction := coretesting.NewCreateAction( expectedCreateAction := coretesting.NewCreateAction(
credentialIssuerConfigGVR, credentialIssuerGVR,
credentialIssuerConfigNamespaceName, credentialIssuerNamespaceName,
expectedCredentialIssuerConfig, expectedCredentialIssuer,
) )
r.NoError(err) r.NoError(err)
@ -568,11 +568,11 @@ func TestCreaterControllerSync(t *testing.T) {
) )
}) })
when("when creating the CredentialIssuerConfig fails", func() { when("when creating the CredentialIssuer fails", func() {
it.Before(func() { it.Before(func() {
pinnipedAPIClient.PrependReactor( pinnipedAPIClient.PrependReactor(
"create", "create",
"credentialissuerconfigs", "credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) { func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("some create error") return true, nil, errors.New("some create error")
}, },
@ -582,15 +582,15 @@ func TestCreaterControllerSync(t *testing.T) {
it("returns an error", func() { it("returns an error", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
r.EqualError(err, "could not create or update credentialissuerconfig: create failed: some create error") r.EqualError(err, "could not create or update credentialissuer: create failed: some create error")
}) })
}) })
when("when getting the CredentialIssuerConfig fails", func() { when("when getting the CredentialIssuer fails", func() {
it.Before(func() { it.Before(func() {
pinnipedAPIClient.PrependReactor( pinnipedAPIClient.PrependReactor(
"get", "get",
"credentialissuerconfigs", "credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) { func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("some get error") return true, nil, errors.New("some get error")
}, },
@ -600,7 +600,7 @@ func TestCreaterControllerSync(t *testing.T) {
it("returns an error", func() { it("returns an error", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
r.EqualError(err, "could not create or update credentialissuerconfig: get failed: some get error") r.EqualError(err, "could not create or update credentialissuer: get failed: some get error")
}) })
}) })
}) })

View File

@ -28,7 +28,7 @@ func TestDeleterControllerFilter(t *testing.T) {
"DeleterControllerFilter", "DeleterControllerFilter",
func( func(
agentPodConfig *AgentPodConfig, agentPodConfig *AgentPodConfig,
_ *CredentialIssuerConfigLocationConfig, _ *CredentialIssuerLocationConfig,
kubeSystemPodInformer corev1informers.PodInformer, kubeSystemPodInformer corev1informers.PodInformer,
agentPodInformer corev1informers.PodInformer, agentPodInformer corev1informers.PodInformer,
observableWithInformerOption *testutil.ObservableWithInformerOption, observableWithInformerOption *testutil.ObservableWithInformerOption,

