Merge branch 'main' into access_token_validation
This commit is contained in:
commit
65197d0f9d
@ -8,16 +8,13 @@ linters:
|
|||||||
disable-all: true
|
disable-all: true
|
||||||
enable:
|
enable:
|
||||||
# default linters
|
# default linters
|
||||||
- deadcode
|
|
||||||
- errcheck
|
- errcheck
|
||||||
- gosimple
|
- gosimple
|
||||||
- govet
|
- govet
|
||||||
- ineffassign
|
- ineffassign
|
||||||
- staticcheck
|
- staticcheck
|
||||||
- structcheck
|
|
||||||
- typecheck
|
- typecheck
|
||||||
- unused
|
- unused
|
||||||
- varcheck
|
|
||||||
|
|
||||||
# additional linters for this project (we should disable these if they get annoying).
|
# additional linters for this project (we should disable these if they get annoying).
|
||||||
- asciicheck
|
- asciicheck
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
# Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
# Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
FROM golang:1.18.3 as build-env
|
FROM golang:1.19.0 as build-env
|
||||||
|
|
||||||
WORKDIR /work
|
WORKDIR /work
|
||||||
COPY . .
|
COPY . .
|
||||||
@ -24,7 +24,7 @@ RUN \
|
|||||||
ln -s /usr/local/bin/pinniped-server /usr/local/bin/local-user-authenticator
|
ln -s /usr/local/bin/pinniped-server /usr/local/bin/local-user-authenticator
|
||||||
|
|
||||||
# Use a distroless runtime image with CA certificates, timezone data, and not much else.
|
# Use a distroless runtime image with CA certificates, timezone data, and not much else.
|
||||||
FROM gcr.io/distroless/static:nonroot@sha256:2556293984c5738fc75208cce52cf0a4762c709cf38e4bf8def65a61992da0ad
|
FROM gcr.io/distroless/static:nonroot@sha256:66cd130e90992bebb68b8735a72f8ad154d0cd4a6f3a8b76f1e372467818d1b4
|
||||||
|
|
||||||
# Copy the server binary from the build-env stage.
|
# Copy the server binary from the build-env stage.
|
||||||
COPY --from=build-env /usr/local/bin /usr/local/bin
|
COPY --from=build-env /usr/local/bin /usr/local/bin
|
||||||
|
@ -8,7 +8,6 @@ import (
|
|||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"io"
|
"io"
|
||||||
"io/ioutil"
|
|
||||||
"log"
|
"log"
|
||||||
"math"
|
"math"
|
||||||
"os"
|
"os"
|
||||||
@ -18,7 +17,7 @@ import (
|
|||||||
_ "go.pinniped.dev/internal/crypto/ptls"
|
_ "go.pinniped.dev/internal/crypto/ptls"
|
||||||
)
|
)
|
||||||
|
|
||||||
//nolint: gochecknoglobals // these are swapped during unit tests.
|
//nolint:gochecknoglobals // these are swapped during unit tests.
|
||||||
var (
|
var (
|
||||||
getenv = os.Getenv
|
getenv = os.Getenv
|
||||||
fail = log.Fatalf
|
fail = log.Fatalf
|
||||||
@ -35,11 +34,11 @@ func main() {
|
|||||||
case "sleep":
|
case "sleep":
|
||||||
sleep(math.MaxInt64)
|
sleep(math.MaxInt64)
|
||||||
case "print":
|
case "print":
|
||||||
certBytes, err := ioutil.ReadFile(getenv("CERT_PATH"))
|
certBytes, err := os.ReadFile(getenv("CERT_PATH"))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fail("could not read CERT_PATH: %v", err)
|
fail("could not read CERT_PATH: %v", err)
|
||||||
}
|
}
|
||||||
keyBytes, err := ioutil.ReadFile(getenv("KEY_PATH"))
|
keyBytes, err := os.ReadFile(getenv("KEY_PATH"))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fail("could not read KEY_PATH: %v", err)
|
fail("could not read KEY_PATH: %v", err)
|
||||||
}
|
}
|
||||||
|
@ -22,7 +22,7 @@ import (
|
|||||||
supervisor "go.pinniped.dev/internal/supervisor/server"
|
supervisor "go.pinniped.dev/internal/supervisor/server"
|
||||||
)
|
)
|
||||||
|
|
||||||
// nolint: gochecknoglobals // these are swapped during unit tests.
|
//nolint:gochecknoglobals // these are swapped during unit tests.
|
||||||
var (
|
var (
|
||||||
fail = plog.Fatal
|
fail = plog.Fatal
|
||||||
subcommands = map[string]func(){
|
subcommands = map[string]func(){
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package cmd
|
package cmd
|
||||||
@ -7,7 +7,7 @@ import (
|
|||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
)
|
)
|
||||||
|
|
||||||
//nolint: gochecknoglobals
|
//nolint:gochecknoglobals
|
||||||
var alphaCmd = &cobra.Command{
|
var alphaCmd = &cobra.Command{
|
||||||
Use: "alpha",
|
Use: "alpha",
|
||||||
Short: "alpha",
|
Short: "alpha",
|
||||||
@ -16,7 +16,7 @@ var alphaCmd = &cobra.Command{
|
|||||||
Hidden: true,
|
Hidden: true,
|
||||||
}
|
}
|
||||||
|
|
||||||
//nolint: gochecknoinits
|
//nolint:gochecknoinits
|
||||||
func init() {
|
func init() {
|
||||||
rootCmd.AddCommand(alphaCmd)
|
rootCmd.AddCommand(alphaCmd)
|
||||||
}
|
}
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2021 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package cmd
|
package cmd
|
||||||
@ -8,7 +8,7 @@ import (
|
|||||||
"crypto/x509"
|
"crypto/x509"
|
||||||
"flag"
|
"flag"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"os"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/spf13/pflag"
|
"github.com/spf13/pflag"
|
||||||
@ -85,7 +85,7 @@ func (f *caBundleFlag) String() string {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (f *caBundleFlag) Set(path string) error {
|
func (f *caBundleFlag) Set(path string) error {
|
||||||
pem, err := ioutil.ReadFile(path)
|
pem, err := os.ReadFile(path)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("could not read CA bundle path: %w", err)
|
return fmt.Errorf("could not read CA bundle path: %w", err)
|
||||||
}
|
}
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2021 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package cmd
|
package cmd
|
||||||
@ -6,7 +6,7 @@ package cmd
|
|||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
"time"
|
||||||
@ -54,10 +54,10 @@ func TestCABundleFlag(t *testing.T) {
|
|||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
tmpdir := testutil.TempDir(t)
|
tmpdir := testutil.TempDir(t)
|
||||||
emptyFilePath := filepath.Join(tmpdir, "empty")
|
emptyFilePath := filepath.Join(tmpdir, "empty")
|
||||||
require.NoError(t, ioutil.WriteFile(emptyFilePath, []byte{}, 0600))
|
require.NoError(t, os.WriteFile(emptyFilePath, []byte{}, 0600))
|
||||||
|
|
||||||
testCAPath := filepath.Join(tmpdir, "testca.pem")
|
testCAPath := filepath.Join(tmpdir, "testca.pem")
|
||||||
require.NoError(t, ioutil.WriteFile(testCAPath, testCA.Bundle(), 0600))
|
require.NoError(t, os.WriteFile(testCAPath, testCA.Bundle(), 0600))
|
||||||
|
|
||||||
f := caBundleFlag{}
|
f := caBundleFlag{}
|
||||||
require.Equal(t, "path", f.Type())
|
require.Equal(t, "path", f.Type())
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package cmd
|
package cmd
|
||||||
@ -14,7 +14,7 @@ import (
|
|||||||
"github.com/spf13/cobra/doc"
|
"github.com/spf13/cobra/doc"
|
||||||
)
|
)
|
||||||
|
|
||||||
//nolint: gochecknoinits
|
//nolint:gochecknoinits
|
||||||
func init() {
|
func init() {
|
||||||
rootCmd.AddCommand(generateMarkdownHelpCommand())
|
rootCmd.AddCommand(generateMarkdownHelpCommand())
|
||||||
}
|
}
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package cmd
|
package cmd
|
||||||
@ -7,10 +7,10 @@ import (
|
|||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
)
|
)
|
||||||
|
|
||||||
//nolint: gochecknoglobals
|
//nolint:gochecknoglobals
|
||||||
var getCmd = &cobra.Command{Use: "get", Short: "get"}
|
var getCmd = &cobra.Command{Use: "get", Short: "get"}
|
||||||
|
|
||||||
//nolint: gochecknoinits
|
//nolint:gochecknoinits
|
||||||
func init() {
|
func init() {
|
||||||
rootCmd.AddCommand(getCmd)
|
rootCmd.AddCommand(getCmd)
|
||||||
}
|
}
|
||||||
|
@ -10,7 +10,6 @@ import (
|
|||||||
"encoding/json"
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"io/ioutil"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"os"
|
"os"
|
||||||
"strconv"
|
"strconv"
|
||||||
@ -48,7 +47,7 @@ func kubeconfigRealDeps() kubeconfigDeps {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// nolint: gochecknoinits
|
//nolint:gochecknoinits
|
||||||
func init() {
|
func init() {
|
||||||
getCmd.AddCommand(kubeconfigCommand(kubeconfigRealDeps()))
|
getCmd.AddCommand(kubeconfigCommand(kubeconfigRealDeps()))
|
||||||
}
|
}
|
||||||
@ -717,7 +716,7 @@ func validateKubeconfig(ctx context.Context, flags getKubeconfigParams, kubeconf
|
|||||||
func countCACerts(pemData []byte) int {
|
func countCACerts(pemData []byte) int {
|
||||||
pool := x509.NewCertPool()
|
pool := x509.NewCertPool()
|
||||||
pool.AppendCertsFromPEM(pemData)
|
pool.AppendCertsFromPEM(pemData)
|
||||||
return len(pool.Subjects()) // nolint: staticcheck // not system cert pool
|
return len(pool.Subjects())
|
||||||
}
|
}
|
||||||
|
|
||||||
func hasPendingStrategy(credentialIssuer *configv1alpha1.CredentialIssuer) bool {
|
func hasPendingStrategy(credentialIssuer *configv1alpha1.CredentialIssuer) bool {
|
||||||
@ -815,7 +814,7 @@ func discoverAllAvailableSupervisorUpstreamIDPs(ctx context.Context, pinnipedIDP
|
|||||||
return nil, fmt.Errorf("unable to fetch IDP discovery data from issuer: unexpected http response status: %s", response.Status)
|
return nil, fmt.Errorf("unable to fetch IDP discovery data from issuer: unexpected http response status: %s", response.Status)
|
||||||
}
|
}
|
||||||
|
|
||||||
rawBody, err := ioutil.ReadAll(response.Body)
|
rawBody, err := io.ReadAll(response.Body)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("unable to fetch IDP discovery data from issuer: could not read response body: %w", err)
|
return nil, fmt.Errorf("unable to fetch IDP discovery data from issuer: could not read response body: %w", err)
|
||||||
}
|
}
|
||||||
|
@ -7,8 +7,8 @@ import (
|
|||||||
"bytes"
|
"bytes"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
"time"
|
||||||
@ -34,12 +34,12 @@ func TestGetKubeconfig(t *testing.T) {
|
|||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
tmpdir := testutil.TempDir(t)
|
tmpdir := testutil.TempDir(t)
|
||||||
testOIDCCABundlePath := filepath.Join(tmpdir, "testca.pem")
|
testOIDCCABundlePath := filepath.Join(tmpdir, "testca.pem")
|
||||||
require.NoError(t, ioutil.WriteFile(testOIDCCABundlePath, testOIDCCA.Bundle(), 0600))
|
require.NoError(t, os.WriteFile(testOIDCCABundlePath, testOIDCCA.Bundle(), 0600))
|
||||||
|
|
||||||
testConciergeCA, err := certauthority.New("Test Concierge CA", 1*time.Hour)
|
testConciergeCA, err := certauthority.New("Test Concierge CA", 1*time.Hour)
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
testConciergeCABundlePath := filepath.Join(tmpdir, "testconciergeca.pem")
|
testConciergeCABundlePath := filepath.Join(tmpdir, "testconciergeca.pem")
|
||||||
require.NoError(t, ioutil.WriteFile(testConciergeCABundlePath, testConciergeCA.Bundle(), 0600))
|
require.NoError(t, os.WriteFile(testConciergeCABundlePath, testConciergeCA.Bundle(), 0600))
|
||||||
|
|
||||||
credentialIssuer := func() runtime.Object {
|
credentialIssuer := func() runtime.Object {
|
||||||
return &configv1alpha1.CredentialIssuer{
|
return &configv1alpha1.CredentialIssuer{
|
||||||
@ -2889,7 +2889,7 @@ func TestGetKubeconfig(t *testing.T) {
|
|||||||
})
|
})
|
||||||
issuerEndpointPtr = &issuerEndpoint
|
issuerEndpointPtr = &issuerEndpoint
|
||||||
|
|
||||||
testLog := testlogger.NewLegacy(t) // nolint: staticcheck // old test with lots of log statements
|
testLog := testlogger.NewLegacy(t) //nolint:staticcheck // old test with lots of log statements
|
||||||
cmd := kubeconfigCommand(kubeconfigDeps{
|
cmd := kubeconfigCommand(kubeconfigDeps{
|
||||||
getPathToSelf: func() (string, error) {
|
getPathToSelf: func() (string, error) {
|
||||||
if tt.getPathToSelfErr != nil {
|
if tt.getPathToSelfErr != nil {
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package cmd
|
package cmd
|
||||||
@ -9,7 +9,7 @@ import (
|
|||||||
"k8s.io/client-go/tools/auth/exec"
|
"k8s.io/client-go/tools/auth/exec"
|
||||||
)
|
)
|
||||||
|
|
||||||
//nolint: gochecknoglobals
|
//nolint:gochecknoglobals
|
||||||
var loginCmd = &cobra.Command{
|
var loginCmd = &cobra.Command{
|
||||||
Use: "login",
|
Use: "login",
|
||||||
Short: "login",
|
Short: "login",
|
||||||
@ -18,7 +18,7 @@ var loginCmd = &cobra.Command{
|
|||||||
Hidden: true, // These commands are not really meant to be used directly by users, so it's confusing to have them discoverable.
|
Hidden: true, // These commands are not really meant to be used directly by users, so it's confusing to have them discoverable.
|
||||||
}
|
}
|
||||||
|
|
||||||
//nolint: gochecknoinits
|
//nolint:gochecknoinits
|
||||||
func init() {
|
func init() {
|
||||||
rootCmd.AddCommand(loginCmd)
|
rootCmd.AddCommand(loginCmd)
|
||||||
}
|
}
|
||||||
|
@ -9,7 +9,6 @@ import (
|
|||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
@ -41,7 +40,7 @@ const (
|
|||||||
upstreamIdentityProviderFlowEnvVarName = "PINNIPED_UPSTREAM_IDENTITY_PROVIDER_FLOW"
|
upstreamIdentityProviderFlowEnvVarName = "PINNIPED_UPSTREAM_IDENTITY_PROVIDER_FLOW"
|
||||||
)
|
)
|
||||||
|
|
||||||
// nolint: gochecknoinits
|
//nolint:gochecknoinits
|
||||||
func init() {
|
func init() {
|
||||||
loginCmd.AddCommand(oidcLoginCommand(oidcLoginCommandRealDeps()))
|
loginCmd.AddCommand(oidcLoginCommand(oidcLoginCommandRealDeps()))
|
||||||
}
|
}
|
||||||
@ -153,7 +152,7 @@ func runOIDCLogin(cmd *cobra.Command, deps oidcLoginCommandDeps, flags oidcLogin
|
|||||||
// Initialize the login handler.
|
// Initialize the login handler.
|
||||||
opts := []oidcclient.Option{
|
opts := []oidcclient.Option{
|
||||||
oidcclient.WithContext(cmd.Context()),
|
oidcclient.WithContext(cmd.Context()),
|
||||||
oidcclient.WithLogger(plog.Logr()), // nolint: staticcheck // old code with lots of log statements
|
oidcclient.WithLogger(plog.Logr()), //nolint:staticcheck // old code with lots of log statements
|
||||||
oidcclient.WithScopes(flags.scopes),
|
oidcclient.WithScopes(flags.scopes),
|
||||||
oidcclient.WithSessionCache(sessionCache),
|
oidcclient.WithSessionCache(sessionCache),
|
||||||
}
|
}
|
||||||
@ -317,7 +316,7 @@ func flowOptions(
|
|||||||
func makeClient(caBundlePaths []string, caBundleData []string) (*http.Client, error) {
|
func makeClient(caBundlePaths []string, caBundleData []string) (*http.Client, error) {
|
||||||
pool := x509.NewCertPool()
|
pool := x509.NewCertPool()
|
||||||
for _, p := range caBundlePaths {
|
for _, p := range caBundlePaths {
|
||||||
pem, err := ioutil.ReadFile(p)
|
pem, err := os.ReadFile(p)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("could not read --ca-bundle: %w", err)
|
return nil, fmt.Errorf("could not read --ca-bundle: %w", err)
|
||||||
}
|
}
|
||||||
@ -361,10 +360,14 @@ func SetLogLevel(ctx context.Context, lookupEnv func(string) (string, bool)) (pl
|
|||||||
return logger, nil
|
return logger, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// mustGetConfigDir returns a directory that follows the XDG base directory convention:
|
/*
|
||||||
// $XDG_CONFIG_HOME defines the base directory relative to which user specific configuration files should
|
mustGetConfigDir returns a directory that follows the XDG base directory convention:
|
||||||
// be stored. If $XDG_CONFIG_HOME is either not set or empty, a default equal to $HOME/.config should be used.
|
|
||||||
// [1] https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html
|
$XDG_CONFIG_HOME defines the base directory relative to which user specific configuration files should
|
||||||
|
be stored. If $XDG_CONFIG_HOME is either not set or empty, a default equal to $HOME/.config should be used.
|
||||||
|
|
||||||
|
[1] https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html
|
||||||
|
*/
|
||||||
func mustGetConfigDir() string {
|
func mustGetConfigDir() string {
|
||||||
const xdgAppName = "pinniped"
|
const xdgAppName = "pinniped"
|
||||||
|
|
||||||
|
@ -8,7 +8,7 @@ import (
|
|||||||
"context"
|
"context"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strings"
|
"strings"
|
||||||
"testing"
|
"testing"
|
||||||
@ -36,7 +36,7 @@ func TestLoginOIDCCommand(t *testing.T) {
|
|||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
tmpdir := testutil.TempDir(t)
|
tmpdir := testutil.TempDir(t)
|
||||||
testCABundlePath := filepath.Join(tmpdir, "testca.pem")
|
testCABundlePath := filepath.Join(tmpdir, "testca.pem")
|
||||||
require.NoError(t, ioutil.WriteFile(testCABundlePath, testCA.Bundle(), 0600))
|
require.NoError(t, os.WriteFile(testCABundlePath, testCA.Bundle(), 0600))
|
||||||
|
|
||||||
time1 := time.Date(3020, 10, 12, 13, 14, 15, 16, time.UTC)
|
time1 := time.Date(3020, 10, 12, 13, 14, 15, 16, time.UTC)
|
||||||
|
|
||||||
@ -483,8 +483,8 @@ func TestLoginOIDCCommand(t *testing.T) {
|
|||||||
wantOptionsCount: 4,
|
wantOptionsCount: 4,
|
||||||
wantStdout: `{"kind":"ExecCredential","apiVersion":"client.authentication.k8s.io/v1beta1","spec":{"interactive":false},"status":{"expirationTimestamp":"3020-10-12T13:14:15Z","token":"test-id-token"}}` + "\n",
|
wantStdout: `{"kind":"ExecCredential","apiVersion":"client.authentication.k8s.io/v1beta1","spec":{"interactive":false},"status":{"expirationTimestamp":"3020-10-12T13:14:15Z","token":"test-id-token"}}` + "\n",
|
||||||
wantLogs: []string{
|
wantLogs: []string{
|
||||||
nowStr + ` pinniped-login cmd/login_oidc.go:232 Performing OIDC login {"issuer": "test-issuer", "client id": "test-client-id"}`,
|
nowStr + ` pinniped-login cmd/login_oidc.go:231 Performing OIDC login {"issuer": "test-issuer", "client id": "test-client-id"}`,
|
||||||
nowStr + ` pinniped-login cmd/login_oidc.go:252 No concierge configured, skipping token credential exchange`,
|
nowStr + ` pinniped-login cmd/login_oidc.go:251 No concierge configured, skipping token credential exchange`,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@ -513,10 +513,10 @@ func TestLoginOIDCCommand(t *testing.T) {
|
|||||||
wantOptionsCount: 11,
|
wantOptionsCount: 11,
|
||||||
wantStdout: `{"kind":"ExecCredential","apiVersion":"client.authentication.k8s.io/v1beta1","spec":{"interactive":false},"status":{"token":"exchanged-token"}}` + "\n",
|
wantStdout: `{"kind":"ExecCredential","apiVersion":"client.authentication.k8s.io/v1beta1","spec":{"interactive":false},"status":{"token":"exchanged-token"}}` + "\n",
|
||||||
wantLogs: []string{
|
wantLogs: []string{
|
||||||
nowStr + ` pinniped-login cmd/login_oidc.go:232 Performing OIDC login {"issuer": "test-issuer", "client id": "test-client-id"}`,
|
nowStr + ` pinniped-login cmd/login_oidc.go:231 Performing OIDC login {"issuer": "test-issuer", "client id": "test-client-id"}`,
|
||||||
nowStr + ` pinniped-login cmd/login_oidc.go:242 Exchanging token for cluster credential {"endpoint": "https://127.0.0.1:1234/", "authenticator type": "webhook", "authenticator name": "test-authenticator"}`,
|
nowStr + ` pinniped-login cmd/login_oidc.go:241 Exchanging token for cluster credential {"endpoint": "https://127.0.0.1:1234/", "authenticator type": "webhook", "authenticator name": "test-authenticator"}`,
|
||||||
nowStr + ` pinniped-login cmd/login_oidc.go:250 Successfully exchanged token for cluster credential.`,
|
nowStr + ` pinniped-login cmd/login_oidc.go:249 Successfully exchanged token for cluster credential.`,
|
||||||
nowStr + ` pinniped-login cmd/login_oidc.go:257 caching cluster credential for future use.`,
|
nowStr + ` pinniped-login cmd/login_oidc.go:256 caching cluster credential for future use.`,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package cmd
|
package cmd
|
||||||
@ -21,7 +21,7 @@ import (
|
|||||||
"go.pinniped.dev/pkg/oidcclient/oidctypes"
|
"go.pinniped.dev/pkg/oidcclient/oidctypes"
|
||||||
)
|
)
|
||||||
|
|
||||||
// nolint: gochecknoinits
|
//nolint:gochecknoinits
|
||||||
func init() {
|
func init() {
|
||||||
loginCmd.AddCommand(staticLoginCommand(staticLoginRealDeps()))
|
loginCmd.AddCommand(staticLoginCommand(staticLoginRealDeps()))
|
||||||
}
|
}
|
||||||
|
@ -7,7 +7,7 @@ import (
|
|||||||
"bytes"
|
"bytes"
|
||||||
"context"
|
"context"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
"time"
|
||||||
@ -32,7 +32,7 @@ func TestLoginStaticCommand(t *testing.T) {
|
|||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
tmpdir := testutil.TempDir(t)
|
tmpdir := testutil.TempDir(t)
|
||||||
testCABundlePath := filepath.Join(tmpdir, "testca.pem")
|
testCABundlePath := filepath.Join(tmpdir, "testca.pem")
|
||||||
require.NoError(t, ioutil.WriteFile(testCABundlePath, testCA.Bundle(), 0600))
|
require.NoError(t, os.WriteFile(testCABundlePath, testCA.Bundle(), 0600))
|
||||||
|
|
||||||
now, err := time.Parse(time.RFC3339Nano, "2038-12-07T23:37:26.953313745Z")
|
now, err := time.Parse(time.RFC3339Nano, "2038-12-07T23:37:26.953313745Z")
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
@ -11,7 +11,7 @@ import (
|
|||||||
"go.pinniped.dev/internal/plog"
|
"go.pinniped.dev/internal/plog"
|
||||||
)
|
)
|
||||||
|
|
||||||
// nolint: gochecknoglobals
|
//nolint:gochecknoglobals
|
||||||
var rootCmd = &cobra.Command{
|
var rootCmd = &cobra.Command{
|
||||||
Use: "pinniped",
|
Use: "pinniped",
|
||||||
Short: "pinniped",
|
Short: "pinniped",
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package cmd
|
package cmd
|
||||||
@ -10,7 +10,7 @@ import (
|
|||||||
"k8s.io/component-base/version"
|
"k8s.io/component-base/version"
|
||||||
)
|
)
|
||||||
|
|
||||||
//nolint: gochecknoinits
|
//nolint:gochecknoinits
|
||||||
func init() {
|
func init() {
|
||||||
rootCmd.AddCommand(newVersionCommand())
|
rootCmd.AddCommand(newVersionCommand())
|
||||||
}
|
}
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2021 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package cmd
|
package cmd
|
||||||
@ -24,7 +24,7 @@ import (
|
|||||||
"go.pinniped.dev/internal/here"
|
"go.pinniped.dev/internal/here"
|
||||||
)
|
)
|
||||||
|
|
||||||
//nolint: gochecknoinits
|
//nolint:gochecknoinits
|
||||||
func init() {
|
func init() {
|
||||||
rootCmd.AddCommand(newWhoamiCommand(getRealConciergeClientset))
|
rootCmd.AddCommand(newWhoamiCommand(getRealConciergeClientset))
|
||||||
}
|
}
|
||||||
|
@ -13,7 +13,7 @@ import (
|
|||||||
_ "go.pinniped.dev/internal/crypto/ptls"
|
_ "go.pinniped.dev/internal/crypto/ptls"
|
||||||
)
|
)
|
||||||
|
|
||||||
// nolint: gochecknoinits
|
//nolint:gochecknoinits
|
||||||
func init() {
|
func init() {
|
||||||
// browsers like chrome like to write to our std out which breaks our JSON ExecCredential output
|
// browsers like chrome like to write to our std out which breaks our JSON ExecCredential output
|
||||||
// thus we redirect the browser's std out to our std err
|
// thus we redirect the browser's std out to our std err
|
||||||
|
4
generated/1.21/apis/go.mod
generated
4
generated/1.21/apis/go.mod
generated
@ -4,6 +4,6 @@ module go.pinniped.dev/generated/1.21/apis
|
|||||||
go 1.13
|
go 1.13
|
||||||
|
|
||||||
require (
|
require (
|
||||||
k8s.io/api v0.21.13
|
k8s.io/api v0.21.14
|
||||||
k8s.io/apimachinery v0.21.13
|
k8s.io/apimachinery v0.21.14
|
||||||
)
|
)
|
||||||
|
8
generated/1.21/apis/go.sum
generated
8
generated/1.21/apis/go.sum
generated
@ -147,10 +147,10 @@ gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
|
|||||||
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
|
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
|
||||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
|
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
|
||||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
k8s.io/api v0.21.13 h1:Re4jsBbegkuDCR31ZsdgOrzhWEEOpfjQIRsmGT+sPrs=
|
k8s.io/api v0.21.14 h1:5P/Yv95EhpU7rzgLqaDkoA1JeJmZ1Gv02GJTj9Nm7EM=
|
||||||
k8s.io/api v0.21.13/go.mod h1:Il0hsuHjexr4FplADa0xIXVM2j7+0Sk2ZJ1lq9RLpBw=
|
k8s.io/api v0.21.14/go.mod h1:fUA7ZgNoFEADCpwq0Bn35XZiurViVXp7Uw9n05UYEog=
|
||||||
k8s.io/apimachinery v0.21.13 h1:7fMsssnwIBILqMm0BHyoHJ+bTPXt6Yeyv110c0zAw+A=
|
k8s.io/apimachinery v0.21.14 h1:tC5klgLnEkSqcS4qJdKP+Cmm8gVdaY9Hu31+ozRgv6E=
|
||||||
k8s.io/apimachinery v0.21.13/go.mod h1:NI5S3z6+ZZ6Da3whzPF+MnJCjU1NyLuTq9WnKIj5I20=
|
k8s.io/apimachinery v0.21.14/go.mod h1:NI5S3z6+ZZ6Da3whzPF+MnJCjU1NyLuTq9WnKIj5I20=
|
||||||
k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
|
k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
|
||||||
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
||||||
k8s.io/klog/v2 v2.9.0 h1:D7HV+n1V57XeZ0m6tdRkfknthUaM06VFbWldOFh8kzM=
|
k8s.io/klog/v2 v2.9.0 h1:D7HV+n1V57XeZ0m6tdRkfknthUaM06VFbWldOFh8kzM=
|
||||||
|
4
generated/1.21/client/go.mod
generated
4
generated/1.21/client/go.mod
generated
@ -5,8 +5,8 @@ go 1.13
|
|||||||
|
|
||||||
require (
|
require (
|
||||||
go.pinniped.dev/generated/1.21/apis v0.0.0
|
go.pinniped.dev/generated/1.21/apis v0.0.0
|
||||||
k8s.io/apimachinery v0.21.13
|
k8s.io/apimachinery v0.21.14
|
||||||
k8s.io/client-go v0.21.13
|
k8s.io/client-go v0.21.14
|
||||||
)
|
)
|
||||||
|
|
||||||
replace go.pinniped.dev/generated/1.21/apis => ../apis
|
replace go.pinniped.dev/generated/1.21/apis => ../apis
|
||||||
|
12
generated/1.21/client/go.sum
generated
12
generated/1.21/client/go.sum
generated
@ -401,12 +401,12 @@ honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWh
|
|||||||
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
|
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
|
||||||
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||||
k8s.io/api v0.21.13 h1:Re4jsBbegkuDCR31ZsdgOrzhWEEOpfjQIRsmGT+sPrs=
|
k8s.io/api v0.21.14 h1:5P/Yv95EhpU7rzgLqaDkoA1JeJmZ1Gv02GJTj9Nm7EM=
|
||||||
k8s.io/api v0.21.13/go.mod h1:Il0hsuHjexr4FplADa0xIXVM2j7+0Sk2ZJ1lq9RLpBw=
|
k8s.io/api v0.21.14/go.mod h1:fUA7ZgNoFEADCpwq0Bn35XZiurViVXp7Uw9n05UYEog=
|
||||||
k8s.io/apimachinery v0.21.13 h1:7fMsssnwIBILqMm0BHyoHJ+bTPXt6Yeyv110c0zAw+A=
|
k8s.io/apimachinery v0.21.14 h1:tC5klgLnEkSqcS4qJdKP+Cmm8gVdaY9Hu31+ozRgv6E=
|
||||||
k8s.io/apimachinery v0.21.13/go.mod h1:NI5S3z6+ZZ6Da3whzPF+MnJCjU1NyLuTq9WnKIj5I20=
|
k8s.io/apimachinery v0.21.14/go.mod h1:NI5S3z6+ZZ6Da3whzPF+MnJCjU1NyLuTq9WnKIj5I20=
|
||||||
k8s.io/client-go v0.21.13 h1:cUrPH3Nns3d3vhhweOV3/uqNAz9Fc8FKdvq1Zt44gPs=
|
k8s.io/client-go v0.21.14 h1:wTEWP4YIfMQizrLd8igYc8yyj3f4wzY9fr3SmMqWimU=
|
||||||
k8s.io/client-go v0.21.13/go.mod h1:XaXNCeRPYqj+M2PU9fU6c7c+agvhSh+DpRFaBhbezhg=
|
k8s.io/client-go v0.21.14/go.mod h1:jQRH8Oltg5abxLmZDZirSNQY4vnrBh9Ri4Pfd9StdoA=
|
||||||
k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
|
k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
|
||||||
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
||||||
k8s.io/klog/v2 v2.9.0 h1:D7HV+n1V57XeZ0m6tdRkfknthUaM06VFbWldOFh8kzM=
|
k8s.io/klog/v2 v2.9.0 h1:D7HV+n1V57XeZ0m6tdRkfknthUaM06VFbWldOFh8kzM=
|
||||||
|
4
generated/1.22/apis/go.mod
generated
4
generated/1.22/apis/go.mod
generated
@ -4,6 +4,6 @@ module go.pinniped.dev/generated/1.22/apis
|
|||||||
go 1.13
|
go 1.13
|
||||||
|
|
||||||
require (
|
require (
|
||||||
k8s.io/api v0.22.10
|
k8s.io/api v0.22.12
|
||||||
k8s.io/apimachinery v0.22.10
|
k8s.io/apimachinery v0.22.12
|
||||||
)
|
)
|
||||||
|
8
generated/1.22/apis/go.sum
generated
8
generated/1.22/apis/go.sum
generated
@ -205,10 +205,10 @@ gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v
|
|||||||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
k8s.io/api v0.22.10 h1:gnNb/RabQ+YJQumeyKFCo2yc/E/Oo3qN8rTqovHqYFo=
|
k8s.io/api v0.22.12 h1:HV4VjUSd7dTbKpop+1klDpRrLnXwN67oB0B+8abaH1k=
|
||||||
k8s.io/api v0.22.10/go.mod h1:uT4t8fd7qI503LrFXs0sHOBmOInJ3E3jCsRLoXV6Pys=
|
k8s.io/api v0.22.12/go.mod h1:hq8Rf/y5AFS0k0aVBAZu0Zj9EjymBPqPqtv4oXaSfXM=
|
||||||
k8s.io/apimachinery v0.22.10 h1:j6e3uKe0H7Dxgj7Hzj17IZJoSPLSMhptfmeGwvtPclE=
|
k8s.io/apimachinery v0.22.12 h1:yTZH8GEKWVm1/zpcBzbPBSxJ/kVlP1GDL75IFEnjOqw=
|
||||||
k8s.io/apimachinery v0.22.10/go.mod h1:ZvVLP5iLhwVFg2Yx9Gh5W0um0DUauExbRhe+2Z8I1EU=
|
k8s.io/apimachinery v0.22.12/go.mod h1:ZvVLP5iLhwVFg2Yx9Gh5W0um0DUauExbRhe+2Z8I1EU=
|
||||||
k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
|
k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
|
||||||
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
||||||
k8s.io/klog/v2 v2.9.0 h1:D7HV+n1V57XeZ0m6tdRkfknthUaM06VFbWldOFh8kzM=
|
k8s.io/klog/v2 v2.9.0 h1:D7HV+n1V57XeZ0m6tdRkfknthUaM06VFbWldOFh8kzM=
|
||||||
|
4
generated/1.22/client/go.mod
generated
4
generated/1.22/client/go.mod
generated
@ -5,8 +5,8 @@ go 1.13
|
|||||||
|
|
||||||
require (
|
require (
|
||||||
go.pinniped.dev/generated/1.22/apis v0.0.0
|
go.pinniped.dev/generated/1.22/apis v0.0.0
|
||||||
k8s.io/apimachinery v0.22.10
|
k8s.io/apimachinery v0.22.12
|
||||||
k8s.io/client-go v0.22.10
|
k8s.io/client-go v0.22.12
|
||||||
)
|
)
|
||||||
|
|
||||||
replace go.pinniped.dev/generated/1.22/apis => ../apis
|
replace go.pinniped.dev/generated/1.22/apis => ../apis
|
||||||
|
12
generated/1.22/client/go.sum
generated
12
generated/1.22/client/go.sum
generated
@ -427,12 +427,12 @@ honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWh
|
|||||||
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
|
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
|
||||||
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||||
k8s.io/api v0.22.10 h1:gnNb/RabQ+YJQumeyKFCo2yc/E/Oo3qN8rTqovHqYFo=
|
k8s.io/api v0.22.12 h1:HV4VjUSd7dTbKpop+1klDpRrLnXwN67oB0B+8abaH1k=
|
||||||
k8s.io/api v0.22.10/go.mod h1:uT4t8fd7qI503LrFXs0sHOBmOInJ3E3jCsRLoXV6Pys=
|
k8s.io/api v0.22.12/go.mod h1:hq8Rf/y5AFS0k0aVBAZu0Zj9EjymBPqPqtv4oXaSfXM=
|
||||||
k8s.io/apimachinery v0.22.10 h1:j6e3uKe0H7Dxgj7Hzj17IZJoSPLSMhptfmeGwvtPclE=
|
k8s.io/apimachinery v0.22.12 h1:yTZH8GEKWVm1/zpcBzbPBSxJ/kVlP1GDL75IFEnjOqw=
|
||||||
k8s.io/apimachinery v0.22.10/go.mod h1:ZvVLP5iLhwVFg2Yx9Gh5W0um0DUauExbRhe+2Z8I1EU=
|
k8s.io/apimachinery v0.22.12/go.mod h1:ZvVLP5iLhwVFg2Yx9Gh5W0um0DUauExbRhe+2Z8I1EU=
|
||||||
k8s.io/client-go v0.22.10 h1:HMRbhtR5JCkYsZlyRTFz8qWbgXbDKXFWisp7xPmQ/YQ=
|
k8s.io/client-go v0.22.12 h1:bzrRaanClLWgWSTH4rXFneXoiaXN4HepjIBlCZdfdqs=
|
||||||
k8s.io/client-go v0.22.10/go.mod h1:fsvH0pIppH4qY/7qB41mi1tgSUTid5YzHtglTQgYx/s=
|
k8s.io/client-go v0.22.12/go.mod h1:/hziHTGMHw5AuX8zVgY06v29t6F5B5+kROh58nOD+J0=
|
||||||
k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
|
k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
|
||||||
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
||||||
k8s.io/klog/v2 v2.9.0 h1:D7HV+n1V57XeZ0m6tdRkfknthUaM06VFbWldOFh8kzM=
|
k8s.io/klog/v2 v2.9.0 h1:D7HV+n1V57XeZ0m6tdRkfknthUaM06VFbWldOFh8kzM=
|
||||||
|
4
generated/1.23/apis/go.mod
generated
4
generated/1.23/apis/go.mod
generated
@ -4,6 +4,6 @@ module go.pinniped.dev/generated/1.23/apis
|
|||||||
go 1.13
|
go 1.13
|
||||||
|
|
||||||
require (
|
require (
|
||||||
k8s.io/api v0.23.7
|
k8s.io/api v0.23.9
|
||||||
k8s.io/apimachinery v0.23.7
|
k8s.io/apimachinery v0.23.9
|
||||||
)
|
)
|
||||||
|
8
generated/1.23/apis/go.sum
generated
8
generated/1.23/apis/go.sum
generated
@ -219,10 +219,10 @@ gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v
|
|||||||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
k8s.io/api v0.23.7 h1:UxFan6t0yTTgEKffoEEXUcLdhzAXf/yqTaz/XU7stzg=
|
k8s.io/api v0.23.9 h1:v7Ee2CZuyb6rVm1q4bUe7ZonWleLsrvgcOTxPGjQVa4=
|
||||||
k8s.io/api v0.23.7/go.mod h1:Jn7OvVwrE77fPvtdXjEAjfS6KR5l4oTW8CfksHgZBUw=
|
k8s.io/api v0.23.9/go.mod h1:r4g0GrGdLgwSYB90qgO4tBrbKtALBhUfut+oFt4ikCc=
|
||||||
k8s.io/apimachinery v0.23.7 h1:IV0+rdF4U+8j7FY6jTw394JsISeHYNAQ7pblZyFfyvw=
|
k8s.io/apimachinery v0.23.9 h1:u9Pu7Ffe+9+QJUemtNjuCwvHSnOUeYEwgSHV+88Ne0g=
|
||||||
k8s.io/apimachinery v0.23.7/go.mod h1:BEuFMMBaIbcOqVIJqNZJXGFTP4W6AycEpb5+m/97hrM=
|
k8s.io/apimachinery v0.23.9/go.mod h1:BEuFMMBaIbcOqVIJqNZJXGFTP4W6AycEpb5+m/97hrM=
|
||||||
k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
|
k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
|
||||||
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
||||||
k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
|
k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
|
||||||
|
4
generated/1.23/client/go.mod
generated
4
generated/1.23/client/go.mod
generated
@ -5,8 +5,8 @@ go 1.13
|
|||||||
|
|
||||||
require (
|
require (
|
||||||
go.pinniped.dev/generated/1.23/apis v0.0.0
|
go.pinniped.dev/generated/1.23/apis v0.0.0
|
||||||
k8s.io/apimachinery v0.23.7
|
k8s.io/apimachinery v0.23.9
|
||||||
k8s.io/client-go v0.23.7
|
k8s.io/client-go v0.23.9
|
||||||
)
|
)
|
||||||
|
|
||||||
replace go.pinniped.dev/generated/1.23/apis => ../apis
|
replace go.pinniped.dev/generated/1.23/apis => ../apis
|
||||||
|
12
generated/1.23/client/go.sum
generated
12
generated/1.23/client/go.sum
generated
@ -593,12 +593,12 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
|
|||||||
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
|
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
|
||||||
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||||
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||||
k8s.io/api v0.23.7 h1:UxFan6t0yTTgEKffoEEXUcLdhzAXf/yqTaz/XU7stzg=
|
k8s.io/api v0.23.9 h1:v7Ee2CZuyb6rVm1q4bUe7ZonWleLsrvgcOTxPGjQVa4=
|
||||||
k8s.io/api v0.23.7/go.mod h1:Jn7OvVwrE77fPvtdXjEAjfS6KR5l4oTW8CfksHgZBUw=
|
k8s.io/api v0.23.9/go.mod h1:r4g0GrGdLgwSYB90qgO4tBrbKtALBhUfut+oFt4ikCc=
|
||||||
k8s.io/apimachinery v0.23.7 h1:IV0+rdF4U+8j7FY6jTw394JsISeHYNAQ7pblZyFfyvw=
|
k8s.io/apimachinery v0.23.9 h1:u9Pu7Ffe+9+QJUemtNjuCwvHSnOUeYEwgSHV+88Ne0g=
|
||||||
k8s.io/apimachinery v0.23.7/go.mod h1:BEuFMMBaIbcOqVIJqNZJXGFTP4W6AycEpb5+m/97hrM=
|
k8s.io/apimachinery v0.23.9/go.mod h1:BEuFMMBaIbcOqVIJqNZJXGFTP4W6AycEpb5+m/97hrM=
|
||||||
k8s.io/client-go v0.23.7 h1:BZRzGOsLxjloMgSsiYjMIfkPMNXNjvOcjxuJou9rT3Q=
|
k8s.io/client-go v0.23.9 h1:OKxNCL+nhw7UBB5b01OVuAV4Db/AdBdaV6/GYpucuOw=
|
||||||
k8s.io/client-go v0.23.7/go.mod h1:GK1rjayM170nhnehxm2wtHNZIAL0ZZyoUHmd5et1Egw=
|
k8s.io/client-go v0.23.9/go.mod h1:sNo0X0MZqo4Uu0qDY5Fl5Y60cJFinBDWWUBOAM5JUCM=
|
||||||
k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
|
k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
|
||||||
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
||||||
k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
|
k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
|
||||||
|
4
generated/1.24/apis/go.mod
generated
4
generated/1.24/apis/go.mod
generated
@ -4,6 +4,6 @@ module go.pinniped.dev/generated/1.24/apis
|
|||||||
go 1.13
|
go 1.13
|
||||||
|
|
||||||
require (
|
require (
|
||||||
k8s.io/api v0.24.1
|
k8s.io/api v0.24.3
|
||||||
k8s.io/apimachinery v0.24.1
|
k8s.io/apimachinery v0.24.3
|
||||||
)
|
)
|
||||||
|
8
generated/1.24/apis/go.sum
generated
8
generated/1.24/apis/go.sum
generated
@ -219,10 +219,10 @@ gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v
|
|||||||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
k8s.io/api v0.24.1 h1:BjCMRDcyEYz03joa3K1+rbshwh1Ay6oB53+iUx2H8UY=
|
k8s.io/api v0.24.3 h1:tt55QEmKd6L2k5DP6G/ZzdMQKvG5ro4H4teClqm0sTY=
|
||||||
k8s.io/api v0.24.1/go.mod h1:JhoOvNiLXKTPQ60zh2g0ewpA+bnEYf5q44Flhquh4vQ=
|
k8s.io/api v0.24.3/go.mod h1:elGR/XSZrS7z7cSZPzVWaycpJuGIw57j9b95/1PdJNI=
|
||||||
k8s.io/apimachinery v0.24.1 h1:ShD4aDxTQKN5zNf8K1RQ2u98ELLdIW7jEnlO9uAMX/I=
|
k8s.io/apimachinery v0.24.3 h1:hrFiNSA2cBZqllakVYyH/VyEh4B581bQRmqATJSeQTg=
|
||||||
k8s.io/apimachinery v0.24.1/go.mod h1:82Bi4sCzVBdpYjyI4jY6aHX+YCUchUIrZrXKedjd2UM=
|
k8s.io/apimachinery v0.24.3/go.mod h1:82Bi4sCzVBdpYjyI4jY6aHX+YCUchUIrZrXKedjd2UM=
|
||||||
k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
|
k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
|
||||||
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
||||||
k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
|
k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
|
||||||
|
4
generated/1.24/client/go.mod
generated
4
generated/1.24/client/go.mod
generated
@ -5,8 +5,8 @@ go 1.13
|
|||||||
|
|
||||||
require (
|
require (
|
||||||
go.pinniped.dev/generated/1.24/apis v0.0.0
|
go.pinniped.dev/generated/1.24/apis v0.0.0
|
||||||
k8s.io/apimachinery v0.24.1
|
k8s.io/apimachinery v0.24.3
|
||||||
k8s.io/client-go v0.24.1
|
k8s.io/client-go v0.24.3
|
||||||
)
|
)
|
||||||
|
|
||||||
replace go.pinniped.dev/generated/1.24/apis => ../apis
|
replace go.pinniped.dev/generated/1.24/apis => ../apis
|
||||||
|
12
generated/1.24/client/go.sum
generated
12
generated/1.24/client/go.sum
generated
@ -610,12 +610,12 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
|
|||||||
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
|
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
|
||||||
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||||
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||||
k8s.io/api v0.24.1 h1:BjCMRDcyEYz03joa3K1+rbshwh1Ay6oB53+iUx2H8UY=
|
k8s.io/api v0.24.3 h1:tt55QEmKd6L2k5DP6G/ZzdMQKvG5ro4H4teClqm0sTY=
|
||||||
k8s.io/api v0.24.1/go.mod h1:JhoOvNiLXKTPQ60zh2g0ewpA+bnEYf5q44Flhquh4vQ=
|
k8s.io/api v0.24.3/go.mod h1:elGR/XSZrS7z7cSZPzVWaycpJuGIw57j9b95/1PdJNI=
|
||||||
k8s.io/apimachinery v0.24.1 h1:ShD4aDxTQKN5zNf8K1RQ2u98ELLdIW7jEnlO9uAMX/I=
|
k8s.io/apimachinery v0.24.3 h1:hrFiNSA2cBZqllakVYyH/VyEh4B581bQRmqATJSeQTg=
|
||||||
k8s.io/apimachinery v0.24.1/go.mod h1:82Bi4sCzVBdpYjyI4jY6aHX+YCUchUIrZrXKedjd2UM=
|
k8s.io/apimachinery v0.24.3/go.mod h1:82Bi4sCzVBdpYjyI4jY6aHX+YCUchUIrZrXKedjd2UM=
|
||||||
k8s.io/client-go v0.24.1 h1:w1hNdI9PFrzu3OlovVeTnf4oHDt+FJLd9Ndluvnb42E=
|
k8s.io/client-go v0.24.3 h1:Nl1840+6p4JqkFWEW2LnMKU667BUxw03REfLAVhuKQY=
|
||||||
k8s.io/client-go v0.24.1/go.mod h1:f1kIDqcEYmwXS/vTbbhopMUbhKp2JhOeVTfxgaCIlF8=
|
k8s.io/client-go v0.24.3/go.mod h1:AAovolf5Z9bY1wIg2FZ8LPQlEdKHjLI7ZD4rw920BJw=
|
||||||
k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
|
k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
|
||||||
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
||||||
k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
|
k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
|
||||||
|
1355
generated/1.25/README.adoc
generated
Normal file
1355
generated/1.25/README.adoc
generated
Normal file
File diff suppressed because it is too large
Load Diff
10
generated/1.25/apis/concierge/authentication/v1alpha1/doc.go
generated
Normal file
10
generated/1.25/apis/concierge/authentication/v1alpha1/doc.go
generated
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// +k8s:openapi-gen=true
|
||||||
|
// +k8s:deepcopy-gen=package
|
||||||
|
// +k8s:defaulter-gen=TypeMeta
|
||||||
|
// +groupName=authentication.concierge.pinniped.dev
|
||||||
|
|
||||||
|
// Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API.
|
||||||
|
package v1alpha1
|
45
generated/1.25/apis/concierge/authentication/v1alpha1/register.go
generated
Normal file
45
generated/1.25/apis/concierge/authentication/v1alpha1/register.go
generated
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime/schema"
|
||||||
|
)
|
||||||
|
|
||||||
|
const GroupName = "authentication.concierge.pinniped.dev"
|
||||||
|
|
||||||
|
// SchemeGroupVersion is group version used to register these objects.
|
||||||
|
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
|
||||||
|
|
||||||
|
var (
|
||||||
|
SchemeBuilder runtime.SchemeBuilder
|
||||||
|
localSchemeBuilder = &SchemeBuilder
|
||||||
|
AddToScheme = localSchemeBuilder.AddToScheme
|
||||||
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
// We only register manually written functions here. The registration of the
|
||||||
|
// generated functions takes place in the generated files. The separation
|
||||||
|
// makes the code compile even when the generated files are missing.
|
||||||
|
localSchemeBuilder.Register(addKnownTypes)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Adds the list of known types to the given scheme.
|
||||||
|
func addKnownTypes(scheme *runtime.Scheme) error {
|
||||||
|
scheme.AddKnownTypes(SchemeGroupVersion,
|
||||||
|
&WebhookAuthenticator{},
|
||||||
|
&WebhookAuthenticatorList{},
|
||||||
|
&JWTAuthenticator{},
|
||||||
|
&JWTAuthenticatorList{},
|
||||||
|
)
|
||||||
|
metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Resource takes an unqualified resource and returns a Group qualified GroupResource.
|
||||||
|
func Resource(resource string) schema.GroupResource {
|
||||||
|
return SchemeGroupVersion.WithResource(resource).GroupResource()
|
||||||
|
}
|
85
generated/1.25/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go
generated
Normal file
85
generated/1.25/apis/concierge/authentication/v1alpha1/types_jwtauthenticator.go
generated
Normal file
@ -0,0 +1,85 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
|
||||||
|
// Status of a JWT authenticator.
|
||||||
|
type JWTAuthenticatorStatus struct {
|
||||||
|
// Represents the observations of the authenticator's current state.
|
||||||
|
// +patchMergeKey=type
|
||||||
|
// +patchStrategy=merge
|
||||||
|
// +listType=map
|
||||||
|
// +listMapKey=type
|
||||||
|
Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Spec for configuring a JWT authenticator.
|
||||||
|
type JWTAuthenticatorSpec struct {
|
||||||
|
// Issuer is the OIDC issuer URL that will be used to discover public signing keys. Issuer is
|
||||||
|
// also used to validate the "iss" JWT claim.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
// +kubebuilder:validation:Pattern=`^https://`
|
||||||
|
Issuer string `json:"issuer"`
|
||||||
|
|
||||||
|
// Audience is the required value of the "aud" JWT claim.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
Audience string `json:"audience"`
|
||||||
|
|
||||||
|
// Claims allows customization of the claims that will be mapped to user identity
|
||||||
|
// for Kubernetes access.
|
||||||
|
// +optional
|
||||||
|
Claims JWTTokenClaims `json:"claims"`
|
||||||
|
|
||||||
|
// TLS configuration for communicating with the OIDC provider.
|
||||||
|
// +optional
|
||||||
|
TLS *TLSSpec `json:"tls,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// JWTTokenClaims allows customization of the claims that will be mapped to user identity
|
||||||
|
// for Kubernetes access.
|
||||||
|
type JWTTokenClaims struct {
|
||||||
|
// Groups is the name of the claim which should be read to extract the user's
|
||||||
|
// group membership from the JWT token. When not specified, it will default to "groups".
|
||||||
|
// +optional
|
||||||
|
Groups string `json:"groups"`
|
||||||
|
|
||||||
|
// Username is the name of the claim which should be read to extract the
|
||||||
|
// username from the JWT token. When not specified, it will default to "username".
|
||||||
|
// +optional
|
||||||
|
Username string `json:"username"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// JWTAuthenticator describes the configuration of a JWT authenticator.
|
||||||
|
//
|
||||||
|
// Upon receiving a signed JWT, a JWTAuthenticator will performs some validation on it (e.g., valid
|
||||||
|
// signature, existence of claims, etc.) and extract the username and groups from the token.
|
||||||
|
//
|
||||||
|
// +genclient
|
||||||
|
// +genclient:nonNamespaced
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
// +kubebuilder:resource:categories=pinniped;pinniped-authenticator;pinniped-authenticators,scope=Cluster
|
||||||
|
// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer`
|
||||||
|
// +kubebuilder:printcolumn:name="Audience",type=string,JSONPath=`.spec.audience`
|
||||||
|
// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`
|
||||||
|
// +kubebuilder:subresource:status
|
||||||
|
type JWTAuthenticator struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
// Spec for configuring the authenticator.
|
||||||
|
Spec JWTAuthenticatorSpec `json:"spec"`
|
||||||
|
|
||||||
|
// Status of the authenticator.
|
||||||
|
Status JWTAuthenticatorStatus `json:"status,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// List of JWTAuthenticator objects.