View File

@ -19,7 +19,7 @@ import (
) )
type execerController struct { type execerController struct {
credentialIssuerConfigLocationConfig *CredentialIssuerConfigLocationConfig credentialIssuerLocationConfig *CredentialIssuerLocationConfig
dynamicCertProvider dynamiccert.Provider dynamicCertProvider dynamiccert.Provider
podCommandExecutor PodCommandExecutor podCommandExecutor PodCommandExecutor
clock clock.Clock clock clock.Clock
@ -31,10 +31,10 @@ type execerController struct {
// cert/key path annotations and execs into them to get the cert/key material. It sets the retrieved // cert/key path annotations and execs into them to get the cert/key material. It sets the retrieved
// key material in a provided dynamicCertProvider. // key material in a provided dynamicCertProvider.
// //
// It also is tasked with updating the CredentialIssuerConfig, located via the provided // It also is tasked with updating the CredentialIssuer, located via the provided
// credentialIssuerConfigLocationConfig, with any errors that it encounters. // credentialIssuerLocationConfig, with any errors that it encounters.
func NewExecerController( func NewExecerController(
credentialIssuerConfigLocationConfig *CredentialIssuerConfigLocationConfig, credentialIssuerLocationConfig *CredentialIssuerLocationConfig,
dynamicCertProvider dynamiccert.Provider, dynamicCertProvider dynamiccert.Provider,
podCommandExecutor PodCommandExecutor, podCommandExecutor PodCommandExecutor,
pinnipedAPIClient pinnipedclientset.Interface, pinnipedAPIClient pinnipedclientset.Interface,
@ -46,7 +46,7 @@ func NewExecerController(
controllerlib.Config{ controllerlib.Config{
Name: "kube-cert-agent-execer-controller", Name: "kube-cert-agent-execer-controller",
Syncer: &execerController{ Syncer: &execerController{
credentialIssuerConfigLocationConfig: credentialIssuerConfigLocationConfig, credentialIssuerLocationConfig: credentialIssuerLocationConfig,
dynamicCertProvider: dynamicCertProvider, dynamicCertProvider: dynamicCertProvider,
podCommandExecutor: podCommandExecutor, podCommandExecutor: podCommandExecutor,
pinnipedAPIClient: pinnipedAPIClient, pinnipedAPIClient: pinnipedAPIClient,
@ -87,21 +87,21 @@ func (c *execerController) Sync(ctx controllerlib.Context) error {
certPEM, err := c.podCommandExecutor.Exec(agentPod.Namespace, agentPod.Name, "cat", certPath) certPEM, err := c.podCommandExecutor.Exec(agentPod.Namespace, agentPod.Name, "cat", certPath)
if err != nil { if err != nil {
strategyResultUpdateErr := createOrUpdateCredentialIssuerConfig(ctx.Context, *c.credentialIssuerConfigLocationConfig, nil, c.clock, c.pinnipedAPIClient, err) strategyResultUpdateErr := createOrUpdateCredentialIssuer(ctx.Context, *c.credentialIssuerLocationConfig, nil, c.clock, c.pinnipedAPIClient, err)
klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuerConfig with strategy success") klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuer with strategy success")
return err return err
} }
keyPEM, err := c.podCommandExecutor.Exec(agentPod.Namespace, agentPod.Name, "cat", keyPath) keyPEM, err := c.podCommandExecutor.Exec(agentPod.Namespace, agentPod.Name, "cat", keyPath)
if err != nil { if err != nil {
strategyResultUpdateErr := createOrUpdateCredentialIssuerConfig(ctx.Context, *c.credentialIssuerConfigLocationConfig, nil, c.clock, c.pinnipedAPIClient, err) strategyResultUpdateErr := createOrUpdateCredentialIssuer(ctx.Context, *c.credentialIssuerLocationConfig, nil, c.clock, c.pinnipedAPIClient, err)
klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuerConfig with strategy success") klog.ErrorS(strategyResultUpdateErr, "could not create or update CredentialIssuer with strategy success")
return err return err
} }
c.dynamicCertProvider.Set([]byte(certPEM), []byte(keyPEM)) c.dynamicCertProvider.Set([]byte(certPEM), []byte(keyPEM))
err = createOrUpdateCredentialIssuerConfig(ctx.Context, *c.credentialIssuerConfigLocationConfig, nil, c.clock, c.pinnipedAPIClient, nil) err = createOrUpdateCredentialIssuer(ctx.Context, *c.credentialIssuerLocationConfig, nil, c.clock, c.pinnipedAPIClient, nil)
if err != nil { if err != nil {
return err return err
} }