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
type JWTAuthenticatorList struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ListMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
Items []JWTAuthenticator `json:"items"`
|
||||||
|
}
|
75
generated/1.25/apis/concierge/authentication/v1alpha1/types_meta.go
generated
Normal file
75
generated/1.25/apis/concierge/authentication/v1alpha1/types_meta.go
generated
Normal file
@ -0,0 +1,75 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
|
||||||
|
// ConditionStatus is effectively an enum type for Condition.Status.
|
||||||
|
type ConditionStatus string
|
||||||
|
|
||||||
|
// These are valid condition statuses. "ConditionTrue" means a resource is in the condition.
|
||||||
|
// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes
|
||||||
|
// can't decide if a resource is in the condition or not. In the future, we could add other
|
||||||
|
// intermediate conditions, e.g. ConditionDegraded.
|
||||||
|
const (
|
||||||
|
ConditionTrue ConditionStatus = "True"
|
||||||
|
ConditionFalse ConditionStatus = "False"
|
||||||
|
ConditionUnknown ConditionStatus = "Unknown"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API
|
||||||
|
// version we can switch to using the upstream type.
|
||||||
|
// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413.
|
||||||
|
type Condition struct {
|
||||||
|
// type of condition in CamelCase or in foo.example.com/CamelCase.
|
||||||
|
// ---
|
||||||
|
// Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
||||||
|
// useful (see .node.status.conditions), the ability to deconflict is important.
|
||||||
|
// The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
||||||
|
// +required
|
||||||
|
// +kubebuilder:validation:Required
|
||||||
|
// +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$`
|
||||||
|
// +kubebuilder:validation:MaxLength=316
|
||||||
|
Type string `json:"type"`
|
||||||
|
|
||||||
|
// status of the condition, one of True, False, Unknown.
|
||||||
|
// +required
|
||||||
|
// +kubebuilder:validation:Required
|
||||||
|
// +kubebuilder:validation:Enum=True;False;Unknown
|
||||||
|
Status ConditionStatus `json:"status"`
|
||||||
|
|
||||||
|
// observedGeneration represents the .metadata.generation that the condition was set based upon.
|
||||||
|
// For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
||||||
|
// with respect to the current state of the instance.
|
||||||
|
// +optional
|
||||||
|
// +kubebuilder:validation:Minimum=0
|
||||||
|
ObservedGeneration int64 `json:"observedGeneration,omitempty"`
|
||||||
|
|
||||||
|
// lastTransitionTime is the last time the condition transitioned from one status to another.
|
||||||
|
// This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
||||||
|
// +required
|
||||||
|
// +kubebuilder:validation:Required
|
||||||
|
// +kubebuilder:validation:Type=string
|
||||||
|
// +kubebuilder:validation:Format=date-time
|
||||||
|
LastTransitionTime metav1.Time `json:"lastTransitionTime"`
|
||||||
|
|
||||||
|
// reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
||||||
|
// Producers of specific condition types may define expected values and meanings for this field,
|
||||||
|
// and whether the values are considered a guaranteed API.
|
||||||
|
// The value should be a CamelCase string.
|
||||||
|
// This field may not be empty.
|
||||||
|
// +required
|
||||||
|
// +kubebuilder:validation:Required
|
||||||
|
// +kubebuilder:validation:MaxLength=1024
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
// +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$`
|
||||||
|
Reason string `json:"reason"`
|
||||||
|
|
||||||
|
// message is a human readable message indicating details about the transition.
|
||||||
|
// This may be an empty string.
|
||||||
|
// +required
|
||||||
|
// +kubebuilder:validation:Required
|
||||||
|
// +kubebuilder:validation:MaxLength=32768
|
||||||
|
Message string `json:"message"`
|
||||||
|
}
|
11
generated/1.25/apis/concierge/authentication/v1alpha1/types_tls.go
generated
Normal file
11
generated/1.25/apis/concierge/authentication/v1alpha1/types_tls.go
generated
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
// Configuration for configuring TLS on various authenticators.
|
||||||
|
type TLSSpec struct {
|
||||||
|
// X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted.
|
||||||
|
// +optional
|
||||||
|
CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"`
|
||||||
|
}
|
56
generated/1.25/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go
generated
Normal file
56
generated/1.25/apis/concierge/authentication/v1alpha1/types_webhookauthenticator.go
generated
Normal file
@ -0,0 +1,56 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
|
||||||
|
// Status of a webhook authenticator.
|
||||||
|
type WebhookAuthenticatorStatus struct {
|
||||||
|
// Represents the observations of the authenticator's current state.
|
||||||
|
// +patchMergeKey=type
|
||||||
|
// +patchStrategy=merge
|
||||||
|
// +listType=map
|
||||||
|
// +listMapKey=type
|
||||||
|
Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Spec for configuring a webhook authenticator.
|
||||||
|
type WebhookAuthenticatorSpec struct {
|
||||||
|
// Webhook server endpoint URL.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
// +kubebuilder:validation:Pattern=`^https://`
|
||||||
|
Endpoint string `json:"endpoint"`
|
||||||
|
|
||||||
|
// TLS configuration.
|
||||||
|
// +optional
|
||||||
|
TLS *TLSSpec `json:"tls,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// WebhookAuthenticator describes the configuration of a webhook authenticator.
|
||||||
|
// +genclient
|
||||||
|
// +genclient:nonNamespaced
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
// +kubebuilder:resource:categories=pinniped;pinniped-authenticator;pinniped-authenticators,scope=Cluster
|
||||||
|
// +kubebuilder:printcolumn:name="Endpoint",type=string,JSONPath=`.spec.endpoint`
|
||||||
|
// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`
|
||||||
|
// +kubebuilder:subresource:status
|
||||||
|
type WebhookAuthenticator struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
// Spec for configuring the authenticator.
|
||||||
|
Spec WebhookAuthenticatorSpec `json:"spec"`
|
||||||
|
|
||||||
|
// Status of the authenticator.
|
||||||
|
Status WebhookAuthenticatorStatus `json:"status,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// List of WebhookAuthenticator objects.
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
type WebhookAuthenticatorList struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ListMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
Items []WebhookAuthenticator `json:"items"`
|
||||||
|
}
|
273
generated/1.25/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go
generated
Normal file
273
generated/1.25/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go
generated
Normal file
@ -0,0 +1,273 @@
|
|||||||
|
//go:build !ignore_autogenerated
|
||||||
|
// +build !ignore_autogenerated
|
||||||
|
|
||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by deepcopy-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *Condition) DeepCopyInto(out *Condition) {
|
||||||
|
*out = *in
|
||||||
|
in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition.
|
||||||
|
func (in *Condition) DeepCopy() *Condition {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(Condition)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *JWTAuthenticator) DeepCopyInto(out *JWTAuthenticator) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||||
|
in.Spec.DeepCopyInto(&out.Spec)
|
||||||
|
in.Status.DeepCopyInto(&out.Status)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticator.
|
||||||
|
func (in *JWTAuthenticator) DeepCopy() *JWTAuthenticator {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(JWTAuthenticator)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *JWTAuthenticator) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *JWTAuthenticatorList) DeepCopyInto(out *JWTAuthenticatorList) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||||
|
if in.Items != nil {
|
||||||
|
in, out := &in.Items, &out.Items
|
||||||
|
*out = make([]JWTAuthenticator, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorList.
|
||||||
|
func (in *JWTAuthenticatorList) DeepCopy() *JWTAuthenticatorList {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(JWTAuthenticatorList)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *JWTAuthenticatorList) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *JWTAuthenticatorSpec) DeepCopyInto(out *JWTAuthenticatorSpec) {
|
||||||
|
*out = *in
|
||||||
|
out.Claims = in.Claims
|
||||||
|
if in.TLS != nil {
|
||||||
|
in, out := &in.TLS, &out.TLS
|
||||||
|
*out = new(TLSSpec)
|
||||||
|
**out = **in
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorSpec.
|
||||||
|
func (in *JWTAuthenticatorSpec) DeepCopy() *JWTAuthenticatorSpec {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(JWTAuthenticatorSpec)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *JWTAuthenticatorStatus) DeepCopyInto(out *JWTAuthenticatorStatus) {
|
||||||
|
*out = *in
|
||||||
|
if in.Conditions != nil {
|
||||||
|
in, out := &in.Conditions, &out.Conditions
|
||||||
|
*out = make([]Condition, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTAuthenticatorStatus.
|
||||||
|
func (in *JWTAuthenticatorStatus) DeepCopy() *JWTAuthenticatorStatus {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(JWTAuthenticatorStatus)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *JWTTokenClaims) DeepCopyInto(out *JWTTokenClaims) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTTokenClaims.
|
||||||
|
func (in *JWTTokenClaims) DeepCopy() *JWTTokenClaims {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(JWTTokenClaims)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *TLSSpec) DeepCopyInto(out *TLSSpec) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSSpec.
|
||||||
|
func (in *TLSSpec) DeepCopy() *TLSSpec {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(TLSSpec)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *WebhookAuthenticator) DeepCopyInto(out *WebhookAuthenticator) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||||
|
in.Spec.DeepCopyInto(&out.Spec)
|
||||||
|
in.Status.DeepCopyInto(&out.Status)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticator.
|
||||||
|
func (in *WebhookAuthenticator) DeepCopy() *WebhookAuthenticator {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(WebhookAuthenticator)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *WebhookAuthenticator) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *WebhookAuthenticatorList) DeepCopyInto(out *WebhookAuthenticatorList) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||||
|
if in.Items != nil {
|
||||||
|
in, out := &in.Items, &out.Items
|
||||||
|
*out = make([]WebhookAuthenticator, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorList.
|
||||||
|
func (in *WebhookAuthenticatorList) DeepCopy() *WebhookAuthenticatorList {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(WebhookAuthenticatorList)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *WebhookAuthenticatorList) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *WebhookAuthenticatorSpec) DeepCopyInto(out *WebhookAuthenticatorSpec) {
|
||||||
|
*out = *in
|
||||||
|
if in.TLS != nil {
|
||||||
|
in, out := &in.TLS, &out.TLS
|
||||||
|
*out = new(TLSSpec)
|
||||||
|
**out = **in
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorSpec.
|
||||||
|
func (in *WebhookAuthenticatorSpec) DeepCopy() *WebhookAuthenticatorSpec {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(WebhookAuthenticatorSpec)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStatus) {
|
||||||
|
*out = *in
|
||||||
|
if in.Conditions != nil {
|
||||||
|
in, out := &in.Conditions, &out.Conditions
|
||||||
|
*out = make([]Condition, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorStatus.
|
||||||
|
func (in *WebhookAuthenticatorStatus) DeepCopy() *WebhookAuthenticatorStatus {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(WebhookAuthenticatorStatus)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
10
generated/1.25/apis/concierge/config/v1alpha1/doc.go
generated
Normal file
10
generated/1.25/apis/concierge/config/v1alpha1/doc.go
generated
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// +k8s:openapi-gen=true
|
||||||
|
// +k8s:deepcopy-gen=package
|
||||||
|
// +k8s:defaulter-gen=TypeMeta
|
||||||
|
// +groupName=config.concierge.pinniped.dev
|
||||||
|
|
||||||
|
// Package v1alpha1 is the v1alpha1 version of the Pinniped concierge configuration API.
|
||||||
|
package v1alpha1
|
43
generated/1.25/apis/concierge/config/v1alpha1/register.go
generated
Normal file
43
generated/1.25/apis/concierge/config/v1alpha1/register.go
generated
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime/schema"
|
||||||
|
)
|
||||||
|
|
||||||
|
const GroupName = "config.concierge.pinniped.dev"
|
||||||
|
|
||||||
|
// SchemeGroupVersion is group version used to register these objects.
|
||||||
|
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
|
||||||
|
|
||||||
|
var (
|
||||||
|
SchemeBuilder runtime.SchemeBuilder
|
||||||
|
localSchemeBuilder = &SchemeBuilder
|
||||||
|
AddToScheme = localSchemeBuilder.AddToScheme
|
||||||
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
// We only register manually written functions here. The registration of the
|
||||||
|
// generated functions takes place in the generated files. The separation
|
||||||
|
// makes the code compile even when the generated files are missing.
|
||||||
|
localSchemeBuilder.Register(addKnownTypes)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Adds the list of known types to the given scheme.
|
||||||
|
func addKnownTypes(scheme *runtime.Scheme) error {
|
||||||
|
scheme.AddKnownTypes(SchemeGroupVersion,
|
||||||
|
&CredentialIssuer{},
|
||||||
|
&CredentialIssuerList{},
|
||||||
|
)
|
||||||
|
metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Resource takes an unqualified resource and returns a Group qualified GroupResource.
|
||||||
|
func Resource(resource string) schema.GroupResource {
|
||||||
|
return SchemeGroupVersion.WithResource(resource).GroupResource()
|
||||||
|
}
|
244
generated/1.25/apis/concierge/config/v1alpha1/types_credentialissuer.go
generated
Normal file
244
generated/1.25/apis/concierge/config/v1alpha1/types_credentialissuer.go
generated
Normal file
@ -0,0 +1,244 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
)
|
||||||
|
|
||||||
|
// StrategyType enumerates a type of "strategy" used to implement credential access on a cluster.
|
||||||
|
// +kubebuilder:validation:Enum=KubeClusterSigningCertificate;ImpersonationProxy
|
||||||
|
type StrategyType string
|
||||||
|
|
||||||
|
// FrontendType enumerates a type of "frontend" used to provide access to users of a cluster.
|
||||||
|
// +kubebuilder:validation:Enum=TokenCredentialRequestAPI;ImpersonationProxy
|
||||||
|
type FrontendType string
|
||||||
|
|
||||||
|
// StrategyStatus enumerates whether a strategy is working on a cluster.
|
||||||
|
// +kubebuilder:validation:Enum=Success;Error
|
||||||
|
type StrategyStatus string
|
||||||
|
|
||||||
|
// StrategyReason enumerates the detailed reason why a strategy is in a particular status.
|
||||||
|
// +kubebuilder:validation:Enum=Listening;Pending;Disabled;ErrorDuringSetup;CouldNotFetchKey;CouldNotGetClusterInfo;FetchedKey
|
||||||
|
type StrategyReason string
|
||||||
|
|
||||||
|
const (
|
||||||
|
KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate")
|
||||||
|
ImpersonationProxyStrategyType = StrategyType("ImpersonationProxy")
|
||||||
|
|
||||||
|
TokenCredentialRequestAPIFrontendType = FrontendType("TokenCredentialRequestAPI")
|
||||||
|
ImpersonationProxyFrontendType = FrontendType("ImpersonationProxy")
|
||||||
|
|
||||||
|
SuccessStrategyStatus = StrategyStatus("Success")
|
||||||
|
ErrorStrategyStatus = StrategyStatus("Error")
|
||||||
|
|
||||||
|
ListeningStrategyReason = StrategyReason("Listening")
|
||||||
|
PendingStrategyReason = StrategyReason("Pending")
|
||||||
|
DisabledStrategyReason = StrategyReason("Disabled")
|
||||||
|
ErrorDuringSetupStrategyReason = StrategyReason("ErrorDuringSetup")
|
||||||
|
CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey")
|
||||||
|
CouldNotGetClusterInfoStrategyReason = StrategyReason("CouldNotGetClusterInfo")
|
||||||
|
FetchedKeyStrategyReason = StrategyReason("FetchedKey")
|
||||||
|
)
|
||||||
|
|
||||||
|
// CredentialIssuerSpec describes the intended configuration of the Concierge.
|
||||||
|
type CredentialIssuerSpec struct {
|
||||||
|
// ImpersonationProxy describes the intended configuration of the Concierge impersonation proxy.
|
||||||
|
ImpersonationProxy *ImpersonationProxySpec `json:"impersonationProxy"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// ImpersonationProxyMode enumerates the configuration modes for the impersonation proxy.
|
||||||
|
//
|
||||||
|
// +kubebuilder:validation:Enum=auto;enabled;disabled
|
||||||
|
type ImpersonationProxyMode string
|
||||||
|
|
||||||
|
const (
|
||||||
|
// ImpersonationProxyModeDisabled explicitly disables the impersonation proxy.
|
||||||
|
ImpersonationProxyModeDisabled = ImpersonationProxyMode("disabled")
|
||||||
|
|
||||||
|
// ImpersonationProxyModeEnabled explicitly enables the impersonation proxy.
|
||||||
|
ImpersonationProxyModeEnabled = ImpersonationProxyMode("enabled")
|
||||||
|
|
||||||
|
// ImpersonationProxyModeAuto enables or disables the impersonation proxy based upon the cluster in which it is running.
|
||||||
|
ImpersonationProxyModeAuto = ImpersonationProxyMode("auto")
|
||||||
|
)
|
||||||
|
|
||||||
|
// ImpersonationProxyServiceType enumerates the types of service that can be provisioned for the impersonation proxy.
|
||||||
|
//
|
||||||
|
// +kubebuilder:validation:Enum=LoadBalancer;ClusterIP;None
|
||||||
|
type ImpersonationProxyServiceType string
|
||||||
|
|
||||||
|
const (
|
||||||
|
// ImpersonationProxyServiceTypeLoadBalancer provisions a service of type LoadBalancer.
|
||||||
|
ImpersonationProxyServiceTypeLoadBalancer = ImpersonationProxyServiceType("LoadBalancer")
|
||||||
|
|
||||||
|
// ImpersonationProxyServiceTypeClusterIP provisions a service of type ClusterIP.
|
||||||
|
ImpersonationProxyServiceTypeClusterIP = ImpersonationProxyServiceType("ClusterIP")
|
||||||
|
|
||||||
|
// ImpersonationProxyServiceTypeNone does not automatically provision any service.
|
||||||
|
ImpersonationProxyServiceTypeNone = ImpersonationProxyServiceType("None")
|
||||||
|
)
|
||||||
|
|
||||||
|
// ImpersonationProxySpec describes the intended configuration of the Concierge impersonation proxy.
|
||||||
|
type ImpersonationProxySpec struct {
|
||||||
|
// Mode configures whether the impersonation proxy should be started:
|
||||||
|
// - "disabled" explicitly disables the impersonation proxy. This is the default.
|
||||||
|
// - "enabled" explicitly enables the impersonation proxy.
|
||||||
|
// - "auto" enables or disables the impersonation proxy based upon the cluster in which it is running.
|
||||||
|
Mode ImpersonationProxyMode `json:"mode"`
|
||||||
|
|
||||||
|
// Service describes the configuration of the Service provisioned to expose the impersonation proxy to clients.
|
||||||
|
//
|
||||||
|
// +kubebuilder:default:={"type": "LoadBalancer"}
|
||||||
|
Service ImpersonationProxyServiceSpec `json:"service"`
|
||||||
|
|
||||||
|
// ExternalEndpoint describes the HTTPS endpoint where the proxy will be exposed. If not set, the proxy will
|
||||||
|
// be served using the external name of the LoadBalancer service or the cluster service DNS name.
|
||||||
|
//
|
||||||
|
// This field must be non-empty when spec.impersonationProxy.service.type is "None".
|
||||||
|
//
|
||||||
|
// +optional
|
||||||
|
ExternalEndpoint string `json:"externalEndpoint,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// ImpersonationProxyServiceSpec describes how the Concierge should provision a Service to expose the impersonation proxy.
|
||||||
|
type ImpersonationProxyServiceSpec struct {
|
||||||
|
// Type specifies the type of Service to provision for the impersonation proxy.
|
||||||
|
//
|
||||||
|
// If the type is "None", then the "spec.impersonationProxy.externalEndpoint" field must be set to a non-empty
|
||||||
|
// value so that the Concierge can properly advertise the endpoint in the CredentialIssuer's status.
|
||||||
|
//
|
||||||
|
// +kubebuilder:default:="LoadBalancer"
|
||||||
|
Type ImpersonationProxyServiceType `json:"type,omitempty"`
|
||||||
|
|
||||||
|
// LoadBalancerIP specifies the IP address to set in the spec.loadBalancerIP field of the provisioned Service.
|
||||||
|
// This is not supported on all cloud providers.
|
||||||
|
//
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
// +kubebuilder:validation:MaxLength=255
|
||||||
|
// +optional
|
||||||
|
LoadBalancerIP string `json:"loadBalancerIP,omitempty"`
|
||||||
|
|
||||||
|
// Annotations specifies zero or more key/value pairs to set as annotations on the provisioned Service.
|
||||||
|
//
|
||||||
|
// +optional
|
||||||
|
Annotations map[string]string `json:"annotations,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// CredentialIssuerStatus describes the status of the Concierge.
|
||||||
|
type CredentialIssuerStatus struct {
|
||||||
|
// List of integration strategies that were attempted by Pinniped.
|
||||||
|
Strategies []CredentialIssuerStrategy `json:"strategies"`
|
||||||
|
|
||||||
|
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
|
||||||
|
// This field is deprecated and will be removed in a future version.
|
||||||
|
// +optional
|
||||||
|
KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// CredentialIssuerKubeConfigInfo provides the information needed to form a valid Pinniped-based kubeconfig using this credential issuer.
|
||||||
|
// This type is deprecated and will be removed in a future version.
|
||||||
|
type CredentialIssuerKubeConfigInfo struct {
|
||||||
|
// The K8s API server URL.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
// +kubebuilder:validation:Pattern=`^https://|^http://`
|
||||||
|
Server string `json:"server"`
|
||||||
|
|
||||||
|
// The K8s API server CA bundle.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
CertificateAuthorityData string `json:"certificateAuthorityData"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// CredentialIssuerStrategy describes the status of an integration strategy that was attempted by Pinniped.
|
||||||
|
type CredentialIssuerStrategy struct {
|
||||||
|
// Type of integration attempted.
|
||||||
|
Type StrategyType `json:"type"`
|
||||||
|
|
||||||
|
// Status of the attempted integration strategy.
|
||||||
|
Status StrategyStatus `json:"status"`
|
||||||
|
|
||||||
|
// Reason for the current status.
|
||||||
|
Reason StrategyReason `json:"reason"`
|
||||||
|
|
||||||
|
// Human-readable description of the current status.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
Message string `json:"message"`
|
||||||
|
|
||||||
|
// When the status was last checked.
|
||||||
|
LastUpdateTime metav1.Time `json:"lastUpdateTime"`
|
||||||
|
|
||||||
|
// Frontend describes how clients can connect using this strategy.
|
||||||
|
Frontend *CredentialIssuerFrontend `json:"frontend,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// CredentialIssuerFrontend describes how to connect using a particular integration strategy.
|
||||||
|
type CredentialIssuerFrontend struct {
|
||||||
|
// Type describes which frontend mechanism clients can use with a strategy.
|
||||||
|
Type FrontendType `json:"type"`
|
||||||
|
|
||||||
|
// TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge.
|
||||||
|
// This field is only set when Type is "TokenCredentialRequestAPI".
|
||||||
|
TokenCredentialRequestAPIInfo *TokenCredentialRequestAPIInfo `json:"tokenCredentialRequestInfo,omitempty"`
|
||||||
|
|
||||||
|
// ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge.
|
||||||
|
// This field is only set when Type is "ImpersonationProxy".
|
||||||
|
ImpersonationProxyInfo *ImpersonationProxyInfo `json:"impersonationProxyInfo,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// TokenCredentialRequestAPIInfo describes the parameters for the TokenCredentialRequest API on this Concierge.
|
||||||
|
type TokenCredentialRequestAPIInfo struct {
|
||||||
|
// Server is the Kubernetes API server URL.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
// +kubebuilder:validation:Pattern=`^https://|^http://`
|
||||||
|
Server string `json:"server"`
|
||||||
|
|
||||||
|
// CertificateAuthorityData is the base64-encoded Kubernetes API server CA bundle.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
CertificateAuthorityData string `json:"certificateAuthorityData"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// ImpersonationProxyInfo describes the parameters for the impersonation proxy on this Concierge.
|
||||||
|
type ImpersonationProxyInfo struct {
|
||||||
|
// Endpoint is the HTTPS endpoint of the impersonation proxy.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
// +kubebuilder:validation:Pattern=`^https://`
|
||||||
|
Endpoint string `json:"endpoint"`
|
||||||
|
|
||||||
|
// CertificateAuthorityData is the base64-encoded PEM CA bundle of the impersonation proxy.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
CertificateAuthorityData string `json:"certificateAuthorityData"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// CredentialIssuer describes the configuration and status of the Pinniped Concierge credential issuer.
|
||||||
|
// +genclient
|
||||||
|
// +genclient:nonNamespaced
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
// +kubebuilder:resource:categories=pinniped,scope=Cluster
|
||||||
|
// +kubebuilder:printcolumn:name="ProxyMode",type=string,JSONPath=`.spec.impersonationProxy.mode`
|
||||||
|
// +kubebuilder:printcolumn:name="DefaultStrategy",type=string,JSONPath=`.status.strategies[?(@.status == "Success")].type`
|
||||||
|
// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`
|
||||||
|
// +kubebuilder:subresource:status
|
||||||
|
type CredentialIssuer struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
// Spec describes the intended configuration of the Concierge.
|
||||||
|
//
|
||||||
|
// +optional
|
||||||
|
Spec CredentialIssuerSpec `json:"spec"`
|
||||||
|
|
||||||
|
// CredentialIssuerStatus describes the status of the Concierge.
|
||||||
|
//
|
||||||
|
// +optional
|
||||||
|
Status CredentialIssuerStatus `json:"status"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// CredentialIssuerList is a list of CredentialIssuer objects.
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
type CredentialIssuerList struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ListMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
Items []CredentialIssuer `json:"items"`
|
||||||
|
}
|
259
generated/1.25/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go
generated
Normal file
259
generated/1.25/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go
generated
Normal file
@ -0,0 +1,259 @@
|
|||||||
|
//go:build !ignore_autogenerated
|
||||||
|
// +build !ignore_autogenerated
|
||||||
|
|
||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by deepcopy-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *CredentialIssuer) DeepCopyInto(out *CredentialIssuer) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||||
|
in.Spec.DeepCopyInto(&out.Spec)
|
||||||
|
in.Status.DeepCopyInto(&out.Status)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuer.
|
||||||
|
func (in *CredentialIssuer) DeepCopy() *CredentialIssuer {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(CredentialIssuer)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *CredentialIssuer) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *CredentialIssuerFrontend) DeepCopyInto(out *CredentialIssuerFrontend) {
|
||||||
|
*out = *in
|
||||||
|
if in.TokenCredentialRequestAPIInfo != nil {
|
||||||
|
in, out := &in.TokenCredentialRequestAPIInfo, &out.TokenCredentialRequestAPIInfo
|
||||||
|
*out = new(TokenCredentialRequestAPIInfo)
|
||||||
|
**out = **in
|
||||||
|
}
|
||||||
|
if in.ImpersonationProxyInfo != nil {
|
||||||
|
in, out := &in.ImpersonationProxyInfo, &out.ImpersonationProxyInfo
|
||||||
|
*out = new(ImpersonationProxyInfo)
|
||||||
|
**out = **in
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerFrontend.
|
||||||
|
func (in *CredentialIssuerFrontend) DeepCopy() *CredentialIssuerFrontend {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(CredentialIssuerFrontend)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerKubeConfigInfo.
|
||||||
|
func (in *CredentialIssuerKubeConfigInfo) DeepCopy() *CredentialIssuerKubeConfigInfo {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(CredentialIssuerKubeConfigInfo)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *CredentialIssuerList) DeepCopyInto(out *CredentialIssuerList) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||||
|
if in.Items != nil {
|
||||||
|
in, out := &in.Items, &out.Items
|
||||||
|
*out = make([]CredentialIssuer, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerList.
|
||||||
|
func (in *CredentialIssuerList) DeepCopy() *CredentialIssuerList {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(CredentialIssuerList)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *CredentialIssuerList) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *CredentialIssuerSpec) DeepCopyInto(out *CredentialIssuerSpec) {
|
||||||
|
*out = *in
|
||||||
|
if in.ImpersonationProxy != nil {
|
||||||
|
in, out := &in.ImpersonationProxy, &out.ImpersonationProxy
|
||||||
|
*out = new(ImpersonationProxySpec)
|
||||||
|
(*in).DeepCopyInto(*out)
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerSpec.
|
||||||
|
func (in *CredentialIssuerSpec) DeepCopy() *CredentialIssuerSpec {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(CredentialIssuerSpec)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) {
|
||||||
|
*out = *in
|
||||||
|
if in.Strategies != nil {
|
||||||
|
in, out := &in.Strategies, &out.Strategies
|
||||||
|
*out = make([]CredentialIssuerStrategy, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if in.KubeConfigInfo != nil {
|
||||||
|
in, out := &in.KubeConfigInfo, &out.KubeConfigInfo
|
||||||
|
*out = new(CredentialIssuerKubeConfigInfo)
|
||||||
|
**out = **in
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStatus.
|
||||||
|
func (in *CredentialIssuerStatus) DeepCopy() *CredentialIssuerStatus {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(CredentialIssuerStatus)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *CredentialIssuerStrategy) DeepCopyInto(out *CredentialIssuerStrategy) {
|
||||||
|
*out = *in
|
||||||
|
in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime)
|
||||||
|
if in.Frontend != nil {
|
||||||
|
in, out := &in.Frontend, &out.Frontend
|
||||||
|
*out = new(CredentialIssuerFrontend)
|
||||||
|
(*in).DeepCopyInto(*out)
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerStrategy.
|
||||||
|
func (in *CredentialIssuerStrategy) DeepCopy() *CredentialIssuerStrategy {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(CredentialIssuerStrategy)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *ImpersonationProxyInfo) DeepCopyInto(out *ImpersonationProxyInfo) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxyInfo.
|
||||||
|
func (in *ImpersonationProxyInfo) DeepCopy() *ImpersonationProxyInfo {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(ImpersonationProxyInfo)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *ImpersonationProxyServiceSpec) DeepCopyInto(out *ImpersonationProxyServiceSpec) {
|
||||||
|
*out = *in
|
||||||
|
if in.Annotations != nil {
|
||||||
|
in, out := &in.Annotations, &out.Annotations
|
||||||
|
*out = make(map[string]string, len(*in))
|
||||||
|
for key, val := range *in {
|
||||||
|
(*out)[key] = val
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxyServiceSpec.
|
||||||
|
func (in *ImpersonationProxyServiceSpec) DeepCopy() *ImpersonationProxyServiceSpec {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(ImpersonationProxyServiceSpec)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *ImpersonationProxySpec) DeepCopyInto(out *ImpersonationProxySpec) {
|
||||||
|
*out = *in
|
||||||
|
in.Service.DeepCopyInto(&out.Service)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImpersonationProxySpec.