View File

@ -43,7 +43,7 @@ func TestExecerControllerOptions(t *testing.T) {
observableWithInformerOption = testutil.NewObservableWithInformerOption() observableWithInformerOption = testutil.NewObservableWithInformerOption()
agentPodsInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().Pods() agentPodsInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().Pods()
_ = NewExecerController( _ = NewExecerController(
&CredentialIssuerConfigLocationConfig{ &CredentialIssuerLocationConfig{
Namespace: "ignored by this test", Namespace: "ignored by this test",
Name: "ignored by this test", Name: "ignored by this test",
}, },
@ -136,8 +136,8 @@ func TestManagerControllerSync(t *testing.T) {
const fakeKeyPath = "/some/key/path" const fakeKeyPath = "/some/key/path"
const defaultDynamicCertProviderCert = "initial-cert" const defaultDynamicCertProviderCert = "initial-cert"
const defaultDynamicCertProviderKey = "initial-key" const defaultDynamicCertProviderKey = "initial-key"
const credentialIssuerConfigNamespaceName = "cic-namespace-name" const credentialIssuerNamespaceName = "ci-namespace-name"
const credentialIssuerConfigResourceName = "cic-resource-name" const credentialIssuerResourceName = "ci-resource-name"
var r *require.Assertions var r *require.Assertions
@ -151,7 +151,7 @@ func TestManagerControllerSync(t *testing.T) {
var fakeExecutor *fakePodExecutor var fakeExecutor *fakePodExecutor
var dynamicCertProvider dynamiccert.Provider var dynamicCertProvider dynamiccert.Provider
var fakeCertPEM, fakeKeyPEM string var fakeCertPEM, fakeKeyPEM string
var credentialIssuerConfigGVR schema.GroupVersionResource var credentialIssuerGVR schema.GroupVersionResource
var frozenNow time.Time var frozenNow time.Time
// Defer starting the informers until the last possible moment so that the // Defer starting the informers until the last possible moment so that the
@ -159,9 +159,9 @@ func TestManagerControllerSync(t *testing.T) {
var startInformersAndController = func() { var startInformersAndController = func() {
// Set this at the last second to allow for injection of server override. // Set this at the last second to allow for injection of server override.
subject = NewExecerController( subject = NewExecerController(
&CredentialIssuerConfigLocationConfig{ &CredentialIssuerLocationConfig{
Namespace: credentialIssuerConfigNamespaceName, Namespace: credentialIssuerNamespaceName,
Name: credentialIssuerConfigResourceName, Name: credentialIssuerResourceName,
}, },
dynamicCertProvider, dynamicCertProvider,
fakeExecutor, fakeExecutor,
@ -237,10 +237,10 @@ func TestManagerControllerSync(t *testing.T) {
fakeCertPEM = loadFile("./testdata/test.crt") fakeCertPEM = loadFile("./testdata/test.crt")
fakeKeyPEM = loadFile("./testdata/test.key") fakeKeyPEM = loadFile("./testdata/test.key")
credentialIssuerConfigGVR = schema.GroupVersionResource{ credentialIssuerGVR = schema.GroupVersionResource{
Group: configv1alpha1.GroupName, Group: configv1alpha1.GroupName,
Version: configv1alpha1.SchemeGroupVersion.Version, Version: configv1alpha1.SchemeGroupVersion.Version,
Resource: "credentialissuerconfigs", Resource: "credentialissuers",
} }
}) })
@ -326,33 +326,33 @@ func TestManagerControllerSync(t *testing.T) {
r.Equal(fakeKeyPEM, string(actualKeyPEM)) r.Equal(fakeKeyPEM, string(actualKeyPEM))
}) })
when("there is already a CredentialIssuerConfig", func() { when("there is already a CredentialIssuer", func() {
var initialCredentialIssuerConfig *configv1alpha1.CredentialIssuerConfig var initialCredentialIssuer *configv1alpha1.CredentialIssuer
it.Before(func() { it.Before(func() {
initialCredentialIssuerConfig = &configv1alpha1.CredentialIssuerConfig{ initialCredentialIssuer = &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{}, TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName, Name: credentialIssuerResourceName,
Namespace: credentialIssuerConfigNamespaceName, Namespace: credentialIssuerNamespaceName,
}, },
Status: configv1alpha1.CredentialIssuerConfigStatus{ Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{}, Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerConfigKubeConfigInfo{ KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: "some-server", Server: "some-server",