|
||||||
|
func (in *ImpersonationProxySpec) DeepCopy() *ImpersonationProxySpec {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(ImpersonationProxySpec)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *TokenCredentialRequestAPIInfo) DeepCopyInto(out *TokenCredentialRequestAPIInfo) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestAPIInfo.
|
||||||
|
func (in *TokenCredentialRequestAPIInfo) DeepCopy() *TokenCredentialRequestAPIInfo {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(TokenCredentialRequestAPIInfo)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
8
generated/1.25/apis/concierge/identity/doc.go
generated
Normal file
8
generated/1.25/apis/concierge/identity/doc.go
generated
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// +k8s:deepcopy-gen=package
|
||||||
|
// +groupName=identity.concierge.pinniped.dev
|
||||||
|
|
||||||
|
// Package identity is the internal version of the Pinniped identity API.
|
||||||
|
package identity
|
38
generated/1.25/apis/concierge/identity/register.go
generated
Normal file
38
generated/1.25/apis/concierge/identity/register.go
generated
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package identity
|
||||||
|
|
||||||
|
import (
|
||||||
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime/schema"
|
||||||
|
)
|
||||||
|
|
||||||
|
const GroupName = "identity.concierge.pinniped.dev"
|
||||||
|
|
||||||
|
// SchemeGroupVersion is group version used to register these objects.
|
||||||
|
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}
|
||||||
|
|
||||||
|
// Kind takes an unqualified kind and returns back a Group qualified GroupKind.
|
||||||
|
func Kind(kind string) schema.GroupKind {
|
||||||
|
return SchemeGroupVersion.WithKind(kind).GroupKind()
|
||||||
|
}
|
||||||
|
|
||||||
|
// Resource takes an unqualified resource and returns back a Group qualified GroupResource.
|
||||||
|
func Resource(resource string) schema.GroupResource {
|
||||||
|
return SchemeGroupVersion.WithResource(resource).GroupResource()
|
||||||
|
}
|
||||||
|
|
||||||
|
var (
|
||||||
|
SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
|
||||||
|
AddToScheme = SchemeBuilder.AddToScheme
|
||||||
|
)
|
||||||
|
|
||||||
|
// Adds the list of known types to the given scheme.
|
||||||
|
func addKnownTypes(scheme *runtime.Scheme) error {
|
||||||
|
scheme.AddKnownTypes(SchemeGroupVersion,
|
||||||
|
&WhoAmIRequest{},
|
||||||
|
&WhoAmIRequestList{},
|
||||||
|
)
|
||||||
|
return nil
|
||||||
|
}
|
37
generated/1.25/apis/concierge/identity/types_userinfo.go
generated
Normal file
37
generated/1.25/apis/concierge/identity/types_userinfo.go
generated
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package identity
|
||||||
|
|
||||||
|
import "fmt"
|
||||||
|
|
||||||
|
// KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it.
|
||||||
|
// Copied from the Kubernetes token review API.
|
||||||
|
type KubernetesUserInfo struct {
|
||||||
|
// User is the UserInfo associated with the current user.
|
||||||
|
User UserInfo
|
||||||
|
// Audiences are audience identifiers chosen by the authenticator.
|
||||||
|
Audiences []string
|
||||||
|
}
|
||||||
|
|
||||||
|
// UserInfo holds the information about the user needed to implement the
|
||||||
|
// user.Info interface.
|
||||||
|
type UserInfo struct {
|
||||||
|
// The name that uniquely identifies this user among all active users.
|
||||||
|
Username string
|
||||||
|
// A unique value that identifies this user across time. If this user is
|
||||||
|
// deleted and another user by the same name is added, they will have
|
||||||
|
// different UIDs.
|
||||||
|
UID string
|
||||||
|
// The names of groups this user is a part of.
|
||||||
|
Groups []string
|
||||||
|
// Any additional information provided by the authenticator.
|
||||||
|
Extra map[string]ExtraValue
|
||||||
|
}
|
||||||
|
|
||||||
|
// ExtraValue masks the value so protobuf can generate
|
||||||
|
type ExtraValue []string
|
||||||
|
|
||||||
|
func (t ExtraValue) String() string {
|
||||||
|
return fmt.Sprintf("%v", []string(t))
|
||||||
|
}
|
40
generated/1.25/apis/concierge/identity/types_whoami.go
generated
Normal file
40
generated/1.25/apis/concierge/identity/types_whoami.go
generated
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package identity
|
||||||
|
|
||||||
|
import (
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
)
|
||||||
|
|
||||||
|
// WhoAmIRequest submits a request to echo back the current authenticated user.
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
type WhoAmIRequest struct {
|
||||||
|
metav1.TypeMeta
|
||||||
|
metav1.ObjectMeta
|
||||||
|
|
||||||
|
Spec WhoAmIRequestSpec
|
||||||
|
Status WhoAmIRequestStatus
|
||||||
|
}
|
||||||
|
|
||||||
|
type WhoAmIRequestSpec struct {
|
||||||
|
// empty for now but we may add some config here in the future
|
||||||
|
// any such config must be safe in the context of an unauthenticated user
|
||||||
|
}
|
||||||
|
|
||||||
|
type WhoAmIRequestStatus struct {
|
||||||
|
// The current authenticated user, exactly as Kubernetes understands it.
|
||||||
|
KubernetesUserInfo KubernetesUserInfo
|
||||||
|
|
||||||
|
// We may add concierge specific information here in the future.
|
||||||
|
}
|
||||||
|
|
||||||
|
// WhoAmIRequestList is a list of WhoAmIRequest objects.
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
type WhoAmIRequestList struct {
|
||||||
|
metav1.TypeMeta
|
||||||
|
metav1.ListMeta
|
||||||
|
|
||||||
|
// Items is a list of WhoAmIRequest
|
||||||
|
Items []WhoAmIRequest
|
||||||
|
}
|
4
generated/1.25/apis/concierge/identity/v1alpha1/conversion.go
generated
Normal file
4
generated/1.25/apis/concierge/identity/v1alpha1/conversion.go
generated
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
12
generated/1.25/apis/concierge/identity/v1alpha1/defaults.go
generated
Normal file
12
generated/1.25/apis/concierge/identity/v1alpha1/defaults.go
generated
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
func addDefaultingFuncs(scheme *runtime.Scheme) error {
|
||||||
|
return RegisterDefaults(scheme)
|
||||||
|
}
|
11
generated/1.25/apis/concierge/identity/v1alpha1/doc.go
generated
Normal file
11
generated/1.25/apis/concierge/identity/v1alpha1/doc.go
generated
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// +k8s:openapi-gen=true
|
||||||
|
// +k8s:deepcopy-gen=package
|
||||||
|
// +k8s:conversion-gen=go.pinniped.dev/generated/1.25/apis/concierge/identity
|
||||||
|
// +k8s:defaulter-gen=TypeMeta
|
||||||
|
// +groupName=identity.concierge.pinniped.dev
|
||||||
|
|
||||||
|
// Package v1alpha1 is the v1alpha1 version of the Pinniped identity API.
|
||||||
|
package v1alpha1
|
43
generated/1.25/apis/concierge/identity/v1alpha1/register.go
generated
Normal file
43
generated/1.25/apis/concierge/identity/v1alpha1/register.go
generated
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime/schema"
|
||||||
|
)
|
||||||
|
|
||||||
|
const GroupName = "identity.concierge.pinniped.dev"
|
||||||
|
|
||||||
|
// SchemeGroupVersion is group version used to register these objects.
|
||||||
|
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
|
||||||
|
|
||||||
|
var (
|
||||||
|
SchemeBuilder runtime.SchemeBuilder
|
||||||
|
localSchemeBuilder = &SchemeBuilder
|
||||||
|
AddToScheme = localSchemeBuilder.AddToScheme
|
||||||
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
// We only register manually written functions here. The registration of the
|
||||||
|
// generated functions takes place in the generated files. The separation
|
||||||
|
// makes the code compile even when the generated files are missing.
|
||||||
|
localSchemeBuilder.Register(addKnownTypes, addDefaultingFuncs)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Adds the list of known types to the given scheme.
|
||||||
|
func addKnownTypes(scheme *runtime.Scheme) error {
|
||||||
|
scheme.AddKnownTypes(SchemeGroupVersion,
|
||||||
|
&WhoAmIRequest{},
|
||||||
|
&WhoAmIRequestList{},
|
||||||
|
)
|
||||||
|
metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Resource takes an unqualified resource and returns a Group qualified GroupResource.
|
||||||
|
func Resource(resource string) schema.GroupResource {
|
||||||
|
return SchemeGroupVersion.WithResource(resource).GroupResource()
|
||||||
|
}
|
41
generated/1.25/apis/concierge/identity/v1alpha1/types_userinfo.go
generated
Normal file
41
generated/1.25/apis/concierge/identity/v1alpha1/types_userinfo.go
generated
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import "fmt"
|
||||||
|
|
||||||
|
// KubernetesUserInfo represents the current authenticated user, exactly as Kubernetes understands it.
|
||||||
|
// Copied from the Kubernetes token review API.
|
||||||
|
type KubernetesUserInfo struct {
|
||||||
|
// User is the UserInfo associated with the current user.
|
||||||
|
User UserInfo `json:"user"`
|
||||||
|
// Audiences are audience identifiers chosen by the authenticator.
|
||||||
|
// +optional
|
||||||
|
Audiences []string `json:"audiences,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// UserInfo holds the information about the user needed to implement the
|
||||||
|
// user.Info interface.
|
||||||
|
type UserInfo struct {
|
||||||
|
// The name that uniquely identifies this user among all active users.
|
||||||
|
Username string `json:"username"`
|
||||||
|
// A unique value that identifies this user across time. If this user is
|
||||||
|
// deleted and another user by the same name is added, they will have
|
||||||
|
// different UIDs.
|
||||||
|
// +optional
|
||||||
|
UID string `json:"uid,omitempty"`
|
||||||
|
// The names of groups this user is a part of.
|
||||||
|
// +optional
|
||||||
|
Groups []string `json:"groups,omitempty"`
|
||||||
|
// Any additional information provided by the authenticator.
|
||||||
|
// +optional
|
||||||
|
Extra map[string]ExtraValue `json:"extra,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// ExtraValue masks the value so protobuf can generate
|
||||||
|
type ExtraValue []string
|
||||||
|
|
||||||
|
func (t ExtraValue) String() string {
|
||||||
|
return fmt.Sprintf("%v", []string(t))
|
||||||
|
}
|
43
generated/1.25/apis/concierge/identity/v1alpha1/types_whoami.go
generated
Normal file
43
generated/1.25/apis/concierge/identity/v1alpha1/types_whoami.go
generated
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
)
|
||||||
|
|
||||||
|
// WhoAmIRequest submits a request to echo back the current authenticated user.
|
||||||
|
// +genclient
|
||||||
|
// +genclient:nonNamespaced
|
||||||
|
// +genclient:onlyVerbs=create
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
type WhoAmIRequest struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
Spec WhoAmIRequestSpec `json:"spec,omitempty"`
|
||||||
|
Status WhoAmIRequestStatus `json:"status,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type WhoAmIRequestSpec struct {
|
||||||
|
// empty for now but we may add some config here in the future
|
||||||
|
// any such config must be safe in the context of an unauthenticated user
|
||||||
|
}
|
||||||
|
|
||||||
|
type WhoAmIRequestStatus struct {
|
||||||
|
// The current authenticated user, exactly as Kubernetes understands it.
|
||||||
|
KubernetesUserInfo KubernetesUserInfo `json:"kubernetesUserInfo"`
|
||||||
|
|
||||||
|
// We may add concierge specific information here in the future.
|
||||||
|
}
|
||||||
|
|
||||||
|
// WhoAmIRequestList is a list of WhoAmIRequest objects.
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
type WhoAmIRequestList struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ListMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
// Items is a list of WhoAmIRequest
|
||||||
|
Items []WhoAmIRequest `json:"items"`
|
||||||
|
}
|
235
generated/1.25/apis/concierge/identity/v1alpha1/zz_generated.conversion.go
generated
Normal file
235
generated/1.25/apis/concierge/identity/v1alpha1/zz_generated.conversion.go
generated
Normal file
@ -0,0 +1,235 @@
|
|||||||
|
//go:build !ignore_autogenerated
|
||||||
|
// +build !ignore_autogenerated
|
||||||
|
|
||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by conversion-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
unsafe "unsafe"
|
||||||
|
|
||||||
|
identity "go.pinniped.dev/generated/1.25/apis/concierge/identity"
|
||||||
|
conversion "k8s.io/apimachinery/pkg/conversion"
|
||||||
|
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
localSchemeBuilder.Register(RegisterConversions)
|
||||||
|
}
|
||||||
|
|
||||||
|
// RegisterConversions adds conversion functions to the given scheme.
|
||||||
|
// Public to allow building arbitrary schemes.
|
||||||
|
func RegisterConversions(s *runtime.Scheme) error {
|
||||||
|
if err := s.AddGeneratedConversionFunc((*KubernetesUserInfo)(nil), (*identity.KubernetesUserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(a.(*KubernetesUserInfo), b.(*identity.KubernetesUserInfo), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*identity.KubernetesUserInfo)(nil), (*KubernetesUserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(a.(*identity.KubernetesUserInfo), b.(*KubernetesUserInfo), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*UserInfo)(nil), (*identity.UserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_v1alpha1_UserInfo_To_identity_UserInfo(a.(*UserInfo), b.(*identity.UserInfo), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*identity.UserInfo)(nil), (*UserInfo)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_identity_UserInfo_To_v1alpha1_UserInfo(a.(*identity.UserInfo), b.(*UserInfo), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*WhoAmIRequest)(nil), (*identity.WhoAmIRequest)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(a.(*WhoAmIRequest), b.(*identity.WhoAmIRequest), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequest)(nil), (*WhoAmIRequest)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(a.(*identity.WhoAmIRequest), b.(*WhoAmIRequest), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*WhoAmIRequestList)(nil), (*identity.WhoAmIRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(a.(*WhoAmIRequestList), b.(*identity.WhoAmIRequestList), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestList)(nil), (*WhoAmIRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(a.(*identity.WhoAmIRequestList), b.(*WhoAmIRequestList), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*WhoAmIRequestSpec)(nil), (*identity.WhoAmIRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(a.(*WhoAmIRequestSpec), b.(*identity.WhoAmIRequestSpec), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestSpec)(nil), (*WhoAmIRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(a.(*identity.WhoAmIRequestSpec), b.(*WhoAmIRequestSpec), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*WhoAmIRequestStatus)(nil), (*identity.WhoAmIRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(a.(*WhoAmIRequestStatus), b.(*identity.WhoAmIRequestStatus), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*identity.WhoAmIRequestStatus)(nil), (*WhoAmIRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(a.(*identity.WhoAmIRequestStatus), b.(*WhoAmIRequestStatus), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in *KubernetesUserInfo, out *identity.KubernetesUserInfo, s conversion.Scope) error {
|
||||||
|
if err := Convert_v1alpha1_UserInfo_To_identity_UserInfo(&in.User, &out.User, s); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences))
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo is an autogenerated conversion function.
|
||||||
|
func Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in *KubernetesUserInfo, out *identity.KubernetesUserInfo, s conversion.Scope) error {
|
||||||
|
return autoConvert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in *identity.KubernetesUserInfo, out *KubernetesUserInfo, s conversion.Scope) error {
|
||||||
|
if err := Convert_identity_UserInfo_To_v1alpha1_UserInfo(&in.User, &out.User, s); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences))
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo is an autogenerated conversion function.
|
||||||
|
func Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in *identity.KubernetesUserInfo, out *KubernetesUserInfo, s conversion.Scope) error {
|
||||||
|
return autoConvert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_v1alpha1_UserInfo_To_identity_UserInfo(in *UserInfo, out *identity.UserInfo, s conversion.Scope) error {
|
||||||
|
out.Username = in.Username
|
||||||
|
out.UID = in.UID
|
||||||
|
out.Groups = *(*[]string)(unsafe.Pointer(&in.Groups))
|
||||||
|
out.Extra = *(*map[string]identity.ExtraValue)(unsafe.Pointer(&in.Extra))
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_v1alpha1_UserInfo_To_identity_UserInfo is an autogenerated conversion function.
|
||||||
|
func Convert_v1alpha1_UserInfo_To_identity_UserInfo(in *UserInfo, out *identity.UserInfo, s conversion.Scope) error {
|
||||||
|
return autoConvert_v1alpha1_UserInfo_To_identity_UserInfo(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_identity_UserInfo_To_v1alpha1_UserInfo(in *identity.UserInfo, out *UserInfo, s conversion.Scope) error {
|
||||||
|
out.Username = in.Username
|
||||||
|
out.UID = in.UID
|
||||||
|
out.Groups = *(*[]string)(unsafe.Pointer(&in.Groups))
|
||||||
|
out.Extra = *(*map[string]ExtraValue)(unsafe.Pointer(&in.Extra))
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_identity_UserInfo_To_v1alpha1_UserInfo is an autogenerated conversion function.
|
||||||
|
func Convert_identity_UserInfo_To_v1alpha1_UserInfo(in *identity.UserInfo, out *UserInfo, s conversion.Scope) error {
|
||||||
|
return autoConvert_identity_UserInfo_To_v1alpha1_UserInfo(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in *WhoAmIRequest, out *identity.WhoAmIRequest, s conversion.Scope) error {
|
||||||
|
out.ObjectMeta = in.ObjectMeta
|
||||||
|
if err := Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(&in.Spec, &out.Spec, s); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(&in.Status, &out.Status, s); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest is an autogenerated conversion function.
|
||||||
|
func Convert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in *WhoAmIRequest, out *identity.WhoAmIRequest, s conversion.Scope) error {
|
||||||
|
return autoConvert_v1alpha1_WhoAmIRequest_To_identity_WhoAmIRequest(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in *identity.WhoAmIRequest, out *WhoAmIRequest, s conversion.Scope) error {
|
||||||
|
out.ObjectMeta = in.ObjectMeta
|
||||||
|
if err := Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(&in.Spec, &out.Spec, s); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(&in.Status, &out.Status, s); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest is an autogenerated conversion function.
|
||||||
|
func Convert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in *identity.WhoAmIRequest, out *WhoAmIRequest, s conversion.Scope) error {
|
||||||
|
return autoConvert_identity_WhoAmIRequest_To_v1alpha1_WhoAmIRequest(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in *WhoAmIRequestList, out *identity.WhoAmIRequestList, s conversion.Scope) error {
|
||||||
|
out.ListMeta = in.ListMeta
|
||||||
|
out.Items = *(*[]identity.WhoAmIRequest)(unsafe.Pointer(&in.Items))
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList is an autogenerated conversion function.
|
||||||
|
func Convert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in *WhoAmIRequestList, out *identity.WhoAmIRequestList, s conversion.Scope) error {
|
||||||
|
return autoConvert_v1alpha1_WhoAmIRequestList_To_identity_WhoAmIRequestList(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in *identity.WhoAmIRequestList, out *WhoAmIRequestList, s conversion.Scope) error {
|
||||||
|
out.ListMeta = in.ListMeta
|
||||||
|
out.Items = *(*[]WhoAmIRequest)(unsafe.Pointer(&in.Items))
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList is an autogenerated conversion function.
|
||||||
|
func Convert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in *identity.WhoAmIRequestList, out *WhoAmIRequestList, s conversion.Scope) error {
|
||||||
|
return autoConvert_identity_WhoAmIRequestList_To_v1alpha1_WhoAmIRequestList(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in *WhoAmIRequestSpec, out *identity.WhoAmIRequestSpec, s conversion.Scope) error {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec is an autogenerated conversion function.
|
||||||
|
func Convert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in *WhoAmIRequestSpec, out *identity.WhoAmIRequestSpec, s conversion.Scope) error {
|
||||||
|
return autoConvert_v1alpha1_WhoAmIRequestSpec_To_identity_WhoAmIRequestSpec(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in *identity.WhoAmIRequestSpec, out *WhoAmIRequestSpec, s conversion.Scope) error {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec is an autogenerated conversion function.
|
||||||
|
func Convert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in *identity.WhoAmIRequestSpec, out *WhoAmIRequestSpec, s conversion.Scope) error {
|
||||||
|
return autoConvert_identity_WhoAmIRequestSpec_To_v1alpha1_WhoAmIRequestSpec(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in *WhoAmIRequestStatus, out *identity.WhoAmIRequestStatus, s conversion.Scope) error {
|
||||||
|
if err := Convert_v1alpha1_KubernetesUserInfo_To_identity_KubernetesUserInfo(&in.KubernetesUserInfo, &out.KubernetesUserInfo, s); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus is an autogenerated conversion function.
|
||||||
|
func Convert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in *WhoAmIRequestStatus, out *identity.WhoAmIRequestStatus, s conversion.Scope) error {
|
||||||
|
return autoConvert_v1alpha1_WhoAmIRequestStatus_To_identity_WhoAmIRequestStatus(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in *identity.WhoAmIRequestStatus, out *WhoAmIRequestStatus, s conversion.Scope) error {
|
||||||
|
if err := Convert_identity_KubernetesUserInfo_To_v1alpha1_KubernetesUserInfo(&in.KubernetesUserInfo, &out.KubernetesUserInfo, s); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus is an autogenerated conversion function.
|
||||||
|
func Convert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in *identity.WhoAmIRequestStatus, out *WhoAmIRequestStatus, s conversion.Scope) error {
|
||||||
|
return autoConvert_identity_WhoAmIRequestStatus_To_v1alpha1_WhoAmIRequestStatus(in, out, s)
|
||||||
|
}
|
185
generated/1.25/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go
generated
Normal file
185
generated/1.25/apis/concierge/identity/v1alpha1/zz_generated.deepcopy.go
generated
Normal file
@ -0,0 +1,185 @@
|
|||||||
|
//go:build !ignore_autogenerated
|
||||||
|
// +build !ignore_autogenerated
|
||||||
|
|
||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by deepcopy-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in ExtraValue) DeepCopyInto(out *ExtraValue) {
|
||||||
|
{
|
||||||
|
in := &in
|
||||||
|
*out = make(ExtraValue, len(*in))
|
||||||
|
copy(*out, *in)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue.
|
||||||
|
func (in ExtraValue) DeepCopy() ExtraValue {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(ExtraValue)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return *out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *KubernetesUserInfo) DeepCopyInto(out *KubernetesUserInfo) {
|
||||||
|
*out = *in
|
||||||
|
in.User.DeepCopyInto(&out.User)
|
||||||
|
if in.Audiences != nil {
|
||||||
|
in, out := &in.Audiences, &out.Audiences
|
||||||
|
*out = make([]string, len(*in))
|
||||||
|
copy(*out, *in)
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesUserInfo.
|
||||||
|
func (in *KubernetesUserInfo) DeepCopy() *KubernetesUserInfo {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(KubernetesUserInfo)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *UserInfo) DeepCopyInto(out *UserInfo) {
|
||||||
|
*out = *in
|
||||||
|
if in.Groups != nil {
|
||||||
|
in, out := &in.Groups, &out.Groups
|
||||||
|
*out = make([]string, len(*in))
|
||||||
|
copy(*out, *in)
|
||||||
|
}
|
||||||
|
if in.Extra != nil {
|
||||||
|
in, out := &in.Extra, &out.Extra
|
||||||
|
*out = make(map[string]ExtraValue, len(*in))
|
||||||
|
for key, val := range *in {
|
||||||
|
var outVal []string
|
||||||
|
if val == nil {
|
||||||
|
(*out)[key] = nil
|
||||||
|
} else {
|
||||||
|
in, out := &val, &outVal
|
||||||
|
*out = make(ExtraValue, len(*in))
|
||||||
|
copy(*out, *in)
|
||||||
|
}
|
||||||
|
(*out)[key] = outVal
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInfo.
|
||||||
|
func (in *UserInfo) DeepCopy() *UserInfo {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(UserInfo)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *WhoAmIRequest) DeepCopyInto(out *WhoAmIRequest) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||||
|
out.Spec = in.Spec
|
||||||
|
in.Status.DeepCopyInto(&out.Status)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequest.
|
||||||
|
func (in *WhoAmIRequest) DeepCopy() *WhoAmIRequest {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(WhoAmIRequest)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *WhoAmIRequest) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *WhoAmIRequestList) DeepCopyInto(out *WhoAmIRequestList) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||||
|
if in.Items != nil {
|
||||||
|
in, out := &in.Items, &out.Items
|
||||||
|
*out = make([]WhoAmIRequest, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestList.
|
||||||
|
func (in *WhoAmIRequestList) DeepCopy() *WhoAmIRequestList {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(WhoAmIRequestList)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *WhoAmIRequestList) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *WhoAmIRequestSpec) DeepCopyInto(out *WhoAmIRequestSpec) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestSpec.
|
||||||
|
func (in *WhoAmIRequestSpec) DeepCopy() *WhoAmIRequestSpec {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(WhoAmIRequestSpec)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *WhoAmIRequestStatus) DeepCopyInto(out *WhoAmIRequestStatus) {
|
||||||
|
*out = *in
|
||||||
|
in.KubernetesUserInfo.DeepCopyInto(&out.KubernetesUserInfo)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestStatus.
|
||||||
|
func (in *WhoAmIRequestStatus) DeepCopy() *WhoAmIRequestStatus {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(WhoAmIRequestStatus)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
20
generated/1.25/apis/concierge/identity/v1alpha1/zz_generated.defaults.go
generated
Normal file
20
generated/1.25/apis/concierge/identity/v1alpha1/zz_generated.defaults.go
generated
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
//go:build !ignore_autogenerated
|
||||||
|
// +build !ignore_autogenerated
|
||||||
|
|
||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by defaulter-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
// RegisterDefaults adds defaulters functions to the given scheme.
|
||||||
|
// Public to allow building arbitrary schemes.
|
||||||
|
// All generated defaulters are covering - they call all nested defaulters.
|
||||||
|
func RegisterDefaults(scheme *runtime.Scheme) error {
|
||||||
|
return nil
|
||||||
|
}
|
14
generated/1.25/apis/concierge/identity/validation/validation.go
generated
Normal file
14
generated/1.25/apis/concierge/identity/validation/validation.go
generated
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package validation
|
||||||
|
|
||||||
|
import (
|
||||||
|
"k8s.io/apimachinery/pkg/util/validation/field"
|
||||||
|
|
||||||
|
identityapi "go.pinniped.dev/generated/1.25/apis/concierge/identity"
|
||||||
|
)
|
||||||
|
|
||||||
|
func ValidateWhoAmIRequest(whoAmIRequest *identityapi.WhoAmIRequest) field.ErrorList {
|
||||||
|
return nil // add validation for spec here if we expand it
|
||||||
|
}
|
185
generated/1.25/apis/concierge/identity/zz_generated.deepcopy.go
generated
Normal file
185
generated/1.25/apis/concierge/identity/zz_generated.deepcopy.go
generated
Normal file
@ -0,0 +1,185 @@
|
|||||||
|
//go:build !ignore_autogenerated
|
||||||
|
// +build !ignore_autogenerated
|
||||||
|
|
||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by deepcopy-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
package identity
|
||||||
|
|
||||||
|
import (
|
||||||
|
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in ExtraValue) DeepCopyInto(out *ExtraValue) {
|
||||||
|
{
|
||||||
|
in := &in
|
||||||
|
*out = make(ExtraValue, len(*in))
|
||||||
|
copy(*out, *in)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue.
|
||||||
|
func (in ExtraValue) DeepCopy() ExtraValue {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(ExtraValue)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return *out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *KubernetesUserInfo) DeepCopyInto(out *KubernetesUserInfo) {
|
||||||
|
*out = *in
|
||||||
|
in.User.DeepCopyInto(&out.User)
|
||||||
|
if in.Audiences != nil {
|
||||||
|
in, out := &in.Audiences, &out.Audiences
|
||||||
|
*out = make([]string, len(*in))
|
||||||
|
copy(*out, *in)
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesUserInfo.
|
||||||
|
func (in *KubernetesUserInfo) DeepCopy() *KubernetesUserInfo {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(KubernetesUserInfo)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *UserInfo) DeepCopyInto(out *UserInfo) {
|
||||||
|
*out = *in
|
||||||
|
if in.Groups != nil {
|
||||||
|
in, out := &in.Groups, &out.Groups
|
||||||
|
*out = make([]string, len(*in))
|
||||||
|
copy(*out, *in)
|
||||||
|
}
|
||||||
|
if in.Extra != nil {
|
||||||
|
in, out := &in.Extra, &out.Extra
|
||||||
|
*out = make(map[string]ExtraValue, len(*in))
|
||||||
|
for key, val := range *in {
|
||||||
|
var outVal []string
|
||||||
|
if val == nil {
|
||||||
|
(*out)[key] = nil
|
||||||
|
} else {
|
||||||
|
in, out := &val, &outVal
|
||||||
|
*out = make(ExtraValue, len(*in))
|
||||||
|
copy(*out, *in)
|
||||||
|
}
|
||||||
|
(*out)[key] = outVal
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInfo.
|
||||||
|
func (in *UserInfo) DeepCopy() *UserInfo {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(UserInfo)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *WhoAmIRequest) DeepCopyInto(out *WhoAmIRequest) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||||
|
out.Spec = in.Spec
|
||||||
|
in.Status.DeepCopyInto(&out.Status)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequest.
|
||||||
|
func (in *WhoAmIRequest) DeepCopy() *WhoAmIRequest {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(WhoAmIRequest)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *WhoAmIRequest) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *WhoAmIRequestList) DeepCopyInto(out *WhoAmIRequestList) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||||
|
if in.Items != nil {
|
||||||
|
in, out := &in.Items, &out.Items
|
||||||
|
*out = make([]WhoAmIRequest, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestList.
|
||||||
|
func (in *WhoAmIRequestList) DeepCopy() *WhoAmIRequestList {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(WhoAmIRequestList)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *WhoAmIRequestList) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *WhoAmIRequestSpec) DeepCopyInto(out *WhoAmIRequestSpec) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestSpec.
|
||||||
|
func (in *WhoAmIRequestSpec) DeepCopy() *WhoAmIRequestSpec {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(WhoAmIRequestSpec)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *WhoAmIRequestStatus) DeepCopyInto(out *WhoAmIRequestStatus) {
|
||||||
|
*out = *in
|
||||||
|
in.KubernetesUserInfo.DeepCopyInto(&out.KubernetesUserInfo)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhoAmIRequestStatus.
|
||||||
|
func (in *WhoAmIRequestStatus) DeepCopy() *WhoAmIRequestStatus {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(WhoAmIRequestStatus)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
8
generated/1.25/apis/concierge/login/doc.go
generated
Normal file
8
generated/1.25/apis/concierge/login/doc.go
generated
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// +k8s:deepcopy-gen=package
|
||||||
|
// +groupName=login.concierge.pinniped.dev
|
||||||
|
|
||||||
|
// Package login is the internal version of the Pinniped login API.
|
||||||
|
package login
|
38
generated/1.25/apis/concierge/login/register.go
generated
Normal file
38
generated/1.25/apis/concierge/login/register.go
generated
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package login
|
||||||
|
|
||||||
|
import (
|
||||||
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime/schema"
|
||||||
|
)
|
||||||
|
|
||||||
|
const GroupName = "login.concierge.pinniped.dev"
|
||||||
|
|
||||||
|
// SchemeGroupVersion is group version used to register these objects.
|
||||||
|
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}
|
||||||
|
|
||||||
|
// Kind takes an unqualified kind and returns back a Group qualified GroupKind.
|
||||||
|
func Kind(kind string) schema.GroupKind {
|
||||||
|
return SchemeGroupVersion.WithKind(kind).GroupKind()
|
||||||
|
}
|
||||||
|
|
||||||
|
// Resource takes an unqualified resource and returns back a Group qualified GroupResource.
|
||||||
|
func Resource(resource string) schema.GroupResource {
|
||||||
|
return SchemeGroupVersion.WithResource(resource).GroupResource()
|
||||||
|
}
|
||||||
|
|
||||||
|
var (
|
||||||
|
SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
|
||||||
|
AddToScheme = SchemeBuilder.AddToScheme
|
||||||
|
)
|
||||||
|
|
||||||
|
// Adds the list of known types to the given scheme.
|
||||||
|
func addKnownTypes(scheme *runtime.Scheme) error {
|
||||||
|
scheme.AddKnownTypes(SchemeGroupVersion,
|
||||||
|
&TokenCredentialRequest{},
|
||||||
|
&TokenCredentialRequestList{},
|
||||||
|
)
|
||||||
|
return nil
|
||||||
|
}
|
21
generated/1.25/apis/concierge/login/types_clustercred.go
generated
Normal file
21
generated/1.25/apis/concierge/login/types_clustercred.go
generated
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package login
|
||||||
|
|
||||||
|
import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
|
||||||
|
// ClusterCredential is a credential (token or certificate) which is valid on the Kubernetes cluster.
|
||||||
|
type ClusterCredential struct {
|
||||||
|
// ExpirationTimestamp indicates a time when the provided credentials expire.
|
||||||
|
ExpirationTimestamp metav1.Time
|
||||||
|
|
||||||
|
// Token is a bearer token used by the client for request authentication.
|
||||||
|
Token string
|
||||||
|
|
||||||
|
// PEM-encoded client TLS certificates (including intermediates, if any).
|
||||||
|
ClientCertificateData string
|
||||||
|
|
||||||
|
// PEM-encoded private key for the above certificate.
|
||||||
|
ClientKeyData string
|
||||||
|
}
|
47
generated/1.25/apis/concierge/login/types_token.go
generated
Normal file
47
generated/1.25/apis/concierge/login/types_token.go
generated
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package login
|
||||||
|
|
||||||
|
import (
|
||||||
|
corev1 "k8s.io/api/core/v1"
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
)
|
||||||
|
|
||||||
|
type TokenCredentialRequestSpec struct {
|
||||||
|
// Bearer token supplied with the credential request.
|
||||||
|
Token string
|
||||||
|
|
||||||
|
// Reference to an authenticator which can validate this credential request.
|
||||||
|
Authenticator corev1.TypedLocalObjectReference
|
||||||
|
}
|
||||||
|
|
||||||
|
type TokenCredentialRequestStatus struct {
|
||||||
|
// A ClusterCredential will be returned for a successful credential request.
|
||||||
|
// +optional
|
||||||
|
Credential *ClusterCredential
|
||||||
|
|
||||||
|
// An error message will be returned for an unsuccessful credential request.
|
||||||
|
// +optional
|
||||||
|
Message *string
|
||||||
|
}
|
||||||
|
|
||||||
|
// TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential.
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
type TokenCredentialRequest struct {
|
||||||
|
metav1.TypeMeta
|
||||||
|
metav1.ObjectMeta
|
||||||
|
|
||||||
|
Spec TokenCredentialRequestSpec
|
||||||
|
Status TokenCredentialRequestStatus
|
||||||
|
}
|
||||||
|
|
||||||
|
// TokenCredentialRequestList is a list of TokenCredentialRequest objects.
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
type TokenCredentialRequestList struct {
|
||||||
|
metav1.TypeMeta
|
||||||
|
metav1.ListMeta
|
||||||
|
|
||||||
|
// Items is a list of TokenCredentialRequest
|
||||||
|
Items []TokenCredentialRequest
|
||||||
|
}
|
4
generated/1.25/apis/concierge/login/v1alpha1/conversion.go
generated
Normal file
4
generated/1.25/apis/concierge/login/v1alpha1/conversion.go
generated
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
12
generated/1.25/apis/concierge/login/v1alpha1/defaults.go
generated
Normal file
12
generated/1.25/apis/concierge/login/v1alpha1/defaults.go
generated
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
func addDefaultingFuncs(scheme *runtime.Scheme) error {
|
||||||
|
return RegisterDefaults(scheme)
|
||||||
|
}
|
11
generated/1.25/apis/concierge/login/v1alpha1/doc.go
generated
Normal file
11
generated/1.25/apis/concierge/login/v1alpha1/doc.go
generated
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// +k8s:openapi-gen=true
|
||||||
|
// +k8s:deepcopy-gen=package
|
||||||
|
// +k8s:conversion-gen=go.pinniped.dev/generated/1.25/apis/concierge/login
|
||||||
|
// +k8s:defaulter-gen=TypeMeta
|
||||||
|
// +groupName=login.concierge.pinniped.dev
|
||||||
|
|
||||||
|
// Package v1alpha1 is the v1alpha1 version of the Pinniped login API.
|
||||||
|
package v1alpha1
|
43
generated/1.25/apis/concierge/login/v1alpha1/register.go
generated
Normal file
43
generated/1.25/apis/concierge/login/v1alpha1/register.go
generated
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime/schema"
|
||||||
|
)
|
||||||
|
|
||||||
|
const GroupName = "login.concierge.pinniped.dev"
|
||||||
|
|
||||||
|
// SchemeGroupVersion is group version used to register these objects.
|
||||||
|
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
|
||||||
|
|
||||||
|
var (
|
||||||
|
SchemeBuilder runtime.SchemeBuilder
|
||||||
|
localSchemeBuilder = &SchemeBuilder
|
||||||
|
AddToScheme = localSchemeBuilder.AddToScheme
|
||||||
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
// We only register manually written functions here. The registration of the
|
||||||
|
// generated functions takes place in the generated files. The separation
|
||||||
|
// makes the code compile even when the generated files are missing.
|
||||||
|
localSchemeBuilder.Register(addKnownTypes, addDefaultingFuncs)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Adds the list of known types to the given scheme.
|
||||||
|
func addKnownTypes(scheme *runtime.Scheme) error {
|
||||||
|
scheme.AddKnownTypes(SchemeGroupVersion,
|
||||||
|
&TokenCredentialRequest{},
|
||||||
|
&TokenCredentialRequestList{},
|
||||||
|
)
|
||||||
|
metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Resource takes an unqualified resource and returns a Group qualified GroupResource.
|
||||||
|
func Resource(resource string) schema.GroupResource {
|
||||||
|
return SchemeGroupVersion.WithResource(resource).GroupResource()
|
||||||
|
}
|
22
generated/1.25/apis/concierge/login/v1alpha1/types_clustercred.go
generated
Normal file
22
generated/1.25/apis/concierge/login/v1alpha1/types_clustercred.go
generated
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
|
||||||
|
// ClusterCredential is the cluster-specific credential returned on a successful credential request. It
|
||||||
|
// contains either a valid bearer token or a valid TLS certificate and corresponding private key for the cluster.
|
||||||
|
type ClusterCredential struct {
|
||||||
|
// ExpirationTimestamp indicates a time when the provided credentials expire.
|
||||||
|
ExpirationTimestamp metav1.Time `json:"expirationTimestamp,omitempty"`
|
||||||
|
|
||||||
|
// Token is a bearer token used by the client for request authentication.
|
||||||
|
Token string `json:"token,omitempty"`
|
||||||
|
|
||||||
|
// PEM-encoded client TLS certificates (including intermediates, if any).
|
||||||
|
ClientCertificateData string `json:"clientCertificateData,omitempty"`
|
||||||
|
|
||||||
|
// PEM-encoded private key for the above certificate.
|
||||||
|
ClientKeyData string `json:"clientKeyData,omitempty"`
|
||||||
|
}
|
51
generated/1.25/apis/concierge/login/v1alpha1/types_token.go
generated
Normal file
51
generated/1.25/apis/concierge/login/v1alpha1/types_token.go
generated
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
corev1 "k8s.io/api/core/v1"
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
)
|
||||||
|
|
||||||
|
// TokenCredentialRequestSpec is the specification of a TokenCredentialRequest, expected on requests to the Pinniped API.
|
||||||
|
type TokenCredentialRequestSpec struct {
|
||||||
|
// Bearer token supplied with the credential request.
|
||||||
|
Token string `json:"token,omitempty"`
|
||||||
|
|
||||||
|
// Reference to an authenticator which can validate this credential request.
|
||||||
|
Authenticator corev1.TypedLocalObjectReference `json:"authenticator"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API.
|
||||||
|
type TokenCredentialRequestStatus struct {
|
||||||
|
// A Credential will be returned for a successful credential request.
|
||||||
|
// +optional
|
||||||
|
Credential *ClusterCredential `json:"credential,omitempty"`
|
||||||
|
|
||||||
|
// An error message will be returned for an unsuccessful credential request.
|
||||||
|
// +optional
|
||||||
|
Message *string `json:"message,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// TokenCredentialRequest submits an IDP-specific credential to Pinniped in exchange for a cluster-specific credential.
|
||||||
|
// +genclient
|
||||||
|
// +genclient:nonNamespaced
|
||||||
|
// +genclient:onlyVerbs=create
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
type TokenCredentialRequest struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
Spec TokenCredentialRequestSpec `json:"spec,omitempty"`
|
||||||
|
Status TokenCredentialRequestStatus `json:"status,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// TokenCredentialRequestList is a list of TokenCredentialRequest objects.
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
type TokenCredentialRequestList struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ListMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
Items []TokenCredentialRequest `json:"items"`
|
||||||
|
}
|
201
generated/1.25/apis/concierge/login/v1alpha1/zz_generated.conversion.go
generated
Normal file
201
generated/1.25/apis/concierge/login/v1alpha1/zz_generated.conversion.go
generated
Normal file
@ -0,0 +1,201 @@
|
|||||||
|
//go:build !ignore_autogenerated
|
||||||
|
// +build !ignore_autogenerated
|
||||||
|
|
||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by conversion-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
unsafe "unsafe"
|
||||||
|
|
||||||
|
login "go.pinniped.dev/generated/1.25/apis/concierge/login"
|
||||||
|
conversion "k8s.io/apimachinery/pkg/conversion"
|
||||||
|
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
localSchemeBuilder.Register(RegisterConversions)
|
||||||
|
}
|
||||||
|
|
||||||
|
// RegisterConversions adds conversion functions to the given scheme.
|
||||||
|
// Public to allow building arbitrary schemes.
|
||||||
|
func RegisterConversions(s *runtime.Scheme) error {
|
||||||
|
if err := s.AddGeneratedConversionFunc((*ClusterCredential)(nil), (*login.ClusterCredential)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential(a.(*ClusterCredential), b.(*login.ClusterCredential), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*login.ClusterCredential)(nil), (*ClusterCredential)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential(a.(*login.ClusterCredential), b.(*ClusterCredential), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*TokenCredentialRequest)(nil), (*login.TokenCredentialRequest)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(a.(*TokenCredentialRequest), b.(*login.TokenCredentialRequest), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequest)(nil), (*TokenCredentialRequest)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(a.(*login.TokenCredentialRequest), b.(*TokenCredentialRequest), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestList)(nil), (*login.TokenCredentialRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(a.(*TokenCredentialRequestList), b.(*login.TokenCredentialRequestList), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestList)(nil), (*TokenCredentialRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(a.(*login.TokenCredentialRequestList), b.(*TokenCredentialRequestList), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestSpec)(nil), (*login.TokenCredentialRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(a.(*TokenCredentialRequestSpec), b.(*login.TokenCredentialRequestSpec), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestSpec)(nil), (*TokenCredentialRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(a.(*login.TokenCredentialRequestSpec), b.(*TokenCredentialRequestSpec), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*TokenCredentialRequestStatus)(nil), (*login.TokenCredentialRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(a.(*TokenCredentialRequestStatus), b.(*login.TokenCredentialRequestStatus), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := s.AddGeneratedConversionFunc((*login.TokenCredentialRequestStatus)(nil), (*TokenCredentialRequestStatus)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||||
|
return Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(a.(*login.TokenCredentialRequestStatus), b.(*TokenCredentialRequestStatus), scope)
|
||||||
|
}); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in *ClusterCredential, out *login.ClusterCredential, s conversion.Scope) error {
|
||||||
|
out.ExpirationTimestamp = in.ExpirationTimestamp
|
||||||
|
out.Token = in.Token
|
||||||
|
out.ClientCertificateData = in.ClientCertificateData
|
||||||
|
out.ClientKeyData = in.ClientKeyData
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential is an autogenerated conversion function.
|
||||||
|
func Convert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in *ClusterCredential, out *login.ClusterCredential, s conversion.Scope) error {
|
||||||
|
return autoConvert_v1alpha1_ClusterCredential_To_login_ClusterCredential(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in *login.ClusterCredential, out *ClusterCredential, s conversion.Scope) error {
|
||||||
|
out.ExpirationTimestamp = in.ExpirationTimestamp
|
||||||
|
out.Token = in.Token
|
||||||
|
out.ClientCertificateData = in.ClientCertificateData
|
||||||
|
out.ClientKeyData = in.ClientKeyData
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential is an autogenerated conversion function.
|
||||||
|
func Convert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in *login.ClusterCredential, out *ClusterCredential, s conversion.Scope) error {
|
||||||
|
return autoConvert_login_ClusterCredential_To_v1alpha1_ClusterCredential(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in *TokenCredentialRequest, out *login.TokenCredentialRequest, s conversion.Scope) error {
|
||||||
|
out.ObjectMeta = in.ObjectMeta
|
||||||
|
if err := Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(&in.Spec, &out.Spec, s); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(&in.Status, &out.Status, s); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest is an autogenerated conversion function.
|
||||||
|
func Convert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in *TokenCredentialRequest, out *login.TokenCredentialRequest, s conversion.Scope) error {
|
||||||
|
return autoConvert_v1alpha1_TokenCredentialRequest_To_login_TokenCredentialRequest(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in *login.TokenCredentialRequest, out *TokenCredentialRequest, s conversion.Scope) error {
|
||||||
|
out.ObjectMeta = in.ObjectMeta
|
||||||
|
if err := Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(&in.Spec, &out.Spec, s); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(&in.Status, &out.Status, s); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest is an autogenerated conversion function.
|
||||||
|
func Convert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in *login.TokenCredentialRequest, out *TokenCredentialRequest, s conversion.Scope) error {
|
||||||
|
return autoConvert_login_TokenCredentialRequest_To_v1alpha1_TokenCredentialRequest(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in *TokenCredentialRequestList, out *login.TokenCredentialRequestList, s conversion.Scope) error {
|
||||||
|
out.ListMeta = in.ListMeta
|
||||||
|
out.Items = *(*[]login.TokenCredentialRequest)(unsafe.Pointer(&in.Items))
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList is an autogenerated conversion function.
|
||||||
|
func Convert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in *TokenCredentialRequestList, out *login.TokenCredentialRequestList, s conversion.Scope) error {
|
||||||
|
return autoConvert_v1alpha1_TokenCredentialRequestList_To_login_TokenCredentialRequestList(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in *login.TokenCredentialRequestList, out *TokenCredentialRequestList, s conversion.Scope) error {
|
||||||
|
out.ListMeta = in.ListMeta
|
||||||
|
out.Items = *(*[]TokenCredentialRequest)(unsafe.Pointer(&in.Items))
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList is an autogenerated conversion function.
|
||||||
|
func Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in *login.TokenCredentialRequestList, out *TokenCredentialRequestList, s conversion.Scope) error {
|
||||||
|
return autoConvert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequestList(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error {
|
||||||
|
out.Token = in.Token
|
||||||
|
out.Authenticator = in.Authenticator
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec is an autogenerated conversion function.
|
||||||
|
func Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error {
|
||||||
|
return autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error {
|
||||||
|
out.Token = in.Token
|
||||||
|
out.Authenticator = in.Authenticator
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec is an autogenerated conversion function.
|
||||||
|
func Convert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error {
|
||||||
|
return autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in *TokenCredentialRequestStatus, out *login.TokenCredentialRequestStatus, s conversion.Scope) error {
|
||||||
|
out.Credential = (*login.ClusterCredential)(unsafe.Pointer(in.Credential))
|
||||||
|
out.Message = (*string)(unsafe.Pointer(in.Message))
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus is an autogenerated conversion function.
|
||||||
|
func Convert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in *TokenCredentialRequestStatus, out *login.TokenCredentialRequestStatus, s conversion.Scope) error {
|
||||||
|
return autoConvert_v1alpha1_TokenCredentialRequestStatus_To_login_TokenCredentialRequestStatus(in, out, s)
|
||||||
|
}
|
||||||
|
|
||||||
|
func autoConvert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in *login.TokenCredentialRequestStatus, out *TokenCredentialRequestStatus, s conversion.Scope) error {
|
||||||
|
out.Credential = (*ClusterCredential)(unsafe.Pointer(in.Credential))
|
||||||
|
out.Message = (*string)(unsafe.Pointer(in.Message))
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus is an autogenerated conversion function.
|
||||||
|
func Convert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in *login.TokenCredentialRequestStatus, out *TokenCredentialRequestStatus, s conversion.Scope) error {
|
||||||
|
return autoConvert_login_TokenCredentialRequestStatus_To_v1alpha1_TokenCredentialRequestStatus(in, out, s)
|
||||||
|
}
|
134
generated/1.25/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go
generated
Normal file
134
generated/1.25/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go
generated
Normal file
@ -0,0 +1,134 @@
|
|||||||
|
//go:build !ignore_autogenerated
|
||||||
|
// +build !ignore_autogenerated
|
||||||
|
|
||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by deepcopy-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *ClusterCredential) DeepCopyInto(out *ClusterCredential) {
|
||||||
|
*out = *in
|
||||||
|
in.ExpirationTimestamp.DeepCopyInto(&out.ExpirationTimestamp)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCredential.
|
||||||
|
func (in *ClusterCredential) DeepCopy() *ClusterCredential {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(ClusterCredential)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *TokenCredentialRequest) DeepCopyInto(out *TokenCredentialRequest) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||||
|
in.Spec.DeepCopyInto(&out.Spec)
|
||||||
|
in.Status.DeepCopyInto(&out.Status)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequest.
|
||||||
|
func (in *TokenCredentialRequest) DeepCopy() *TokenCredentialRequest {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(TokenCredentialRequest)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *TokenCredentialRequest) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *TokenCredentialRequestList) DeepCopyInto(out *TokenCredentialRequestList) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||||
|
if in.Items != nil {
|
||||||
|
in, out := &in.Items, &out.Items
|
||||||
|
*out = make([]TokenCredentialRequest, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestList.
|
||||||
|
func (in *TokenCredentialRequestList) DeepCopy() *TokenCredentialRequestList {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(TokenCredentialRequestList)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) {
|
||||||
|
*out = *in
|
||||||
|
in.Authenticator.DeepCopyInto(&out.Authenticator)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestSpec.
|
||||||
|
func (in *TokenCredentialRequestSpec) DeepCopy() *TokenCredentialRequestSpec {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(TokenCredentialRequestSpec)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *TokenCredentialRequestStatus) DeepCopyInto(out *TokenCredentialRequestStatus) {
|
||||||
|
*out = *in
|
||||||
|
if in.Credential != nil {
|
||||||
|
in, out := &in.Credential, &out.Credential
|
||||||
|
*out = new(ClusterCredential)
|
||||||
|
(*in).DeepCopyInto(*out)
|
||||||
|
}
|
||||||
|
if in.Message != nil {
|
||||||
|
in, out := &in.Message, &out.Message
|
||||||
|
*out = new(string)
|
||||||
|
**out = **in
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestStatus.
|
||||||
|
func (in *TokenCredentialRequestStatus) DeepCopy() *TokenCredentialRequestStatus {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(TokenCredentialRequestStatus)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
20
generated/1.25/apis/concierge/login/v1alpha1/zz_generated.defaults.go
generated
Normal file
20
generated/1.25/apis/concierge/login/v1alpha1/zz_generated.defaults.go
generated
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
//go:build !ignore_autogenerated
|
||||||
|
// +build !ignore_autogenerated
|
||||||
|
|
||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by defaulter-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
// RegisterDefaults adds defaulters functions to the given scheme.
|
||||||
|
// Public to allow building arbitrary schemes.
|
||||||
|
// All generated defaulters are covering - they call all nested defaulters.
|
||||||
|
func RegisterDefaults(scheme *runtime.Scheme) error {
|
||||||
|
return nil
|
||||||
|
}
|
134
generated/1.25/apis/concierge/login/zz_generated.deepcopy.go
generated
Normal file
134
generated/1.25/apis/concierge/login/zz_generated.deepcopy.go
generated
Normal file
@ -0,0 +1,134 @@
|
|||||||
|
//go:build !ignore_autogenerated
|
||||||
|
// +build !ignore_autogenerated
|
||||||
|
|
||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by deepcopy-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
package login
|
||||||
|
|
||||||
|
import (
|
||||||
|
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *ClusterCredential) DeepCopyInto(out *ClusterCredential) {
|
||||||
|
*out = *in
|
||||||
|
in.ExpirationTimestamp.DeepCopyInto(&out.ExpirationTimestamp)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCredential.
|
||||||
|
func (in *ClusterCredential) DeepCopy() *ClusterCredential {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(ClusterCredential)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *TokenCredentialRequest) DeepCopyInto(out *TokenCredentialRequest) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||||
|
in.Spec.DeepCopyInto(&out.Spec)
|
||||||
|
in.Status.DeepCopyInto(&out.Status)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequest.
|
||||||
|
func (in *TokenCredentialRequest) DeepCopy() *TokenCredentialRequest {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(TokenCredentialRequest)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *TokenCredentialRequest) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *TokenCredentialRequestList) DeepCopyInto(out *TokenCredentialRequestList) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||||
|
if in.Items != nil {
|
||||||
|
in, out := &in.Items, &out.Items
|
||||||
|
*out = make([]TokenCredentialRequest, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestList.
|
||||||
|
func (in *TokenCredentialRequestList) DeepCopy() *TokenCredentialRequestList {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(TokenCredentialRequestList)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) {
|
||||||
|
*out = *in
|
||||||
|
in.Authenticator.DeepCopyInto(&out.Authenticator)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestSpec.
|
||||||
|
func (in *TokenCredentialRequestSpec) DeepCopy() *TokenCredentialRequestSpec {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(TokenCredentialRequestSpec)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *TokenCredentialRequestStatus) DeepCopyInto(out *TokenCredentialRequestStatus) {
|
||||||
|
*out = *in
|
||||||
|
if in.Credential != nil {
|
||||||
|
in, out := &in.Credential, &out.Credential
|
||||||
|
*out = new(ClusterCredential)
|
||||||
|
(*in).DeepCopyInto(*out)
|
||||||
|
}
|
||||||
|
if in.Message != nil {
|
||||||
|
in, out := &in.Message, &out.Message
|
||||||
|
*out = new(string)
|
||||||
|
**out = **in
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenCredentialRequestStatus.
|
||||||
|
func (in *TokenCredentialRequestStatus) DeepCopy() *TokenCredentialRequestStatus {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(TokenCredentialRequestStatus)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
9
generated/1.25/apis/go.mod
generated
Normal file
9
generated/1.25/apis/go.mod
generated
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
// This go.mod file is generated by ./hack/codegen.sh.