CertificateAuthorityData: "some-ca-value", CertificateAuthorityData: "some-ca-value",
}, },
}, },
} }
r.NoError(pinnipedAPIClient.Tracker().Add(initialCredentialIssuerConfig)) r.NoError(pinnipedAPIClient.Tracker().Add(initialCredentialIssuer))
}) })
it("also updates the the existing CredentialIssuerConfig status field", func() { it("also updates the the existing CredentialIssuer status field", func() {
startInformersAndController() startInformersAndController()
r.NoError(controllerlib.TestSync(t, subject, *syncContext)) r.NoError(controllerlib.TestSync(t, subject, *syncContext))
expectedCredentialIssuerConfig := initialCredentialIssuerConfig.DeepCopy() expectedCredentialIssuer := initialCredentialIssuer.DeepCopy()
expectedCredentialIssuerConfig.Status.Strategies = []configv1alpha1.CredentialIssuerConfigStrategy{ expectedCredentialIssuer.Status.Strategies = []configv1alpha1.CredentialIssuerStrategy{
{ {
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.SuccessStrategyStatus, Status: configv1alpha1.SuccessStrategyStatus,
@ -361,16 +361,16 @@ func TestManagerControllerSync(t *testing.T) {
LastUpdateTime: metav1.NewTime(frozenNow), LastUpdateTime: metav1.NewTime(frozenNow),
}, },
} }
expectedGetAction := coretesting.NewGetAction(credentialIssuerConfigGVR, credentialIssuerConfigNamespaceName, credentialIssuerConfigResourceName) expectedGetAction := coretesting.NewGetAction(credentialIssuerGVR, credentialIssuerNamespaceName, credentialIssuerResourceName)
expectedCreateAction := coretesting.NewUpdateAction(credentialIssuerConfigGVR, credentialIssuerConfigNamespaceName, expectedCredentialIssuerConfig) expectedCreateAction := coretesting.NewUpdateAction(credentialIssuerGVR, credentialIssuerNamespaceName, expectedCredentialIssuer)
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions()) r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions())
}) })
when("updating the CredentialIssuerConfig fails", func() { when("updating the CredentialIssuer fails", func() {
it.Before(func() { it.Before(func() {
pinnipedAPIClient.PrependReactor( pinnipedAPIClient.PrependReactor(
"update", "update",
"credentialissuerconfigs", "credentialissuers",
func(_ coretesting.Action) (bool, runtime.Object, error) { func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("some update error") return true, nil, errors.New("some update error")
}, },
@ -380,27 +380,27 @@ func TestManagerControllerSync(t *testing.T) {
it("returns an error", func() { it("returns an error", func() {
startInformersAndController() startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext) err := controllerlib.TestSync(t, subject, *syncContext)
r.EqualError(err, "could not create or update credentialissuerconfig: some update error") r.EqualError(err, "could not create or update credentialissuer: some update error")
}) })
}) })
}) })
when("there is not already a CredentialIssuerConfig", func() { when("there is not already a CredentialIssuer", func() {
it.Before(func() { it.Before(func() {
startInformersAndController() startInformersAndController()
}) })
it("also creates the the CredentialIssuerConfig with the appropriate status field", func() { it("also creates the the CredentialIssuer with the appropriate status field", func() {
r.NoError(controllerlib.TestSync(t, subject, *syncContext)) r.NoError(controllerlib.TestSync(t, subject, *syncContext))
expectedCredentialIssuerConfig := &configv1alpha1.CredentialIssuerConfig{ expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{}, TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName, Name: credentialIssuerResourceName,
Namespace: credentialIssuerConfigNamespaceName, Namespace: credentialIssuerNamespaceName,
}, },
Status: configv1alpha1.CredentialIssuerConfigStatus{ Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{ Strategies: []configv1alpha1.CredentialIssuerStrategy{
{ {
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.SuccessStrategyStatus, Status: configv1alpha1.SuccessStrategyStatus,
@ -411,8 +411,8 @@ func TestManagerControllerSync(t *testing.T) {
}, },
}, },
} }
expectedGetAction := coretesting.NewGetAction(credentialIssuerConfigGVR, credentialIssuerConfigNamespaceName, credentialIssuerConfigResourceName) expectedGetAction := coretesting.NewGetAction(credentialIssuerGVR, credentialIssuerNamespaceName, credentialIssuerResourceName)