|
||||||
|
module go.pinniped.dev/generated/1.25/apis
|
||||||
|
|
||||||
|
go 1.13
|
||||||
|
|
||||||
|
require (
|
||||||
|
k8s.io/api v0.25.0
|
||||||
|
k8s.io/apimachinery v0.25.0
|
||||||
|
)
|
259
generated/1.25/apis/go.sum
generated
Normal file
259
generated/1.25/apis/go.sum
generated
Normal file
@ -0,0 +1,259 @@
|
|||||||
|
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
|
||||||
|
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
||||||
|
github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
|
||||||
|
github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
|
||||||
|
github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
|
||||||
|
github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
|
||||||
|
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
|
||||||
|
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
||||||
|
github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
|
||||||
|
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
|
||||||
|
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
|
||||||
|
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
|
||||||
|
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
|
||||||
|
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
|
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||||
|
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
|
github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
|
||||||
|
github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc=
|
||||||
|
github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
|
||||||
|
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
|
||||||
|
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
|
||||||
|
github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
|
||||||
|
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
|
||||||
|
github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
|
||||||
|
github.com/getkin/kin-openapi v0.76.0/go.mod h1:660oXbgy5JFMKreazJaQTw7o+X00qeSyhcnluiMv+Xg=
|
||||||
|
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
|
||||||
|
github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas=
|
||||||
|
github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU=
|
||||||
|
github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
|
||||||
|
github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0=
|
||||||
|
github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
|
||||||
|
github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
|
||||||
|
github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
|
||||||
|
github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8=
|
||||||
|
github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
|
||||||
|
github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
|
||||||
|
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
|
||||||
|
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
|
||||||
|
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
|
||||||
|
github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
|
||||||
|
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||||
|
github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||||
|
github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
|
||||||
|
github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
|
||||||
|
github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
|
||||||
|
github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
|
||||||
|
github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
|
||||||
|
github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
|
||||||
|
github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
|
||||||
|
github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
|
||||||
|
github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
|
||||||
|
github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ=
|
||||||
|
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
|
||||||
|
github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
|
||||||
|
github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
|
||||||
|
github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||||
|
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||||
|
github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ=
|
||||||
|
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||||
|
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
||||||
|
github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g=
|
||||||
|
github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
||||||
|
github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
|
||||||
|
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||||
|
github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
|
||||||
|
github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
|
||||||
|
github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
|
||||||
|
github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
|
||||||
|
github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
|
||||||
|
github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
|
||||||
|
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
|
||||||
|
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
|
||||||
|
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
|
||||||
|
github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
|
||||||
|
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||||
|
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||||
|
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
|
||||||
|
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
|
||||||
|
github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
|
||||||
|
github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
|
||||||
|
github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
|
||||||
|
github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c=
|
||||||
|
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
|
||||||
|
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
|
||||||
|
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
|
||||||
|
github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
|
||||||
|
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
|
||||||
|
github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
|
||||||
|
github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw=
|
||||||
|
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs=
|
||||||
|
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
|
||||||
|
github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
|
||||||
|
github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
|
||||||
|
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
|
||||||
|
github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
|
||||||
|
github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0=
|
||||||
|
github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c=
|
||||||
|
github.com/onsi/ginkgo/v2 v2.1.4/go.mod h1:um6tUpWM/cxCK3/FK8BXqEiUMUwRgSM4JXG47RKZmLU=
|
||||||
|
github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
|
||||||
|
github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
|
||||||
|
github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY=
|
||||||
|
github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro=
|
||||||
|
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||||
|
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||||
|
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||||
|
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
|
||||||
|
github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
|
||||||
|
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
|
||||||
|
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
|
||||||
|
github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8=
|
||||||
|
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
|
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
|
||||||
|
github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
|
||||||
|
github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
|
||||||
|
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||||
|
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||||
|
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||||
|
github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
|
||||||
|
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||||
|
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||||
|
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||||
|
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||||
|
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||||
|
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
||||||
|
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
|
||||||
|
golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
||||||
|
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||||
|
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||||
|
golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY=
|
||||||
|
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
|
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
|
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
|
golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
|
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||||
|
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||||
|
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
|
golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
|
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
|
golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
|
||||||
|
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
|
||||||
|
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
|
||||||
|
golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
|
||||||
|
golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||||
|
golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
|
||||||
|
golang.org/x/net v0.0.0-20220722155237-a158d28d115b h1:PxfKdU9lEEDYjdIzOtC4qFWgkU2rGHdKlKowJSMN9h0=
|
||||||
|
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
||||||
|
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||||
|
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
|
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
|
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
|
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||||
|
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||||
|
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
|
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
|
||||||
|
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||||
|
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||||
|
golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
|
||||||
|
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
||||||
|
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
|
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
|
golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
|
||||||
|
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||||
|
golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
|
||||||
|
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
|
golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
|
||||||
|
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
|
||||||
|
golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
|
||||||
|
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
|
||||||
|
golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E=
|
||||||
|
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
|
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
|
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
|
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
|
||||||
|
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
|
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
|
||||||
|
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
|
||||||
|
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
|
||||||
|
google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
|
||||||
|
google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
|
||||||
|
google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
||||||
|
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
|
||||||
|
google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
|
||||||
|
google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
|
||||||
|
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
|
||||||
|
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
|
||||||
|
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
|
||||||
|
google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
|
||||||
|
google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
|
||||||
|
google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
|
||||||
|
google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
|
||||||
|
google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
|
||||||
|
google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
|
||||||
|
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
|
||||||
|
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
|
||||||
|
google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
|
||||||
|
google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
|
||||||
|
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
|
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
|
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
|
gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU=
|
||||||
|
gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
|
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
|
||||||
|
gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
|
||||||
|
gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
|
||||||
|
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
|
||||||
|
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
|
gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
|
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
|
gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
|
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
|
||||||
|
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
|
||||||
|
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
|
gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
|
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
|
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||||
|
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
|
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
|
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
|
k8s.io/api v0.25.0 h1:H+Q4ma2U/ww0iGB78ijZx6DRByPz6/733jIuFpX70e0=
|
||||||
|
k8s.io/api v0.25.0/go.mod h1:ttceV1GyV1i1rnmvzT3BST08N6nGt+dudGrquzVQWPk=
|
||||||
|
k8s.io/apimachinery v0.25.0 h1:MlP0r6+3XbkUG2itd6vp3oxbtdQLQI94fD5gCS+gnoU=
|
||||||
|
k8s.io/apimachinery v0.25.0/go.mod h1:qMx9eAk0sZQGsXGu86fab8tZdffHbwUfsvzqKn4mfB0=
|
||||||
|
k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
|
||||||
|
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
|
||||||
|
k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
|
||||||
|
k8s.io/klog/v2 v2.70.1 h1:7aaoSdahviPmR+XkS7FyxlkkXs6tHISSG03RxleQAVQ=
|
||||||
|
k8s.io/klog/v2 v2.70.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
|
||||||
|
k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1/go.mod h1:C/N6wCaBHeBHkHUesQOQy2/MZqGgMAFPqGsGQLdbZBU=
|
||||||
|
k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
|
||||||
|
k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed h1:jAne/RjBTyawwAy0utX5eqigAwz/lQhTmy+Hr/Cpue4=
|
||||||
|
k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
|
||||||
|
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k=
|
||||||
|
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
|
||||||
|
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE=
|
||||||
|
sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E=
|
||||||
|
sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q=
|
||||||
|
sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc=
|
11
generated/1.25/apis/supervisor/config/v1alpha1/doc.go
generated
Normal file
11
generated/1.25/apis/supervisor/config/v1alpha1/doc.go
generated
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// +k8s:openapi-gen=true
|
||||||
|
// +k8s:deepcopy-gen=package
|
||||||
|
// +k8s:conversion-gen=go.pinniped.dev/generated/1.25/apis/supervisor/config
|
||||||
|
// +k8s:defaulter-gen=TypeMeta
|
||||||
|
// +groupName=config.supervisor.pinniped.dev
|
||||||
|
|
||||||
|
// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor configuration API.
|
||||||
|
package v1alpha1
|
43
generated/1.25/apis/supervisor/config/v1alpha1/register.go
generated
Normal file
43
generated/1.25/apis/supervisor/config/v1alpha1/register.go
generated
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime/schema"
|
||||||
|
)
|
||||||
|
|
||||||
|
const GroupName = "config.supervisor.pinniped.dev"
|
||||||
|
|
||||||
|
// SchemeGroupVersion is group version used to register these objects.
|
||||||
|
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
|
||||||
|
|
||||||
|
var (
|
||||||
|
SchemeBuilder runtime.SchemeBuilder
|
||||||
|
localSchemeBuilder = &SchemeBuilder
|
||||||
|
AddToScheme = localSchemeBuilder.AddToScheme
|
||||||
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
// We only register manually written functions here. The registration of the
|
||||||
|
// generated functions takes place in the generated files. The separation
|
||||||
|
// makes the code compile even when the generated files are missing.
|
||||||
|
localSchemeBuilder.Register(addKnownTypes)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Adds the list of known types to the given scheme.
|
||||||
|
func addKnownTypes(scheme *runtime.Scheme) error {
|
||||||
|
scheme.AddKnownTypes(SchemeGroupVersion,
|
||||||
|
&FederationDomain{},
|
||||||
|
&FederationDomainList{},
|
||||||
|
)
|
||||||
|
metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Resource takes an unqualified resource and returns a Group qualified GroupResource.
|
||||||
|
func Resource(resource string) schema.GroupResource {
|
||||||
|
return SchemeGroupVersion.WithResource(resource).GroupResource()
|
||||||
|
}
|
135
generated/1.25/apis/supervisor/config/v1alpha1/types_federationdomain.go
generated
Normal file
135
generated/1.25/apis/supervisor/config/v1alpha1/types_federationdomain.go
generated
Normal file
@ -0,0 +1,135 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
corev1 "k8s.io/api/core/v1"
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
)
|
||||||
|
|
||||||
|
// +kubebuilder:validation:Enum=Success;Duplicate;Invalid;SameIssuerHostMustUseSameSecret
|
||||||
|
type FederationDomainStatusCondition string
|
||||||
|
|
||||||
|
const (
|
||||||
|
SuccessFederationDomainStatusCondition = FederationDomainStatusCondition("Success")
|
||||||
|
DuplicateFederationDomainStatusCondition = FederationDomainStatusCondition("Duplicate")
|
||||||
|
SameIssuerHostMustUseSameSecretFederationDomainStatusCondition = FederationDomainStatusCondition("SameIssuerHostMustUseSameSecret")
|
||||||
|
InvalidFederationDomainStatusCondition = FederationDomainStatusCondition("Invalid")
|
||||||
|
)
|
||||||
|
|
||||||
|
// FederationDomainTLSSpec is a struct that describes the TLS configuration for an OIDC Provider.
|
||||||
|
type FederationDomainTLSSpec struct {
|
||||||
|
// SecretName is an optional name of a Secret in the same namespace, of type `kubernetes.io/tls`, which contains
|
||||||
|
// the TLS serving certificate for the HTTPS endpoints served by this FederationDomain. When provided, the TLS Secret
|
||||||
|
// named here must contain keys named `tls.crt` and `tls.key` that contain the certificate and private key to use
|
||||||
|
// for TLS.
|
||||||
|
//
|
||||||
|
// Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) supported by all major browsers.
|
||||||
|
//
|
||||||
|
// SecretName is required if you would like to use different TLS certificates for issuers of different hostnames.
|
||||||
|
// SNI requests do not include port numbers, so all issuers with the same DNS hostname must use the same
|
||||||
|
// SecretName value even if they have different port numbers.
|
||||||
|
//
|
||||||
|
// SecretName is not required when you would like to use only the HTTP endpoints (e.g. when the HTTP listener is
|
||||||
|
// configured to listen on loopback interfaces or UNIX domain sockets for traffic from a service mesh sidecar).
|
||||||
|
// It is also not required when you would like all requests to this OIDC Provider's HTTPS endpoints to
|
||||||
|
// use the default TLS certificate, which is configured elsewhere.
|
||||||
|
//
|
||||||
|
// When your Issuer URL's host is an IP address, then this field is ignored. SNI does not work for IP addresses.
|
||||||
|
//
|
||||||
|
// +optional
|
||||||
|
SecretName string `json:"secretName,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// FederationDomainSpec is a struct that describes an OIDC Provider.
|
||||||
|
type FederationDomainSpec struct {
|
||||||
|
// Issuer is the OIDC Provider's issuer, per the OIDC Discovery Metadata document, as well as the
|
||||||
|
// identifier that it will use for the iss claim in issued JWTs. This field will also be used as
|
||||||
|
// the base URL for any endpoints used by the OIDC Provider (e.g., if your issuer is
|
||||||
|
// https://example.com/foo, then your authorization endpoint will look like
|
||||||
|
// https://example.com/foo/some/path/to/auth/endpoint).
|
||||||
|
//
|
||||||
|
// See
|
||||||
|
// https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3 for more information.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
Issuer string `json:"issuer"`
|
||||||
|
|
||||||
|
// TLS configures how this FederationDomain is served over Transport Layer Security (TLS).
|
||||||
|
// +optional
|
||||||
|
TLS *FederationDomainTLSSpec `json:"tls,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// FederationDomainSecrets holds information about this OIDC Provider's secrets.
|
||||||
|
type FederationDomainSecrets struct {
|
||||||
|
// JWKS holds the name of the corev1.Secret in which this OIDC Provider's signing/verification keys are
|
||||||
|
// stored. If it is empty, then the signing/verification keys are either unknown or they don't
|
||||||
|
// exist.
|
||||||
|
// +optional
|
||||||
|
JWKS corev1.LocalObjectReference `json:"jwks,omitempty"`
|
||||||
|
|
||||||
|
// TokenSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for
|
||||||
|
// signing tokens is stored.
|
||||||
|
// +optional
|
||||||
|
TokenSigningKey corev1.LocalObjectReference `json:"tokenSigningKey,omitempty"`
|
||||||
|
|
||||||
|
// StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for
|
||||||
|
// signing state parameters is stored.
|
||||||
|
// +optional
|
||||||
|
StateSigningKey corev1.LocalObjectReference `json:"stateSigningKey,omitempty"`
|
||||||
|
|
||||||
|
// StateSigningKey holds the name of the corev1.Secret in which this OIDC Provider's key for
|
||||||
|
// encrypting state parameters is stored.
|
||||||
|
// +optional
|
||||||
|
StateEncryptionKey corev1.LocalObjectReference `json:"stateEncryptionKey,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// FederationDomainStatus is a struct that describes the actual state of an OIDC Provider.
|
||||||
|
type FederationDomainStatus struct {
|
||||||
|
// Status holds an enum that describes the state of this OIDC Provider. Note that this Status can
|
||||||
|
// represent success or failure.
|
||||||
|
// +optional
|
||||||
|
Status FederationDomainStatusCondition `json:"status,omitempty"`
|
||||||
|
|
||||||
|
// Message provides human-readable details about the Status.
|
||||||
|
// +optional
|
||||||
|
Message string `json:"message,omitempty"`
|
||||||
|
|
||||||
|
// LastUpdateTime holds the time at which the Status was last updated. It is a pointer to get
|
||||||
|
// around some undesirable behavior with respect to the empty metav1.Time value (see
|
||||||
|
// https://github.com/kubernetes/kubernetes/issues/86811).
|
||||||
|
// +optional
|
||||||
|
LastUpdateTime *metav1.Time `json:"lastUpdateTime,omitempty"`
|
||||||
|
|
||||||
|
// Secrets contains information about this OIDC Provider's secrets.
|
||||||
|
// +optional
|
||||||
|
Secrets FederationDomainSecrets `json:"secrets,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// FederationDomain describes the configuration of an OIDC provider.
|
||||||
|
// +genclient
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
// +kubebuilder:resource:categories=pinniped
|
||||||
|
// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer`
|
||||||
|
// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.status`
|
||||||
|
// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`
|
||||||
|
// +kubebuilder:subresource:status
|
||||||
|
type FederationDomain struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
// Spec of the OIDC provider.
|
||||||
|
Spec FederationDomainSpec `json:"spec"`
|
||||||
|
|
||||||
|
// Status of the OIDC provider.
|
||||||
|
Status FederationDomainStatus `json:"status,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// List of FederationDomain objects.
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
type FederationDomainList struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ListMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
Items []FederationDomain `json:"items"`
|
||||||
|
}
|
152
generated/1.25/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go
generated
Normal file
152
generated/1.25/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go
generated
Normal file
@ -0,0 +1,152 @@
|
|||||||
|
//go:build !ignore_autogenerated
|
||||||
|
// +build !ignore_autogenerated
|
||||||
|
|
||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by deepcopy-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *FederationDomain) DeepCopyInto(out *FederationDomain) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||||
|
in.Spec.DeepCopyInto(&out.Spec)
|
||||||
|
in.Status.DeepCopyInto(&out.Status)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomain.
|
||||||
|
func (in *FederationDomain) DeepCopy() *FederationDomain {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(FederationDomain)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *FederationDomain) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *FederationDomainList) DeepCopyInto(out *FederationDomainList) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||||
|
if in.Items != nil {
|
||||||
|
in, out := &in.Items, &out.Items
|
||||||
|
*out = make([]FederationDomain, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainList.
|
||||||
|
func (in *FederationDomainList) DeepCopy() *FederationDomainList {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(FederationDomainList)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *FederationDomainList) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *FederationDomainSecrets) DeepCopyInto(out *FederationDomainSecrets) {
|
||||||
|
*out = *in
|
||||||
|
out.JWKS = in.JWKS
|
||||||
|
out.TokenSigningKey = in.TokenSigningKey
|
||||||
|
out.StateSigningKey = in.StateSigningKey
|
||||||
|
out.StateEncryptionKey = in.StateEncryptionKey
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainSecrets.
|
||||||
|
func (in *FederationDomainSecrets) DeepCopy() *FederationDomainSecrets {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(FederationDomainSecrets)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *FederationDomainSpec) DeepCopyInto(out *FederationDomainSpec) {
|
||||||
|
*out = *in
|
||||||
|
if in.TLS != nil {
|
||||||
|
in, out := &in.TLS, &out.TLS
|
||||||
|
*out = new(FederationDomainTLSSpec)
|
||||||
|
**out = **in
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainSpec.
|
||||||
|
func (in *FederationDomainSpec) DeepCopy() *FederationDomainSpec {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(FederationDomainSpec)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *FederationDomainStatus) DeepCopyInto(out *FederationDomainStatus) {
|
||||||
|
*out = *in
|
||||||
|
if in.LastUpdateTime != nil {
|
||||||
|
in, out := &in.LastUpdateTime, &out.LastUpdateTime
|
||||||
|
*out = (*in).DeepCopy()
|
||||||
|
}
|
||||||
|
out.Secrets = in.Secrets
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainStatus.
|
||||||
|
func (in *FederationDomainStatus) DeepCopy() *FederationDomainStatus {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(FederationDomainStatus)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *FederationDomainTLSSpec) DeepCopyInto(out *FederationDomainTLSSpec) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederationDomainTLSSpec.
|
||||||
|
func (in *FederationDomainTLSSpec) DeepCopy() *FederationDomainTLSSpec {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(FederationDomainTLSSpec)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
11
generated/1.25/apis/supervisor/idp/v1alpha1/doc.go
generated
Normal file
11
generated/1.25/apis/supervisor/idp/v1alpha1/doc.go
generated
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// +k8s:openapi-gen=true
|
||||||
|
// +k8s:deepcopy-gen=package
|
||||||
|
// +k8s:defaulter-gen=TypeMeta
|
||||||
|
// +groupName=idp.supervisor.pinniped.dev
|
||||||
|
// +groupGoName=IDP
|
||||||
|
|
||||||
|
// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor identity provider (IDP) API.
|
||||||
|
package v1alpha1
|
47
generated/1.25/apis/supervisor/idp/v1alpha1/register.go
generated
Normal file
47
generated/1.25/apis/supervisor/idp/v1alpha1/register.go
generated
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime/schema"
|
||||||
|
)
|
||||||
|
|
||||||
|
const GroupName = "idp.supervisor.pinniped.dev"
|
||||||
|
|
||||||
|
// SchemeGroupVersion is group version used to register these objects.
|
||||||
|
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
|
||||||
|
|
||||||
|
var (
|
||||||
|
SchemeBuilder runtime.SchemeBuilder
|
||||||
|
localSchemeBuilder = &SchemeBuilder
|
||||||
|
AddToScheme = localSchemeBuilder.AddToScheme
|
||||||
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
// We only register manually written functions here. The registration of the
|
||||||
|
// generated functions takes place in the generated files. The separation
|
||||||
|
// makes the code compile even when the generated files are missing.
|
||||||
|
localSchemeBuilder.Register(addKnownTypes)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Adds the list of known types to the given scheme.
|
||||||
|
func addKnownTypes(scheme *runtime.Scheme) error {
|
||||||
|
scheme.AddKnownTypes(SchemeGroupVersion,
|
||||||
|
&OIDCIdentityProvider{},
|
||||||
|
&OIDCIdentityProviderList{},
|
||||||
|
&LDAPIdentityProvider{},
|
||||||
|
&LDAPIdentityProviderList{},
|
||||||
|
&ActiveDirectoryIdentityProvider{},
|
||||||
|
&ActiveDirectoryIdentityProviderList{},
|
||||||
|
)
|
||||||
|
metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Resource takes an unqualified resource and returns a Group qualified GroupResource.
|
||||||
|
func Resource(resource string) schema.GroupResource {
|
||||||
|
return SchemeGroupVersion.WithResource(resource).GroupResource()
|
||||||
|
}
|
207
generated/1.25/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go
generated
Normal file
207
generated/1.25/apis/supervisor/idp/v1alpha1/types_activedirectoryidentityprovider.go
generated
Normal file
@ -0,0 +1,207 @@
|
|||||||
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
)
|
||||||
|
|
||||||
|
type ActiveDirectoryIdentityProviderPhase string
|
||||||
|
|
||||||
|
const (
|
||||||
|
// ActiveDirectoryPhasePending is the default phase for newly-created ActiveDirectoryIdentityProvider resources.
|
||||||
|
ActiveDirectoryPhasePending ActiveDirectoryIdentityProviderPhase = "Pending"
|
||||||
|
|
||||||
|
// ActiveDirectoryPhaseReady is the phase for an ActiveDirectoryIdentityProvider resource in a healthy state.
|
||||||
|
ActiveDirectoryPhaseReady ActiveDirectoryIdentityProviderPhase = "Ready"
|
||||||
|
|
||||||
|
// ActiveDirectoryPhaseError is the phase for an ActiveDirectoryIdentityProvider in an unhealthy state.
|
||||||
|
ActiveDirectoryPhaseError ActiveDirectoryIdentityProviderPhase = "Error"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Status of an Active Directory identity provider.
|
||||||
|
type ActiveDirectoryIdentityProviderStatus struct {
|
||||||
|
// Phase summarizes the overall status of the ActiveDirectoryIdentityProvider.
|
||||||
|
// +kubebuilder:default=Pending
|
||||||
|
// +kubebuilder:validation:Enum=Pending;Ready;Error
|
||||||
|
Phase ActiveDirectoryIdentityProviderPhase `json:"phase,omitempty"`
|
||||||
|
|
||||||
|
// Represents the observations of an identity provider's current state.
|
||||||
|
// +patchMergeKey=type
|
||||||
|
// +patchStrategy=merge
|
||||||
|
// +listType=map
|
||||||
|
// +listMapKey=type
|
||||||
|
Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type ActiveDirectoryIdentityProviderBind struct {
|
||||||
|
// SecretName contains the name of a namespace-local Secret object that provides the username and
|
||||||
|
// password for an Active Directory bind user. This account will be used to perform LDAP searches. The Secret should be
|
||||||
|
// of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value
|
||||||
|
// should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com".
|
||||||
|
// The password must be non-empty.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
SecretName string `json:"secretName"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type ActiveDirectoryIdentityProviderUserSearchAttributes struct {
|
||||||
|
// Username specifies the name of the attribute in Active Directory entry whose value shall become the username
|
||||||
|
// of the user after a successful authentication.
|
||||||
|
// Optional, when empty this defaults to "userPrincipalName".
|
||||||
|
// +optional
|
||||||
|
Username string `json:"username,omitempty"`
|
||||||
|
|
||||||
|
// UID specifies the name of the attribute in the ActiveDirectory entry which whose value shall be used to uniquely
|
||||||
|
// identify the user within this ActiveDirectory provider after a successful authentication.
|
||||||
|
// Optional, when empty this defaults to "objectGUID".
|
||||||
|
// +optional
|
||||||
|
UID string `json:"uid,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type ActiveDirectoryIdentityProviderGroupSearchAttributes struct {
|
||||||
|
// GroupName specifies the name of the attribute in the Active Directory entries whose value shall become a group name
|
||||||
|
// in the user's list of groups after a successful authentication.
|
||||||
|
// The value of this field is case-sensitive and must match the case of the attribute name returned by the ActiveDirectory
|
||||||
|
// server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn".
|
||||||
|
// Optional. When not specified, this defaults to a custom field that looks like "sAMAccountName@domain",
|
||||||
|
// where domain is constructed from the domain components of the group DN.
|
||||||
|
// +optional
|
||||||
|
GroupName string `json:"groupName,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type ActiveDirectoryIdentityProviderUserSearch struct {
|
||||||
|
// Base is the dn (distinguished name) that should be used as the search base when searching for users.
|
||||||
|
// E.g. "ou=users,dc=example,dc=com".
|
||||||
|
// Optional, when not specified it will be based on the result of a query for the defaultNamingContext
|
||||||
|
// (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse).
|
||||||
|
// The default behavior searches your entire domain for users.
|
||||||
|
// It may make sense to specify a subtree as a search base if you wish to exclude some users
|
||||||
|
// or to make searches faster.
|
||||||
|
// +optional
|
||||||
|
Base string `json:"base,omitempty"`
|
||||||
|
|
||||||
|
// Filter is the search filter which should be applied when searching for users. The pattern "{}" must occur
|
||||||
|
// in the filter at least once and will be dynamically replaced by the username for which the search is being run.
|
||||||
|
// E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see
|
||||||
|
// https://ldap.com/ldap-filters.
|
||||||
|
// Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used.
|
||||||
|
// Optional. When not specified, the default will be
|
||||||
|
// '(&(objectClass=person)(!(objectClass=computer))(!(showInAdvancedViewOnly=TRUE))(|(sAMAccountName={}")(mail={})(userPrincipalName={})(sAMAccountType=805306368))'
|
||||||
|
// This means that the user is a person, is not a computer, the sAMAccountType is for a normal user account,
|
||||||
|
// and is not shown in advanced view only
|
||||||
|
// (which would likely mean its a system created service account with advanced permissions).
|
||||||
|
// Also, either the sAMAccountName, the userPrincipalName, or the mail attribute matches the input username.
|
||||||
|
// +optional
|
||||||
|
Filter string `json:"filter,omitempty"`
|
||||||
|
|
||||||
|
// Attributes specifies how the user's information should be read from the ActiveDirectory entry which was found as
|
||||||
|
// the result of the user search.
|
||||||
|
// +optional
|
||||||
|
Attributes ActiveDirectoryIdentityProviderUserSearchAttributes `json:"attributes,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type ActiveDirectoryIdentityProviderGroupSearch struct {
|
||||||
|
// Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g.
|
||||||
|
// "ou=groups,dc=example,dc=com".
|
||||||
|
// Optional, when not specified it will be based on the result of a query for the defaultNamingContext
|
||||||
|
// (see https://docs.microsoft.com/en-us/windows/win32/adschema/rootdse).
|
||||||
|
// The default behavior searches your entire domain for groups.
|
||||||
|
// It may make sense to specify a subtree as a search base if you wish to exclude some groups
|
||||||
|
// for security reasons or to make searches faster.
|
||||||
|
// +optional
|
||||||
|
Base string `json:"base,omitempty"`
|
||||||
|
|
||||||
|
// Filter is the ActiveDirectory search filter which should be applied when searching for groups for a user.
|
||||||
|
// The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the
|
||||||
|
// dn (distinguished name) of the user entry found as a result of the user search. E.g. "member={}" or
|
||||||
|
// "&(objectClass=groupOfNames)(member={})". For more information about ActiveDirectory filters, see
|
||||||
|
// https://ldap.com/ldap-filters.
|
||||||
|
// Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used.
|
||||||
|
// Optional. When not specified, the default will act as if the filter were specified as
|
||||||
|
// "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={})".
|
||||||
|
// This searches nested groups by default.
|
||||||
|
// Note that nested group search can be slow for some Active Directory servers. To disable it,
|
||||||
|
// you can set the filter to
|
||||||
|
// "(&(objectClass=group)(member={})"
|
||||||
|
// +optional
|
||||||
|
Filter string `json:"filter,omitempty"`
|
||||||
|
|
||||||
|
// Attributes specifies how the group's information should be read from each ActiveDirectory entry which was found as
|
||||||
|
// the result of the group search.
|
||||||
|
// +optional
|
||||||
|
Attributes ActiveDirectoryIdentityProviderGroupSearchAttributes `json:"attributes,omitempty"`
|
||||||
|
|
||||||
|
// The user's group membership is refreshed as they interact with the supervisor
|
||||||
|
// to obtain new credentials (as their old credentials expire). This allows group
|
||||||
|
// membership changes to be quickly reflected into Kubernetes clusters. Since
|
||||||
|
// group membership is often used to bind authorization policies, it is important
|
||||||
|
// to keep the groups observed in Kubernetes clusters in-sync with the identity
|
||||||
|
// provider.
|
||||||
|
//
|
||||||
|
// In some environments, frequent group membership queries may result in a
|
||||||
|
// significant performance impact on the identity provider and/or the supervisor.
|
||||||
|
// The best approach to handle performance impacts is to tweak the group query
|
||||||
|
// to be more performant, for example by disabling nested group search or by
|
||||||
|
// using a more targeted group search base.
|
||||||
|
//
|
||||||
|
// If the group search query cannot be made performant and you are willing to
|
||||||
|
// have group memberships remain static for approximately a day, then set
|
||||||
|
// skipGroupRefresh to true. This is an insecure configuration as authorization
|
||||||
|
// policies that are bound to group membership will not notice if a user has
|
||||||
|
// been removed from a particular group until their next login.
|
||||||
|
//
|
||||||
|
// This is an experimental feature that may be removed or significantly altered
|
||||||
|
// in the future. Consumers of this configuration should carefully read all
|
||||||
|
// release notes before upgrading to ensure that the meaning of this field has
|
||||||
|
// not changed.
|
||||||
|
SkipGroupRefresh bool `json:"skipGroupRefresh,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Spec for configuring an ActiveDirectory identity provider.
|
||||||
|
type ActiveDirectoryIdentityProviderSpec struct {
|
||||||
|
// Host is the hostname of this Active Directory identity provider, i.e., where to connect. For example: ldap.example.com:636.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
Host string `json:"host"`
|
||||||
|
|
||||||
|
// TLS contains the connection settings for how to establish the connection to the Host.
|
||||||
|
TLS *TLSSpec `json:"tls,omitempty"`
|
||||||
|
|
||||||
|
// Bind contains the configuration for how to provide access credentials during an initial bind to the ActiveDirectory server
|
||||||
|
// to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt.
|
||||||
|
Bind ActiveDirectoryIdentityProviderBind `json:"bind,omitempty"`
|
||||||
|
|
||||||
|
// UserSearch contains the configuration for searching for a user by name in Active Directory.
|
||||||
|
UserSearch ActiveDirectoryIdentityProviderUserSearch `json:"userSearch,omitempty"`
|
||||||
|
|
||||||
|
// GroupSearch contains the configuration for searching for a user's group membership in ActiveDirectory.
|
||||||
|
GroupSearch ActiveDirectoryIdentityProviderGroupSearch `json:"groupSearch,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// ActiveDirectoryIdentityProvider describes the configuration of an upstream Microsoft Active Directory identity provider.
|
||||||
|
// +genclient
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps
|
||||||
|
// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=`.spec.host`
|
||||||
|
// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase`
|
||||||
|
// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`
|
||||||
|
// +kubebuilder:subresource:status
|
||||||
|
type ActiveDirectoryIdentityProvider struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
// Spec for configuring the identity provider.
|
||||||
|
Spec ActiveDirectoryIdentityProviderSpec `json:"spec"`
|
||||||
|
|
||||||
|
// Status of the identity provider.
|
||||||
|
Status ActiveDirectoryIdentityProviderStatus `json:"status,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// List of ActiveDirectoryIdentityProvider objects.
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
type ActiveDirectoryIdentityProviderList struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ListMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
Items []ActiveDirectoryIdentityProvider `json:"items"`
|
||||||
|
}
|
196
generated/1.25/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go
generated
Normal file
196
generated/1.25/apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go
generated
Normal file
@ -0,0 +1,196 @@
|
|||||||
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
)
|
||||||
|
|
||||||
|
type LDAPIdentityProviderPhase string
|
||||||
|
|
||||||
|
const (
|
||||||
|
// LDAPPhasePending is the default phase for newly-created LDAPIdentityProvider resources.
|
||||||
|
LDAPPhasePending LDAPIdentityProviderPhase = "Pending"
|
||||||
|
|
||||||
|
// LDAPPhaseReady is the phase for an LDAPIdentityProvider resource in a healthy state.
|
||||||
|
LDAPPhaseReady LDAPIdentityProviderPhase = "Ready"
|
||||||
|
|
||||||
|
// LDAPPhaseError is the phase for an LDAPIdentityProvider in an unhealthy state.
|
||||||
|
LDAPPhaseError LDAPIdentityProviderPhase = "Error"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Status of an LDAP identity provider.
|
||||||
|
type LDAPIdentityProviderStatus struct {
|
||||||
|
// Phase summarizes the overall status of the LDAPIdentityProvider.
|
||||||
|
// +kubebuilder:default=Pending
|
||||||
|
// +kubebuilder:validation:Enum=Pending;Ready;Error
|
||||||
|
Phase LDAPIdentityProviderPhase `json:"phase,omitempty"`
|
||||||
|
|
||||||
|
// Represents the observations of an identity provider's current state.
|
||||||
|
// +patchMergeKey=type
|
||||||
|
// +patchStrategy=merge
|
||||||
|
// +listType=map
|
||||||
|
// +listMapKey=type
|
||||||
|
Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type LDAPIdentityProviderBind struct {
|
||||||
|
// SecretName contains the name of a namespace-local Secret object that provides the username and
|
||||||
|
// password for an LDAP bind user. This account will be used to perform LDAP searches. The Secret should be
|
||||||
|
// of type "kubernetes.io/basic-auth" which includes "username" and "password" keys. The username value
|
||||||
|
// should be the full dn (distinguished name) of your bind account, e.g. "cn=bind-account,ou=users,dc=example,dc=com".
|
||||||
|
// The password must be non-empty.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
SecretName string `json:"secretName"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type LDAPIdentityProviderUserSearchAttributes struct {
|
||||||
|
// Username specifies the name of the attribute in the LDAP entry whose value shall become the username
|
||||||
|
// of the user after a successful authentication. This would typically be the same attribute name used in
|
||||||
|
// the user search filter, although it can be different. E.g. "mail" or "uid" or "userPrincipalName".
|
||||||
|
// The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP
|
||||||
|
// server in the user's entry. Distinguished names can be used by specifying lower-case "dn". When this field
|
||||||
|
// is set to "dn" then the LDAPIdentityProviderUserSearch's Filter field cannot be blank, since the default
|
||||||
|
// value of "dn={}" would not work.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
Username string `json:"username,omitempty"`
|
||||||
|
|
||||||
|
// UID specifies the name of the attribute in the LDAP entry which whose value shall be used to uniquely
|
||||||
|
// identify the user within this LDAP provider after a successful authentication. E.g. "uidNumber" or "objectGUID".
|
||||||
|
// The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP
|
||||||
|
// server in the user's entry. Distinguished names can be used by specifying lower-case "dn".
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
UID string `json:"uid,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type LDAPIdentityProviderGroupSearchAttributes struct {
|
||||||
|
// GroupName specifies the name of the attribute in the LDAP entries whose value shall become a group name
|
||||||
|
// in the user's list of groups after a successful authentication.
|
||||||
|
// The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP
|
||||||
|
// server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn".
|
||||||
|
// Optional. When not specified, the default will act as if the GroupName were specified as "dn" (distinguished name).
|
||||||
|
// +optional
|
||||||
|
GroupName string `json:"groupName,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type LDAPIdentityProviderUserSearch struct {
|
||||||
|
// Base is the dn (distinguished name) that should be used as the search base when searching for users.
|
||||||
|
// E.g. "ou=users,dc=example,dc=com".
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
Base string `json:"base,omitempty"`
|
||||||
|
|
||||||
|
// Filter is the LDAP search filter which should be applied when searching for users. The pattern "{}" must occur
|
||||||
|
// in the filter at least once and will be dynamically replaced by the username for which the search is being run.
|
||||||
|
// E.g. "mail={}" or "&(objectClass=person)(uid={})". For more information about LDAP filters, see
|
||||||
|
// https://ldap.com/ldap-filters.
|
||||||
|
// Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used.
|
||||||
|
// Optional. When not specified, the default will act as if the Filter were specified as the value from
|
||||||
|
// Attributes.Username appended by "={}". When the Attributes.Username is set to "dn" then the Filter must be
|
||||||
|
// explicitly specified, since the default value of "dn={}" would not work.
|
||||||
|
// +optional
|
||||||
|
Filter string `json:"filter,omitempty"`
|
||||||
|
|
||||||
|
// Attributes specifies how the user's information should be read from the LDAP entry which was found as
|
||||||
|
// the result of the user search.
|
||||||
|
// +optional
|
||||||
|
Attributes LDAPIdentityProviderUserSearchAttributes `json:"attributes,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type LDAPIdentityProviderGroupSearch struct {
|
||||||
|
// Base is the dn (distinguished name) that should be used as the search base when searching for groups. E.g.
|
||||||
|
// "ou=groups,dc=example,dc=com". When not specified, no group search will be performed and
|
||||||
|
// authenticated users will not belong to any groups from the LDAP provider. Also, when not specified,
|
||||||
|
// the values of Filter and Attributes are ignored.
|
||||||
|
// +optional
|
||||||
|
Base string `json:"base,omitempty"`
|
||||||
|
|
||||||
|
// Filter is the LDAP search filter which should be applied when searching for groups for a user.
|
||||||
|
// The pattern "{}" must occur in the filter at least once and will be dynamically replaced by the
|
||||||
|
// dn (distinguished name) of the user entry found as a result of the user search. E.g. "member={}" or
|
||||||
|
// "&(objectClass=groupOfNames)(member={})". For more information about LDAP filters, see
|
||||||
|
// https://ldap.com/ldap-filters.
|
||||||
|
// Note that the dn (distinguished name) is not an attribute of an entry, so "dn={}" cannot be used.
|
||||||
|
// Optional. When not specified, the default will act as if the Filter were specified as "member={}".
|
||||||
|
// +optional
|
||||||
|
Filter string `json:"filter,omitempty"`
|
||||||
|
|
||||||
|
// Attributes specifies how the group's information should be read from each LDAP entry which was found as
|
||||||
|
// the result of the group search.
|
||||||
|
// +optional
|
||||||
|
Attributes LDAPIdentityProviderGroupSearchAttributes `json:"attributes,omitempty"`
|
||||||
|
|
||||||
|
// The user's group membership is refreshed as they interact with the supervisor
|
||||||
|
// to obtain new credentials (as their old credentials expire). This allows group
|
||||||
|
// membership changes to be quickly reflected into Kubernetes clusters. Since
|
||||||
|
// group membership is often used to bind authorization policies, it is important
|
||||||
|
// to keep the groups observed in Kubernetes clusters in-sync with the identity
|
||||||
|
// provider.
|
||||||
|
//
|
||||||
|
// In some environments, frequent group membership queries may result in a
|
||||||
|
// significant performance impact on the identity provider and/or the supervisor.
|
||||||
|
// The best approach to handle performance impacts is to tweak the group query
|
||||||
|
// to be more performant, for example by disabling nested group search or by
|
||||||
|
// using a more targeted group search base.
|
||||||
|
//
|
||||||
|
// If the group search query cannot be made performant and you are willing to
|
||||||
|
// have group memberships remain static for approximately a day, then set
|
||||||
|
// skipGroupRefresh to true. This is an insecure configuration as authorization
|
||||||
|
// policies that are bound to group membership will not notice if a user has
|
||||||
|
// been removed from a particular group until their next login.
|
||||||
|
//
|
||||||
|
// This is an experimental feature that may be removed or significantly altered
|
||||||
|
// in the future. Consumers of this configuration should carefully read all
|
||||||
|
// release notes before upgrading to ensure that the meaning of this field has
|
||||||
|
// not changed.
|
||||||
|
SkipGroupRefresh bool `json:"skipGroupRefresh,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Spec for configuring an LDAP identity provider.
|
||||||
|
type LDAPIdentityProviderSpec struct {
|
||||||
|
// Host is the hostname of this LDAP identity provider, i.e., where to connect. For example: ldap.example.com:636.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
Host string `json:"host"`
|
||||||
|
|
||||||
|
// TLS contains the connection settings for how to establish the connection to the Host.
|
||||||
|
TLS *TLSSpec `json:"tls,omitempty"`
|
||||||
|
|
||||||
|
// Bind contains the configuration for how to provide access credentials during an initial bind to the LDAP server
|
||||||
|
// to be allowed to perform searches and binds to validate a user's credentials during a user's authentication attempt.
|
||||||
|
Bind LDAPIdentityProviderBind `json:"bind,omitempty"`
|
||||||
|
|
||||||
|
// UserSearch contains the configuration for searching for a user by name in the LDAP provider.
|
||||||
|
UserSearch LDAPIdentityProviderUserSearch `json:"userSearch,omitempty"`
|
||||||
|
|
||||||
|
// GroupSearch contains the configuration for searching for a user's group membership in the LDAP provider.
|
||||||
|
GroupSearch LDAPIdentityProviderGroupSearch `json:"groupSearch,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// LDAPIdentityProvider describes the configuration of an upstream Lightweight Directory Access
|
||||||
|
// Protocol (LDAP) identity provider.
|
||||||
|
// +genclient
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps
|
||||||
|
// +kubebuilder:printcolumn:name="Host",type=string,JSONPath=`.spec.host`
|
||||||
|
// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase`
|
||||||
|
// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`
|
||||||
|
// +kubebuilder:subresource:status
|
||||||
|
type LDAPIdentityProvider struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
// Spec for configuring the identity provider.
|
||||||
|
Spec LDAPIdentityProviderSpec `json:"spec"`
|
||||||
|
|
||||||
|
// Status of the identity provider.
|
||||||
|
Status LDAPIdentityProviderStatus `json:"status,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// List of LDAPIdentityProvider objects.
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
type LDAPIdentityProviderList struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ListMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
Items []LDAPIdentityProvider `json:"items"`
|
||||||
|
}
|
75
generated/1.25/apis/supervisor/idp/v1alpha1/types_meta.go
generated
Normal file
75
generated/1.25/apis/supervisor/idp/v1alpha1/types_meta.go
generated
Normal file
@ -0,0 +1,75 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
|
||||||
|
// ConditionStatus is effectively an enum type for Condition.Status.
|
||||||
|
type ConditionStatus string
|
||||||
|
|
||||||
|
// These are valid condition statuses. "ConditionTrue" means a resource is in the condition.
|
||||||
|
// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes
|
||||||
|
// can't decide if a resource is in the condition or not. In the future, we could add other
|
||||||
|
// intermediate conditions, e.g. ConditionDegraded.
|
||||||
|
const (
|
||||||
|
ConditionTrue ConditionStatus = "True"
|
||||||
|
ConditionFalse ConditionStatus = "False"
|
||||||
|
ConditionUnknown ConditionStatus = "Unknown"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API
|
||||||
|
// version we can switch to using the upstream type.
|
||||||
|
// See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413.
|
||||||
|
type Condition struct {
|
||||||
|
// type of condition in CamelCase or in foo.example.com/CamelCase.
|
||||||
|
// ---
|
||||||
|
// Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
|
||||||
|
// useful (see .node.status.conditions), the ability to deconflict is important.
|
||||||
|
// The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
|
||||||
|
// +required
|
||||||
|
// +kubebuilder:validation:Required
|
||||||
|
// +kubebuilder:validation:Pattern=`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$`
|
||||||
|
// +kubebuilder:validation:MaxLength=316
|
||||||
|
Type string `json:"type"`
|
||||||
|
|
||||||
|
// status of the condition, one of True, False, Unknown.
|
||||||
|
// +required
|
||||||
|
// +kubebuilder:validation:Required
|
||||||
|
// +kubebuilder:validation:Enum=True;False;Unknown
|
||||||
|
Status ConditionStatus `json:"status"`
|
||||||
|
|
||||||
|
// observedGeneration represents the .metadata.generation that the condition was set based upon.
|
||||||
|
// For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
||||||
|
// with respect to the current state of the instance.
|
||||||
|
// +optional
|
||||||
|
// +kubebuilder:validation:Minimum=0
|
||||||
|
ObservedGeneration int64 `json:"observedGeneration,omitempty"`
|
||||||
|
|
||||||
|
// lastTransitionTime is the last time the condition transitioned from one status to another.
|
||||||
|
// This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
||||||
|
// +required
|
||||||
|
// +kubebuilder:validation:Required
|
||||||
|
// +kubebuilder:validation:Type=string
|
||||||
|
// +kubebuilder:validation:Format=date-time
|
||||||
|
LastTransitionTime metav1.Time `json:"lastTransitionTime"`
|
||||||
|
|
||||||
|
// reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
||||||
|
// Producers of specific condition types may define expected values and meanings for this field,
|
||||||
|
// and whether the values are considered a guaranteed API.
|
||||||
|
// The value should be a CamelCase string.
|
||||||
|
// This field may not be empty.
|
||||||
|
// +required
|
||||||
|
// +kubebuilder:validation:Required
|
||||||
|
// +kubebuilder:validation:MaxLength=1024
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
// +kubebuilder:validation:Pattern=`^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$`
|
||||||
|
Reason string `json:"reason"`
|
||||||
|
|
||||||
|
// message is a human readable message indicating details about the transition.
|
||||||
|
// This may be an empty string.
|
||||||
|
// +required
|
||||||
|
// +kubebuilder:validation:Required
|
||||||
|
// +kubebuilder:validation:MaxLength=32768
|
||||||
|
Message string `json:"message"`
|
||||||
|
}
|
206
generated/1.25/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go
generated
Normal file
206
generated/1.25/apis/supervisor/idp/v1alpha1/types_oidcidentityprovider.go
generated
Normal file
@ -0,0 +1,206 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
)
|
||||||
|
|
||||||
|
type OIDCIdentityProviderPhase string
|
||||||
|
|
||||||
|
const (
|
||||||
|
// PhasePending is the default phase for newly-created OIDCIdentityProvider resources.
|
||||||
|
PhasePending OIDCIdentityProviderPhase = "Pending"
|
||||||
|
|
||||||
|
// PhaseReady is the phase for an OIDCIdentityProvider resource in a healthy state.
|
||||||
|
PhaseReady OIDCIdentityProviderPhase = "Ready"
|
||||||
|
|
||||||
|
// PhaseError is the phase for an OIDCIdentityProvider in an unhealthy state.
|
||||||
|
PhaseError OIDCIdentityProviderPhase = "Error"
|
||||||
|
)
|
||||||
|
|
||||||
|
// OIDCIdentityProviderStatus is the status of an OIDC identity provider.
|
||||||
|
type OIDCIdentityProviderStatus struct {
|
||||||
|
// Phase summarizes the overall status of the OIDCIdentityProvider.
|
||||||
|
// +kubebuilder:default=Pending
|
||||||
|
// +kubebuilder:validation:Enum=Pending;Ready;Error
|
||||||
|
Phase OIDCIdentityProviderPhase `json:"phase,omitempty"`
|
||||||
|
|
||||||
|
// Represents the observations of an identity provider's current state.
|
||||||
|
// +patchMergeKey=type
|
||||||
|
// +patchStrategy=merge
|
||||||
|
// +listType=map
|
||||||
|
// +listMapKey=type
|
||||||
|
Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// OIDCAuthorizationConfig provides information about how to form the OAuth2 authorization
|
||||||
|
// request parameters.
|
||||||
|
type OIDCAuthorizationConfig struct {
|
||||||
|
// additionalScopes are the additional scopes that will be requested from your OIDC provider in the authorization
|
||||||
|
// request during an OIDC Authorization Code Flow and in the token request during a Resource Owner Password Credentials
|
||||||
|
// Grant. Note that the "openid" scope will always be requested regardless of the value in this setting, since it is
|
||||||
|
// always required according to the OIDC spec. By default, when this field is not set, the Supervisor will request
|
||||||
|
// the following scopes: "openid", "offline_access", "email", and "profile". See
|
||||||
|
// https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims for a description of the "profile" and "email"
|
||||||
|
// scopes. See https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess for a description of the
|
||||||
|
// "offline_access" scope. This default value may change in future versions of Pinniped as the standard evolves,
|
||||||
|
// or as common patterns used by providers who implement the standard in the ecosystem evolve.
|
||||||
|
// By setting this list to anything other than an empty list, you are overriding the
|
||||||
|
// default value, so you may wish to include some of "offline_access", "email", and "profile" in your override list.
|
||||||
|
// If you do not want any of these scopes to be requested, you may set this list to contain only "openid".
|
||||||
|
// Some OIDC providers may also require a scope to get access to the user's group membership, in which case you
|
||||||
|
// may wish to include it in this list. Sometimes the scope to request the user's group membership is called
|
||||||
|
// "groups", but unfortunately this is not specified in the OIDC standard.
|
||||||
|
// Generally speaking, you should include any scopes required to cause the appropriate claims to be the returned by
|
||||||
|
// your OIDC provider in the ID token or userinfo endpoint results for those claims which you would like to use in
|
||||||
|
// the oidcClaims settings to determine the usernames and group memberships of your Kubernetes users. See
|
||||||
|
// your OIDC provider's documentation for more information about what scopes are available to request claims.
|
||||||
|
// Additionally, the Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the Supervisor
|
||||||
|
// from these authorization flows. For most OIDC providers, the scope required to receive refresh tokens will be
|
||||||
|
// "offline_access". See the documentation of your OIDC provider's authorization and token endpoints for its
|
||||||
|
// requirements for what to include in the request in order to receive a refresh token in the response, if anything.
|
||||||
|
// Note that it may be safe to send "offline_access" even to providers which do not require it, since the provider
|
||||||
|
// may ignore scopes that it does not understand or require (see
|
||||||
|
// https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). In the unusual case that you must avoid sending the
|
||||||
|
// "offline_access" scope, then you must override the default value of this setting. This is required if your OIDC
|
||||||
|
// provider will reject the request when it includes "offline_access" (e.g. GitLab's OIDC provider).
|
||||||
|
// +optional
|
||||||
|
AdditionalScopes []string `json:"additionalScopes,omitempty"`
|
||||||
|
|
||||||
|
// additionalAuthorizeParameters are extra query parameters that should be included in the authorize request to your
|
||||||
|
// OIDC provider in the authorization request during an OIDC Authorization Code Flow. By default, no extra
|
||||||
|
// parameters are sent. The standard parameters that will be sent are "response_type", "scope", "client_id",
|
||||||
|
// "state", "nonce", "code_challenge", "code_challenge_method", and "redirect_uri". These parameters cannot be
|
||||||
|
// included in this setting. Additionally, the "hd" parameter cannot be included in this setting at this time.
|
||||||
|
// The "hd" parameter is used by Google's OIDC provider to provide a hint as to which "hosted domain" the user
|
||||||
|
// should use during login. However, Pinniped does not yet support validating the hosted domain in the resulting
|
||||||
|
// ID token, so it is not yet safe to use this feature of Google's OIDC provider with Pinniped.
|
||||||
|
// This setting does not influence the parameters sent to the token endpoint in the Resource Owner Password
|
||||||
|
// Credentials Grant. The Pinniped Supervisor requires that your OIDC provider returns refresh tokens to the
|
||||||
|
// Supervisor from the authorization flows. Some OIDC providers may require a certain value for the "prompt"
|
||||||
|
// parameter in order to properly request refresh tokens. See the documentation of your OIDC provider's
|
||||||
|
// authorization endpoint for its requirements for what to include in the request in order to receive a refresh
|
||||||
|
// token in the response, if anything. If your provider requires the prompt parameter to request a refresh token,
|
||||||
|
// then include it here. Also note that most providers also require a certain scope to be requested in order to
|
||||||
|
// receive refresh tokens. See the additionalScopes setting for more information about using scopes to request
|
||||||
|
// refresh tokens.
|
||||||
|
// +optional
|
||||||
|
// +patchMergeKey=name
|
||||||
|
// +patchStrategy=merge
|
||||||
|
// +listType=map
|
||||||
|
// +listMapKey=name
|
||||||
|
AdditionalAuthorizeParameters []Parameter `json:"additionalAuthorizeParameters,omitempty"`
|
||||||
|
|
||||||
|
// allowPasswordGrant, when true, will allow the use of OAuth 2.0's Resource Owner Password Credentials Grant
|
||||||
|
// (see https://datatracker.ietf.org/doc/html/rfc6749#section-4.3) to authenticate to the OIDC provider using a
|
||||||
|
// username and password without a web browser, in addition to the usual browser-based OIDC Authorization Code Flow.
|
||||||
|
// The Resource Owner Password Credentials Grant is not officially part of the OIDC specification, so it may not be
|
||||||
|
// supported by your OIDC provider. If your OIDC provider supports returning ID tokens from a Resource Owner Password
|
||||||
|
// Credentials Grant token request, then you can choose to set this field to true. This will allow end users to choose
|
||||||
|
// to present their username and password to the kubectl CLI (using the Pinniped plugin) to authenticate to the
|
||||||
|
// cluster, without using a web browser to log in as is customary in OIDC Authorization Code Flow. This may be
|
||||||
|
// convenient for users, especially for identities from your OIDC provider which are not intended to represent a human
|
||||||
|
// actor, such as service accounts performing actions in a CI/CD environment. Even if your OIDC provider supports it,
|
||||||
|
// you may wish to disable this behavior by setting this field to false when you prefer to only allow users of this
|
||||||
|
// OIDCIdentityProvider to log in via the browser-based OIDC Authorization Code Flow. Using the Resource Owner Password
|
||||||
|
// Credentials Grant means that the Pinniped CLI and Pinniped Supervisor will directly handle your end users' passwords
|
||||||
|
// (similar to LDAPIdentityProvider), and you will not be able to require multi-factor authentication or use the other
|
||||||
|
// web-based login features of your OIDC provider during Resource Owner Password Credentials Grant logins.
|
||||||
|
// allowPasswordGrant defaults to false.
|
||||||
|
// +optional
|
||||||
|
AllowPasswordGrant bool `json:"allowPasswordGrant,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Parameter is a key/value pair which represents a parameter in an HTTP request.
|
||||||
|
type Parameter struct {
|
||||||
|
// The name of the parameter. Required.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
Name string `json:"name"`
|
||||||
|
|
||||||
|
// The value of the parameter.
|
||||||
|
// +optional
|
||||||
|
Value string `json:"value,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// OIDCClaims provides a mapping from upstream claims into identities.
|
||||||
|
type OIDCClaims struct {
|
||||||
|
// Groups provides the name of the ID token claim or userinfo endpoint response claim that will be used to ascertain
|
||||||
|
// the groups to which an identity belongs. By default, the identities will not include any group memberships when
|
||||||
|
// this setting is not configured.
|
||||||
|
// +optional
|
||||||
|
Groups string `json:"groups"`
|
||||||
|
|
||||||
|
// Username provides the name of the ID token claim or userinfo endpoint response claim that will be used to
|
||||||
|
// ascertain an identity's username. When not set, the username will be an automatically constructed unique string
|
||||||
|
// which will include the issuer URL of your OIDC provider along with the value of the "sub" (subject) claim from
|
||||||
|
// the ID token.
|
||||||
|
// +optional
|
||||||
|
Username string `json:"username"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// OIDCClient contains information about an OIDC client (e.g., client ID and client
|
||||||
|
// secret).
|
||||||
|
type OIDCClient struct {
|
||||||
|
// SecretName contains the name of a namespace-local Secret object that provides the clientID and
|
||||||
|
// clientSecret for an OIDC client. If only the SecretName is specified in an OIDCClient
|
||||||
|
// struct, then it is expected that the Secret is of type "secrets.pinniped.dev/oidc-client" with keys
|
||||||
|
// "clientID" and "clientSecret".
|
||||||
|
SecretName string `json:"secretName"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// OIDCIdentityProviderSpec is the spec for configuring an OIDC identity provider.
|
||||||
|
type OIDCIdentityProviderSpec struct {
|
||||||
|
// Issuer is the issuer URL of this OIDC identity provider, i.e., where to fetch
|
||||||
|
// /.well-known/openid-configuration.
|
||||||
|
// +kubebuilder:validation:MinLength=1
|
||||||
|
// +kubebuilder:validation:Pattern=`^https://`
|
||||||
|
Issuer string `json:"issuer"`
|
||||||
|
|
||||||
|
// TLS configuration for discovery/JWKS requests to the issuer.
|
||||||
|
// +optional
|
||||||
|
TLS *TLSSpec `json:"tls,omitempty"`
|
||||||
|
|
||||||
|
// AuthorizationConfig holds information about how to form the OAuth2 authorization request
|
||||||
|
// parameters to be used with this OIDC identity provider.