expectedCreateAction := coretesting.NewCreateAction(credentialIssuerConfigGVR, credentialIssuerConfigNamespaceName, expectedCredentialIssuerConfig) expectedCreateAction := coretesting.NewCreateAction(credentialIssuerGVR, credentialIssuerNamespaceName, expectedCredentialIssuer)
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions()) r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions())
}) })
}) })
@ -433,17 +433,17 @@ func TestManagerControllerSync(t *testing.T) {
requireDynamicCertProviderHasDefaultValues() requireDynamicCertProviderHasDefaultValues()
}) })
it("creates or updates the the CredentialIssuerConfig status field with an error", func() { it("creates or updates the the CredentialIssuer status field with an error", func() {
r.EqualError(controllerlib.TestSync(t, subject, *syncContext), podExecErrorMessage) r.EqualError(controllerlib.TestSync(t, subject, *syncContext), podExecErrorMessage)
expectedCredentialIssuerConfig := &configv1alpha1.CredentialIssuerConfig{ expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{}, TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName, Name: credentialIssuerResourceName,
Namespace: credentialIssuerConfigNamespaceName, Namespace: credentialIssuerNamespaceName,
}, },
Status: configv1alpha1.CredentialIssuerConfigStatus{ Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{ Strategies: []configv1alpha1.CredentialIssuerStrategy{
{ {
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus, Status: configv1alpha1.ErrorStrategyStatus,
@ -454,8 +454,8 @@ func TestManagerControllerSync(t *testing.T) {
}, },
}, },
} }
expectedGetAction := coretesting.NewGetAction(credentialIssuerConfigGVR, credentialIssuerConfigNamespaceName, credentialIssuerConfigResourceName) expectedGetAction := coretesting.NewGetAction(credentialIssuerGVR, credentialIssuerNamespaceName, credentialIssuerResourceName)
expectedCreateAction := coretesting.NewCreateAction(credentialIssuerConfigGVR, credentialIssuerConfigNamespaceName, expectedCredentialIssuerConfig) expectedCreateAction := coretesting.NewCreateAction(credentialIssuerGVR, credentialIssuerNamespaceName, expectedCredentialIssuer)
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions()) r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions())
}) })
}) })
@ -475,17 +475,17 @@ func TestManagerControllerSync(t *testing.T) {
requireDynamicCertProviderHasDefaultValues() requireDynamicCertProviderHasDefaultValues()
}) })
it("creates or updates the the CredentialIssuerConfig status field with an error", func() { it("creates or updates the the CredentialIssuer status field with an error", func() {
r.EqualError(controllerlib.TestSync(t, subject, *syncContext), podExecErrorMessage) r.EqualError(controllerlib.TestSync(t, subject, *syncContext), podExecErrorMessage)
expectedCredentialIssuerConfig := &configv1alpha1.CredentialIssuerConfig{ expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{}, TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigResourceName, Name: credentialIssuerResourceName,
Namespace: credentialIssuerConfigNamespaceName, Namespace: credentialIssuerNamespaceName,
}, },
Status: configv1alpha1.CredentialIssuerConfigStatus{ Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerConfigStrategy{ Strategies: []configv1alpha1.CredentialIssuerStrategy{
{ {
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus, Status: configv1alpha1.ErrorStrategyStatus,
@ -496,8 +496,8 @@ func TestManagerControllerSync(t *testing.T) {
}, },
}, },
} }
expectedGetAction := coretesting.NewGetAction(credentialIssuerConfigGVR, credentialIssuerConfigNamespaceName, credentialIssuerConfigResourceName) expectedGetAction := coretesting.NewGetAction(credentialIssuerGVR, credentialIssuerNamespaceName, credentialIssuerResourceName)
expectedCreateAction := coretesting.NewCreateAction(credentialIssuerConfigGVR, credentialIssuerConfigNamespaceName, expectedCredentialIssuerConfig) expectedCreateAction := coretesting.NewCreateAction(credentialIssuerGVR, credentialIssuerNamespaceName, expectedCredentialIssuer)
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions()) r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions())
}) })
}) })

View File

@ -73,11 +73,11 @@ type AgentPodConfig struct {
AdditionalLabels map[string]string AdditionalLabels map[string]string
} }
type CredentialIssuerConfigLocationConfig struct { type CredentialIssuerLocationConfig struct {
// The namespace in which the CredentialIssuerConfig should be created/updated. // The namespace in which the CredentialIssuer should be created/updated.
Namespace string Namespace string
// The resource name for the CredentialIssuerConfig to be created/updated. // The resource name for the CredentialIssuer to be created/updated.
Name string Name string
} }
@ -283,35 +283,35 @@ func findControllerManagerPodForSpecificAgentPod(
return maybeControllerManagerPod, nil return maybeControllerManagerPod, nil
} }
func createOrUpdateCredentialIssuerConfig(ctx context.Context, func createOrUpdateCredentialIssuer(ctx context.Context,
cicConfig CredentialIssuerConfigLocationConfig, ciConfig CredentialIssuerLocationConfig,
credentialIssuerConfigLabels map[string]string, credentialIssuerLabels map[string]string,
clock clock.Clock, clock clock.Clock,
pinnipedAPIClient pinnipedclientset.Interface, pinnipedAPIClient pinnipedclientset.Interface,
err error, err error,
) error { ) error {
return issuerconfig.CreateOrUpdateCredentialIssuerConfig( return issuerconfig.CreateOrUpdateCredentialIssuer(
ctx, ctx,
cicConfig.Namespace, ciConfig.Namespace,
cicConfig.Name, ciConfig.Name,
credentialIssuerConfigLabels, credentialIssuerLabels,
pinnipedAPIClient, pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuerConfig) { func(configToUpdate *configv1alpha1.CredentialIssuer) {
var strategyResult configv1alpha1.CredentialIssuerConfigStrategy var strategyResult configv1alpha1.CredentialIssuerStrategy
if err == nil { if err == nil {
strategyResult = strategySuccess(clock) strategyResult = strategySuccess(clock)
} else { } else {
strategyResult = strategyError(clock, err) strategyResult = strategyError(clock, err)
} }
configToUpdate.Status.Strategies = []configv1alpha1.CredentialIssuerConfigStrategy{ configToUpdate.Status.Strategies = []configv1alpha1.CredentialIssuerStrategy{
strategyResult, strategyResult,
} }
}, },
) )
} }
func strategySuccess(clock clock.Clock) configv1alpha1.CredentialIssuerConfigStrategy { func strategySuccess(clock clock.Clock) configv1alpha1.CredentialIssuerStrategy {
return configv1alpha1.CredentialIssuerConfigStrategy{ return configv1alpha1.CredentialIssuerStrategy{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.SuccessStrategyStatus, Status: configv1alpha1.SuccessStrategyStatus,
Reason: configv1alpha1.FetchedKeyStrategyReason, Reason: configv1alpha1.FetchedKeyStrategyReason,
@ -320,8 +320,8 @@ func strategySuccess(clock clock.Clock) configv1alpha1.CredentialIssuerConfigStr
} }
} }
func strategyError(clock clock.Clock, err error) configv1alpha1.CredentialIssuerConfigStrategy { func strategyError(clock clock.Clock, err error) configv1alpha1.CredentialIssuerStrategy {
return configv1alpha1.CredentialIssuerConfigStrategy{ return configv1alpha1.CredentialIssuerStrategy{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.ErrorStrategyStatus, Status: configv1alpha1.ErrorStrategyStatus,
Reason: configv1alpha1.CouldNotFetchKeyStrategyReason, Reason: configv1alpha1.CouldNotFetchKeyStrategyReason,

View File

@ -131,7 +131,7 @@ func defineSharedKubecertagentFilterSpecs(
name string, name string,
newFunc func( newFunc func(
agentPodConfig *AgentPodConfig, agentPodConfig *AgentPodConfig,
credentialIssuerConfigLocationConfig *CredentialIssuerConfigLocationConfig, credentialIssuerLocationConfig *CredentialIssuerLocationConfig,
kubeSystemPodInformer corev1informers.PodInformer, kubeSystemPodInformer corev1informers.PodInformer,
agentPodInformer corev1informers.PodInformer, agentPodInformer corev1informers.PodInformer,
observableWithInformerOption *testutil.ObservableWithInformerOption, observableWithInformerOption *testutil.ObservableWithInformerOption,
@ -149,7 +149,7 @@ func defineSharedKubecertagentFilterSpecs(
kubeSystemPodInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().Pods() kubeSystemPodInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().Pods()
agentPodInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().Pods() agentPodInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().Pods()
observableWithInformerOption := testutil.NewObservableWithInformerOption() observableWithInformerOption := testutil.NewObservableWithInformerOption()
newFunc(&AgentPodConfig{}, &CredentialIssuerConfigLocationConfig{}, kubeSystemPodInformer, agentPodInformer, observableWithInformerOption) newFunc(&AgentPodConfig{}, &CredentialIssuerLocationConfig{}, kubeSystemPodInformer, agentPodInformer, observableWithInformerOption)
kubeSystemPodInformerFilter = observableWithInformerOption.GetFilterForInformer(kubeSystemPodInformer) kubeSystemPodInformerFilter = observableWithInformerOption.GetFilterForInformer(kubeSystemPodInformer)
agentPodInformerFilter = observableWithInformerOption.GetFilterForInformer(agentPodInformer) agentPodInformerFilter = observableWithInformerOption.GetFilterForInformer(agentPodInformer)

View File

@ -101,9 +101,9 @@ func PrepareControllers(c *Config) (func(ctx context.Context), error) {
ContainerImagePullSecrets: c.KubeCertAgentConfig.ImagePullSecrets, ContainerImagePullSecrets: c.KubeCertAgentConfig.ImagePullSecrets,
AdditionalLabels: c.Labels, AdditionalLabels: c.Labels,
} }
credentialIssuerConfigLocationConfig := &kubecertagent.CredentialIssuerConfigLocationConfig{ credentialIssuerLocationConfig := &kubecertagent.CredentialIssuerLocationConfig{
Namespace: c.ServerInstallationNamespace, Namespace: c.ServerInstallationNamespace,
Name: c.NamesConfig.CredentialIssuerConfig, Name: c.NamesConfig.CredentialIssuer,
} }
// Create controller manager. // Create controller manager.
@ -111,11 +111,11 @@ func PrepareControllers(c *Config) (func(ctx context.Context), error) {
NewManager(). NewManager().
// KubeConfig info publishing controller is responsible for writing the KubeConfig information to the // KubeConfig info publishing controller is responsible for writing the KubeConfig information to the
// CredentialIssuerConfig resource and keeping that information up to date. // CredentialIssuer resource and keeping that information up to date.
WithController( WithController(
issuerconfig.NewKubeConfigInfoPublisherController( issuerconfig.NewKubeConfigInfoPublisherController(
c.ServerInstallationNamespace, c.ServerInstallationNamespace,
c.NamesConfig.CredentialIssuerConfig, c.NamesConfig.CredentialIssuer,
c.Labels, c.Labels,
c.DiscoveryURLOverride, c.DiscoveryURLOverride,
pinnipedClient, pinnipedClient,
@ -179,7 +179,7 @@ func PrepareControllers(c *Config) (func(ctx context.Context), error) {
WithController( WithController(
kubecertagent.NewCreaterController( kubecertagent.NewCreaterController(
agentPodConfig, agentPodConfig,
credentialIssuerConfigLocationConfig, credentialIssuerLocationConfig,
c.Labels, c.Labels,
clock.RealClock{}, clock.RealClock{},
k8sClient, k8sClient,
@ -194,7 +194,7 @@ func PrepareControllers(c *Config) (func(ctx context.Context), error) {
WithController( WithController(
kubecertagent.NewAnnotaterController( kubecertagent.NewAnnotaterController(
agentPodConfig, agentPodConfig,
credentialIssuerConfigLocationConfig, credentialIssuerLocationConfig,
clock.RealClock{}, clock.RealClock{},
k8sClient, k8sClient,
pinnipedClient, pinnipedClient,
@ -206,7 +206,7 @@ func PrepareControllers(c *Config) (func(ctx context.Context), error) {
). ).
WithController( WithController(
kubecertagent.NewExecerController( kubecertagent.NewExecerController(
credentialIssuerConfigLocationConfig, credentialIssuerLocationConfig,
c.DynamicSigningCertProvider, c.DynamicSigningCertProvider,
kubecertagent.NewPodCommandExecutor(kubeConfig, k8sClient), kubecertagent.NewPodCommandExecutor(kubeConfig, k8sClient),
pinnipedClient, pinnipedClient,

View File

@ -16,7 +16,7 @@ import (
"go.pinniped.dev/test/library" "go.pinniped.dev/test/library"
) )
func TestCredentialIssuerConfig(t *testing.T) { func TestCredentialIssuer(t *testing.T) {
env := library.IntegrationEnv(t) env := library.IntegrationEnv(t)
config := library.NewClientConfig(t) config := library.NewClientConfig(t)
client := library.NewConciergeClientset(t) client := library.NewConciergeClientset(t)
@ -24,10 +24,10 @@ func TestCredentialIssuerConfig(t *testing.T) {
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel() defer cancel()
t.Run("test successful CredentialIssuerConfig", func(t *testing.T) { t.Run("test successful CredentialIssuer", func(t *testing.T) {
actualConfigList, err := client. actualConfigList, err := client.
ConfigV1alpha1(). ConfigV1alpha1().
CredentialIssuerConfigs(env.ConciergeNamespace). CredentialIssuers(env.ConciergeNamespace).
List(ctx, metav1.ListOptions{}) List(ctx, metav1.ListOptions{})
require.NoError(t, err) require.NoError(t, err)
@ -37,7 +37,7 @@ func TestCredentialIssuerConfig(t *testing.T) {
actualStatusKubeConfigInfo := actualConfigList.Items[0].Status.KubeConfigInfo actualStatusKubeConfigInfo := actualConfigList.Items[0].Status.KubeConfigInfo
for k, v := range env.ConciergeCustomLabels { for k, v := range env.ConciergeCustomLabels {
require.Equalf(t, v, actualConfig.Labels[k], "expected cic to have label `%s: %s`", k, v) require.Equalf(t, v, actualConfig.Labels[k], "expected ci to have label `%s: %s`", k, v)
} }
require.Equal(t, env.ConciergeAppName, actualConfig.Labels["app"]) require.Equal(t, env.ConciergeAppName, actualConfig.Labels["app"])
@ -54,7 +54,7 @@ func TestCredentialIssuerConfig(t *testing.T) {
// Verify the published kube config info. // Verify the published kube config info.
require.Equal( require.Equal(
t, t,
&configv1alpha1.CredentialIssuerConfigKubeConfigInfo{ &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: config.Host, Server: config.Host,
CertificateAuthorityData: base64.StdEncoding.EncodeToString(config.TLSClientConfig.CAData), CertificateAuthorityData: base64.StdEncoding.EncodeToString(config.TLSClientConfig.CAData),
}, },

View File

@ -98,12 +98,11 @@ func TestGetAPIResourceList(t *testing.T) {
resourceByVersion: map[string][]metav1.APIResource{ resourceByVersion: map[string][]metav1.APIResource{
"config.concierge.pinniped.dev/v1alpha1": { "config.concierge.pinniped.dev/v1alpha1": {
{ {
Name: "credentialissuerconfigs", Name: "credentialissuers",
SingularName: "credentialissuerconfig", SingularName: "credentialissuer",
Namespaced: true, Namespaced: true,
Kind: "CredentialIssuerConfig", Kind: "CredentialIssuer",
Verbs: []string{"delete", "deletecollection", "get", "list", "patch", "create", "update", "watch"}, Verbs: []string{"delete", "deletecollection", "get", "list", "patch", "create", "update", "watch"},
ShortNames: []string{"cic"},
}, },
}, },
}, },