|
||||||
|
// +optional
|
||||||
|
AuthorizationConfig OIDCAuthorizationConfig `json:"authorizationConfig,omitempty"`
|
||||||
|
|
||||||
|
// Claims provides the names of token claims that will be used when inspecting an identity from
|
||||||
|
// this OIDC identity provider.
|
||||||
|
// +optional
|
||||||
|
Claims OIDCClaims `json:"claims"`
|
||||||
|
|
||||||
|
// OIDCClient contains OIDC client information to be used used with this OIDC identity
|
||||||
|
// provider.
|
||||||
|
Client OIDCClient `json:"client"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// OIDCIdentityProvider describes the configuration of an upstream OpenID Connect identity provider.
|
||||||
|
// +genclient
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
// +kubebuilder:resource:categories=pinniped;pinniped-idp;pinniped-idps
|
||||||
|
// +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.issuer`
|
||||||
|
// +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.phase`
|
||||||
|
// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`
|
||||||
|
// +kubebuilder:subresource:status
|
||||||
|
type OIDCIdentityProvider struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
// Spec for configuring the identity provider.
|
||||||
|
Spec OIDCIdentityProviderSpec `json:"spec"`
|
||||||
|
|
||||||
|
// Status of the identity provider.
|
||||||
|
Status OIDCIdentityProviderStatus `json:"status,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// OIDCIdentityProviderList lists OIDCIdentityProvider objects.
|
||||||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||||
|
type OIDCIdentityProviderList struct {
|
||||||
|
metav1.TypeMeta `json:",inline"`
|
||||||
|
metav1.ListMeta `json:"metadata,omitempty"`
|
||||||
|
|
||||||
|
Items []OIDCIdentityProvider `json:"items"`
|
||||||
|
}
|
11
generated/1.25/apis/supervisor/idp/v1alpha1/types_tls.go
generated
Normal file
11
generated/1.25/apis/supervisor/idp/v1alpha1/types_tls.go
generated
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
// Configuration for TLS parameters related to identity provider integration.
|
||||||
|
type TLSSpec struct {
|
||||||
|
// X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted.
|
||||||
|
// +optional
|
||||||
|
CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"`
|
||||||
|
}
|
608
generated/1.25/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go
generated
Normal file
608
generated/1.25/apis/supervisor/idp/v1alpha1/zz_generated.deepcopy.go
generated
Normal file
@ -0,0 +1,608 @@
|
|||||||
|
//go:build !ignore_autogenerated
|
||||||
|
// +build !ignore_autogenerated
|
||||||
|
|
||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by deepcopy-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *ActiveDirectoryIdentityProvider) DeepCopyInto(out *ActiveDirectoryIdentityProvider) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||||
|
in.Spec.DeepCopyInto(&out.Spec)
|
||||||
|
in.Status.DeepCopyInto(&out.Status)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProvider.
|
||||||
|
func (in *ActiveDirectoryIdentityProvider) DeepCopy() *ActiveDirectoryIdentityProvider {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(ActiveDirectoryIdentityProvider)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *ActiveDirectoryIdentityProvider) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderBind) DeepCopyInto(out *ActiveDirectoryIdentityProviderBind) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderBind.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderBind) DeepCopy() *ActiveDirectoryIdentityProviderBind {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(ActiveDirectoryIdentityProviderBind)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderGroupSearch) DeepCopyInto(out *ActiveDirectoryIdentityProviderGroupSearch) {
|
||||||
|
*out = *in
|
||||||
|
out.Attributes = in.Attributes
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderGroupSearch.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderGroupSearch) DeepCopy() *ActiveDirectoryIdentityProviderGroupSearch {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(ActiveDirectoryIdentityProviderGroupSearch)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderGroupSearchAttributes) DeepCopyInto(out *ActiveDirectoryIdentityProviderGroupSearchAttributes) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderGroupSearchAttributes.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderGroupSearchAttributes) DeepCopy() *ActiveDirectoryIdentityProviderGroupSearchAttributes {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(ActiveDirectoryIdentityProviderGroupSearchAttributes)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderList) DeepCopyInto(out *ActiveDirectoryIdentityProviderList) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||||
|
if in.Items != nil {
|
||||||
|
in, out := &in.Items, &out.Items
|
||||||
|
*out = make([]ActiveDirectoryIdentityProvider, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderList.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderList) DeepCopy() *ActiveDirectoryIdentityProviderList {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(ActiveDirectoryIdentityProviderList)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderList) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderSpec) DeepCopyInto(out *ActiveDirectoryIdentityProviderSpec) {
|
||||||
|
*out = *in
|
||||||
|
if in.TLS != nil {
|
||||||
|
in, out := &in.TLS, &out.TLS
|
||||||
|
*out = new(TLSSpec)
|
||||||
|
**out = **in
|
||||||
|
}
|
||||||
|
out.Bind = in.Bind
|
||||||
|
out.UserSearch = in.UserSearch
|
||||||
|
out.GroupSearch = in.GroupSearch
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderSpec.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderSpec) DeepCopy() *ActiveDirectoryIdentityProviderSpec {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(ActiveDirectoryIdentityProviderSpec)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderStatus) DeepCopyInto(out *ActiveDirectoryIdentityProviderStatus) {
|
||||||
|
*out = *in
|
||||||
|
if in.Conditions != nil {
|
||||||
|
in, out := &in.Conditions, &out.Conditions
|
||||||
|
*out = make([]Condition, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderStatus.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderStatus) DeepCopy() *ActiveDirectoryIdentityProviderStatus {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(ActiveDirectoryIdentityProviderStatus)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderUserSearch) DeepCopyInto(out *ActiveDirectoryIdentityProviderUserSearch) {
|
||||||
|
*out = *in
|
||||||
|
out.Attributes = in.Attributes
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderUserSearch.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderUserSearch) DeepCopy() *ActiveDirectoryIdentityProviderUserSearch {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(ActiveDirectoryIdentityProviderUserSearch)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopyInto(out *ActiveDirectoryIdentityProviderUserSearchAttributes) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveDirectoryIdentityProviderUserSearchAttributes.
|
||||||
|
func (in *ActiveDirectoryIdentityProviderUserSearchAttributes) DeepCopy() *ActiveDirectoryIdentityProviderUserSearchAttributes {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(ActiveDirectoryIdentityProviderUserSearchAttributes)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *Condition) DeepCopyInto(out *Condition) {
|
||||||
|
*out = *in
|
||||||
|
in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition.
|
||||||
|
func (in *Condition) DeepCopy() *Condition {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(Condition)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *LDAPIdentityProvider) DeepCopyInto(out *LDAPIdentityProvider) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||||
|
in.Spec.DeepCopyInto(&out.Spec)
|
||||||
|
in.Status.DeepCopyInto(&out.Status)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProvider.
|
||||||
|
func (in *LDAPIdentityProvider) DeepCopy() *LDAPIdentityProvider {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(LDAPIdentityProvider)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *LDAPIdentityProvider) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *LDAPIdentityProviderBind) DeepCopyInto(out *LDAPIdentityProviderBind) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderBind.
|
||||||
|
func (in *LDAPIdentityProviderBind) DeepCopy() *LDAPIdentityProviderBind {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(LDAPIdentityProviderBind)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *LDAPIdentityProviderGroupSearch) DeepCopyInto(out *LDAPIdentityProviderGroupSearch) {
|
||||||
|
*out = *in
|
||||||
|
out.Attributes = in.Attributes
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderGroupSearch.
|
||||||
|
func (in *LDAPIdentityProviderGroupSearch) DeepCopy() *LDAPIdentityProviderGroupSearch {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(LDAPIdentityProviderGroupSearch)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *LDAPIdentityProviderGroupSearchAttributes) DeepCopyInto(out *LDAPIdentityProviderGroupSearchAttributes) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderGroupSearchAttributes.
|
||||||
|
func (in *LDAPIdentityProviderGroupSearchAttributes) DeepCopy() *LDAPIdentityProviderGroupSearchAttributes {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(LDAPIdentityProviderGroupSearchAttributes)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *LDAPIdentityProviderList) DeepCopyInto(out *LDAPIdentityProviderList) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||||
|
if in.Items != nil {
|
||||||
|
in, out := &in.Items, &out.Items
|
||||||
|
*out = make([]LDAPIdentityProvider, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderList.
|
||||||
|
func (in *LDAPIdentityProviderList) DeepCopy() *LDAPIdentityProviderList {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(LDAPIdentityProviderList)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *LDAPIdentityProviderList) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *LDAPIdentityProviderSpec) DeepCopyInto(out *LDAPIdentityProviderSpec) {
|
||||||
|
*out = *in
|
||||||
|
if in.TLS != nil {
|
||||||
|
in, out := &in.TLS, &out.TLS
|
||||||
|
*out = new(TLSSpec)
|
||||||
|
**out = **in
|
||||||
|
}
|
||||||
|
out.Bind = in.Bind
|
||||||
|
out.UserSearch = in.UserSearch
|
||||||
|
out.GroupSearch = in.GroupSearch
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderSpec.
|
||||||
|
func (in *LDAPIdentityProviderSpec) DeepCopy() *LDAPIdentityProviderSpec {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(LDAPIdentityProviderSpec)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *LDAPIdentityProviderStatus) DeepCopyInto(out *LDAPIdentityProviderStatus) {
|
||||||
|
*out = *in
|
||||||
|
if in.Conditions != nil {
|
||||||
|
in, out := &in.Conditions, &out.Conditions
|
||||||
|
*out = make([]Condition, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderStatus.
|
||||||
|
func (in *LDAPIdentityProviderStatus) DeepCopy() *LDAPIdentityProviderStatus {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(LDAPIdentityProviderStatus)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *LDAPIdentityProviderUserSearch) DeepCopyInto(out *LDAPIdentityProviderUserSearch) {
|
||||||
|
*out = *in
|
||||||
|
out.Attributes = in.Attributes
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderUserSearch.
|
||||||
|
func (in *LDAPIdentityProviderUserSearch) DeepCopy() *LDAPIdentityProviderUserSearch {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(LDAPIdentityProviderUserSearch)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *LDAPIdentityProviderUserSearchAttributes) DeepCopyInto(out *LDAPIdentityProviderUserSearchAttributes) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPIdentityProviderUserSearchAttributes.
|
||||||
|
func (in *LDAPIdentityProviderUserSearchAttributes) DeepCopy() *LDAPIdentityProviderUserSearchAttributes {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(LDAPIdentityProviderUserSearchAttributes)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *OIDCAuthorizationConfig) DeepCopyInto(out *OIDCAuthorizationConfig) {
|
||||||
|
*out = *in
|
||||||
|
if in.AdditionalScopes != nil {
|
||||||
|
in, out := &in.AdditionalScopes, &out.AdditionalScopes
|
||||||
|
*out = make([]string, len(*in))
|
||||||
|
copy(*out, *in)
|
||||||
|
}
|
||||||
|
if in.AdditionalAuthorizeParameters != nil {
|
||||||
|
in, out := &in.AdditionalAuthorizeParameters, &out.AdditionalAuthorizeParameters
|
||||||
|
*out = make([]Parameter, len(*in))
|
||||||
|
copy(*out, *in)
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCAuthorizationConfig.
|
||||||
|
func (in *OIDCAuthorizationConfig) DeepCopy() *OIDCAuthorizationConfig {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(OIDCAuthorizationConfig)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *OIDCClaims) DeepCopyInto(out *OIDCClaims) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClaims.
|
||||||
|
func (in *OIDCClaims) DeepCopy() *OIDCClaims {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(OIDCClaims)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *OIDCClient) DeepCopyInto(out *OIDCClient) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient.
|
||||||
|
func (in *OIDCClient) DeepCopy() *OIDCClient {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(OIDCClient)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *OIDCIdentityProvider) DeepCopyInto(out *OIDCIdentityProvider) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||||
|
in.Spec.DeepCopyInto(&out.Spec)
|
||||||
|
in.Status.DeepCopyInto(&out.Status)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProvider.
|
||||||
|
func (in *OIDCIdentityProvider) DeepCopy() *OIDCIdentityProvider {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(OIDCIdentityProvider)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *OIDCIdentityProvider) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *OIDCIdentityProviderList) DeepCopyInto(out *OIDCIdentityProviderList) {
|
||||||
|
*out = *in
|
||||||
|
out.TypeMeta = in.TypeMeta
|
||||||
|
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||||
|
if in.Items != nil {
|
||||||
|
in, out := &in.Items, &out.Items
|
||||||
|
*out = make([]OIDCIdentityProvider, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderList.
|
||||||
|
func (in *OIDCIdentityProviderList) DeepCopy() *OIDCIdentityProviderList {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(OIDCIdentityProviderList)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||||
|
func (in *OIDCIdentityProviderList) DeepCopyObject() runtime.Object {
|
||||||
|
if c := in.DeepCopy(); c != nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *OIDCIdentityProviderSpec) DeepCopyInto(out *OIDCIdentityProviderSpec) {
|
||||||
|
*out = *in
|
||||||
|
if in.TLS != nil {
|
||||||
|
in, out := &in.TLS, &out.TLS
|
||||||
|
*out = new(TLSSpec)
|
||||||
|
**out = **in
|
||||||
|
}
|
||||||
|
in.AuthorizationConfig.DeepCopyInto(&out.AuthorizationConfig)
|
||||||
|
out.Claims = in.Claims
|
||||||
|
out.Client = in.Client
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderSpec.
|
||||||
|
func (in *OIDCIdentityProviderSpec) DeepCopy() *OIDCIdentityProviderSpec {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(OIDCIdentityProviderSpec)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *OIDCIdentityProviderStatus) DeepCopyInto(out *OIDCIdentityProviderStatus) {
|
||||||
|
*out = *in
|
||||||
|
if in.Conditions != nil {
|
||||||
|
in, out := &in.Conditions, &out.Conditions
|
||||||
|
*out = make([]Condition, len(*in))
|
||||||
|
for i := range *in {
|
||||||
|
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderStatus.
|
||||||
|
func (in *OIDCIdentityProviderStatus) DeepCopy() *OIDCIdentityProviderStatus {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(OIDCIdentityProviderStatus)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *Parameter) DeepCopyInto(out *Parameter) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Parameter.
|
||||||
|
func (in *Parameter) DeepCopy() *Parameter {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(Parameter)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *TLSSpec) DeepCopyInto(out *TLSSpec) {
|
||||||
|
*out = *in
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSSpec.
|
||||||
|
func (in *TLSSpec) DeepCopy() *TLSSpec {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(TLSSpec)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
66
generated/1.25/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go
generated
Normal file
66
generated/1.25/apis/supervisor/idpdiscovery/v1alpha1/types_supervisor_idp_discovery.go
generated
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package v1alpha1
|
||||||
|
|
||||||
|
// IDPType are the strings that can be returned by the Supervisor identity provider discovery endpoint
|
||||||
|
// as the "type" of each returned identity provider.
|
||||||
|
type IDPType string
|
||||||
|
|
||||||
|
// IDPFlow are the strings that can be returned by the Supervisor identity provider discovery endpoint
|
||||||
|
// in the array of allowed client "flows" for each returned identity provider.
|
||||||
|
type IDPFlow string
|
||||||
|
|
||||||
|
const (
|
||||||
|
IDPTypeOIDC IDPType = "oidc"
|
||||||
|
IDPTypeLDAP IDPType = "ldap"
|
||||||
|
IDPTypeActiveDirectory IDPType = "activedirectory"
|
||||||
|
|
||||||
|
IDPFlowCLIPassword IDPFlow = "cli_password"
|
||||||
|
IDPFlowBrowserAuthcode IDPFlow = "browser_authcode"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Equals is a convenience function for comparing an IDPType to a string.
|
||||||
|
func (r IDPType) Equals(s string) bool {
|
||||||
|
return string(r) == s
|
||||||
|
}
|
||||||
|
|
||||||
|
// String is a convenience function to convert an IDPType to a string.
|
||||||
|
func (r IDPType) String() string {
|
||||||
|
return string(r)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Equals is a convenience function for comparing an IDPFlow to a string.
|
||||||
|
func (r IDPFlow) Equals(s string) bool {
|
||||||
|
return string(r) == s
|
||||||
|
}
|
||||||
|
|
||||||
|
// String is a convenience function to convert an IDPFlow to a string.
|
||||||
|
func (r IDPFlow) String() string {
|
||||||
|
return string(r)
|
||||||
|
}
|
||||||
|
|
||||||
|
// OIDCDiscoveryResponse is part of the response from a FederationDomain's OpenID Provider Configuration
|
||||||
|
// Document returned by the .well-known/openid-configuration endpoint. It ignores all the standard OpenID Provider
|
||||||
|
// configuration metadata and only picks out the portion related to Supervisor identity provider discovery.
|
||||||
|
type OIDCDiscoveryResponse struct {
|
||||||
|
SupervisorDiscovery OIDCDiscoveryResponseIDPEndpoint `json:"discovery.supervisor.pinniped.dev/v1alpha1"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// OIDCDiscoveryResponseIDPEndpoint contains the URL for the identity provider discovery endpoint.
|
||||||
|
type OIDCDiscoveryResponseIDPEndpoint struct {
|
||||||
|
PinnipedIDPsEndpoint string `json:"pinniped_identity_providers_endpoint"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// IDPDiscoveryResponse is the response of a FederationDomain's identity provider discovery endpoint.
|
||||||
|
type IDPDiscoveryResponse struct {
|
||||||
|
PinnipedIDPs []PinnipedIDP `json:"pinniped_identity_providers"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// PinnipedIDP describes a single identity provider as included in the response of a FederationDomain's
|
||||||
|
// identity provider discovery endpoint.
|
||||||
|
type PinnipedIDP struct {
|
||||||
|
Name string `json:"name"`
|
||||||
|
Type IDPType `json:"type"`
|
||||||
|
Flows []IDPFlow `json:"flows,omitempty"`
|
||||||
|
}
|
25
generated/1.25/apis/supervisor/oidc/types_supervisor_oidc.go
generated
Normal file
25
generated/1.25/apis/supervisor/oidc/types_supervisor_oidc.go
generated
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package oidc
|
||||||
|
|
||||||
|
// Constants related to the Supervisor FederationDomain's authorization and token endpoints.
|
||||||
|
const (
|
||||||
|
// AuthorizeUsernameHeaderName is the name of the HTTP header which can be used to transmit a username
|
||||||
|
// to the authorize endpoint when using a password flow, for example an OIDCIdentityProvider with a password grant
|
||||||
|
// or an LDAPIdentityProvider.
|
||||||
|
AuthorizeUsernameHeaderName = "Pinniped-Username"
|
||||||
|
|
||||||
|
// AuthorizePasswordHeaderName is the name of the HTTP header which can be used to transmit a password
|
||||||
|
// to the authorize endpoint when using a password flow, for example an OIDCIdentityProvider with a password grant
|
||||||
|
// or an LDAPIdentityProvider.
|
||||||
|
AuthorizePasswordHeaderName = "Pinniped-Password" //nolint:gosec // this is not a credential
|
||||||
|
|
||||||
|
// AuthorizeUpstreamIDPNameParamName is the name of the HTTP request parameter which can be used to help select which
|
||||||
|
// identity provider should be used for authentication by sending the name of the desired identity provider.
|
||||||
|
AuthorizeUpstreamIDPNameParamName = "pinniped_idp_name"
|
||||||
|
|
||||||
|
// AuthorizeUpstreamIDPTypeParamName is the name of the HTTP request parameter which can be used to help select which
|
||||||
|
// identity provider should be used for authentication by sending the type of the desired identity provider.
|
||||||
|
AuthorizeUpstreamIDPTypeParamName = "pinniped_idp_type"
|
||||||
|
)
|
147
generated/1.25/client/concierge/clientset/versioned/clientset.go
generated
Normal file
147
generated/1.25/client/concierge/clientset/versioned/clientset.go
generated
Normal file
@ -0,0 +1,147 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by client-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
package versioned
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
authenticationv1alpha1 "go.pinniped.dev/generated/1.25/client/concierge/clientset/versioned/typed/authentication/v1alpha1"
|
||||||
|
configv1alpha1 "go.pinniped.dev/generated/1.25/client/concierge/clientset/versioned/typed/config/v1alpha1"
|
||||||
|
identityv1alpha1 "go.pinniped.dev/generated/1.25/client/concierge/clientset/versioned/typed/identity/v1alpha1"
|
||||||
|
loginv1alpha1 "go.pinniped.dev/generated/1.25/client/concierge/clientset/versioned/typed/login/v1alpha1"
|
||||||
|
discovery "k8s.io/client-go/discovery"
|
||||||
|
rest "k8s.io/client-go/rest"
|
||||||
|
flowcontrol "k8s.io/client-go/util/flowcontrol"
|
||||||
|
)
|
||||||
|
|
||||||
|
type Interface interface {
|
||||||
|
Discovery() discovery.DiscoveryInterface
|
||||||
|
AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface
|
||||||
|
ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface
|
||||||
|
IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface
|
||||||
|
LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface
|
||||||
|
}
|
||||||
|
|
||||||
|
// Clientset contains the clients for groups. Each group has exactly one
|
||||||
|
// version included in a Clientset.
|
||||||
|
type Clientset struct {
|
||||||
|
*discovery.DiscoveryClient
|
||||||
|
authenticationV1alpha1 *authenticationv1alpha1.AuthenticationV1alpha1Client
|
||||||
|
configV1alpha1 *configv1alpha1.ConfigV1alpha1Client
|
||||||
|
identityV1alpha1 *identityv1alpha1.IdentityV1alpha1Client
|
||||||
|
loginV1alpha1 *loginv1alpha1.LoginV1alpha1Client
|
||||||
|
}
|
||||||
|
|
||||||
|
// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client
|
||||||
|
func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface {
|
||||||
|
return c.authenticationV1alpha1
|
||||||
|
}
|
||||||
|
|
||||||
|
// ConfigV1alpha1 retrieves the ConfigV1alpha1Client
|
||||||
|
func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface {
|
||||||
|
return c.configV1alpha1
|
||||||
|
}
|
||||||
|
|
||||||
|
// IdentityV1alpha1 retrieves the IdentityV1alpha1Client
|
||||||
|
func (c *Clientset) IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface {
|
||||||
|
return c.identityV1alpha1
|
||||||
|
}
|
||||||
|
|
||||||
|
// LoginV1alpha1 retrieves the LoginV1alpha1Client
|
||||||
|
func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface {
|
||||||
|
return c.loginV1alpha1
|
||||||
|
}
|
||||||
|
|
||||||
|
// Discovery retrieves the DiscoveryClient
|
||||||
|
func (c *Clientset) Discovery() discovery.DiscoveryInterface {
|
||||||
|
if c == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
return c.DiscoveryClient
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewForConfig creates a new Clientset for the given config.
|
||||||
|
// If config's RateLimiter is not set and QPS and Burst are acceptable,
|
||||||
|
// NewForConfig will generate a rate-limiter in configShallowCopy.
|
||||||
|
// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient),
|
||||||
|
// where httpClient was generated with rest.HTTPClientFor(c).
|
||||||
|
func NewForConfig(c *rest.Config) (*Clientset, error) {
|
||||||
|
configShallowCopy := *c
|
||||||
|
|
||||||
|
if configShallowCopy.UserAgent == "" {
|
||||||
|
configShallowCopy.UserAgent = rest.DefaultKubernetesUserAgent()
|
||||||
|
}
|
||||||
|
|
||||||
|
// share the transport between all clients
|
||||||
|
httpClient, err := rest.HTTPClientFor(&configShallowCopy)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return NewForConfigAndClient(&configShallowCopy, httpClient)
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewForConfigAndClient creates a new Clientset for the given config and http client.
|
||||||
|
// Note the http client provided takes precedence over the configured transport values.
|
||||||
|
// If config's RateLimiter is not set and QPS and Burst are acceptable,
|
||||||
|
// NewForConfigAndClient will generate a rate-limiter in configShallowCopy.
|
||||||
|
func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, error) {
|
||||||
|
configShallowCopy := *c
|
||||||
|
if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 {
|
||||||
|
if configShallowCopy.Burst <= 0 {
|
||||||
|
return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0")
|
||||||
|
}
|
||||||
|
configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst)
|
||||||
|
}
|
||||||
|
|
||||||
|
var cs Clientset
|
||||||
|
var err error
|
||||||
|
cs.authenticationV1alpha1, err = authenticationv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
cs.configV1alpha1, err = configv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
cs.identityV1alpha1, err = identityv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
cs.loginV1alpha1, err = loginv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return &cs, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewForConfigOrDie creates a new Clientset for the given config and
|
||||||
|
// panics if there is an error in the config.
|
||||||
|
func NewForConfigOrDie(c *rest.Config) *Clientset {
|
||||||
|
cs, err := NewForConfig(c)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
return cs
|
||||||
|
}
|
||||||
|
|
||||||
|
// New creates a new Clientset for the given RESTClient.
|
||||||
|
func New(c rest.Interface) *Clientset {
|
||||||
|
var cs Clientset
|
||||||
|
cs.authenticationV1alpha1 = authenticationv1alpha1.New(c)
|
||||||
|
cs.configV1alpha1 = configv1alpha1.New(c)
|
||||||
|
cs.identityV1alpha1 = identityv1alpha1.New(c)
|
||||||
|
cs.loginV1alpha1 = loginv1alpha1.New(c)
|
||||||
|
|
||||||
|
cs.DiscoveryClient = discovery.NewDiscoveryClient(c)
|
||||||
|
return &cs
|
||||||
|
}
|
7
generated/1.25/client/concierge/clientset/versioned/doc.go
generated
Normal file
7
generated/1.25/client/concierge/clientset/versioned/doc.go
generated
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by client-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
// This package has the automatically generated clientset.
|
||||||
|
package versioned
|
93
generated/1.25/client/concierge/clientset/versioned/fake/clientset_generated.go
generated
Normal file
93
generated/1.25/client/concierge/clientset/versioned/fake/clientset_generated.go
generated
Normal file
@ -0,0 +1,93 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by client-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
package fake
|
||||||
|
|
||||||
|
import (
|
||||||
|
clientset "go.pinniped.dev/generated/1.25/client/concierge/clientset/versioned"
|
||||||
|
authenticationv1alpha1 "go.pinniped.dev/generated/1.25/client/concierge/clientset/versioned/typed/authentication/v1alpha1"
|
||||||
|
fakeauthenticationv1alpha1 "go.pinniped.dev/generated/1.25/client/concierge/clientset/versioned/typed/authentication/v1alpha1/fake"
|
||||||
|
configv1alpha1 "go.pinniped.dev/generated/1.25/client/concierge/clientset/versioned/typed/config/v1alpha1"
|
||||||
|
fakeconfigv1alpha1 "go.pinniped.dev/generated/1.25/client/concierge/clientset/versioned/typed/config/v1alpha1/fake"
|
||||||
|
identityv1alpha1 "go.pinniped.dev/generated/1.25/client/concierge/clientset/versioned/typed/identity/v1alpha1"
|
||||||
|
fakeidentityv1alpha1 "go.pinniped.dev/generated/1.25/client/concierge/clientset/versioned/typed/identity/v1alpha1/fake"
|
||||||
|
loginv1alpha1 "go.pinniped.dev/generated/1.25/client/concierge/clientset/versioned/typed/login/v1alpha1"
|
||||||
|
fakeloginv1alpha1 "go.pinniped.dev/generated/1.25/client/concierge/clientset/versioned/typed/login/v1alpha1/fake"
|
||||||
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
"k8s.io/apimachinery/pkg/watch"
|
||||||
|
"k8s.io/client-go/discovery"
|
||||||
|
fakediscovery "k8s.io/client-go/discovery/fake"
|
||||||
|
"k8s.io/client-go/testing"
|
||||||
|
)
|
||||||
|
|
||||||
|
// NewSimpleClientset returns a clientset that will respond with the provided objects.
|
||||||
|
// It's backed by a very simple object tracker that processes creates, updates and deletions as-is,
|
||||||
|
// without applying any validations and/or defaults. It shouldn't be considered a replacement
|
||||||
|
// for a real clientset and is mostly useful in simple unit tests.
|
||||||
|
func NewSimpleClientset(objects ...runtime.Object) *Clientset {
|
||||||
|
o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder())
|
||||||
|
for _, obj := range objects {
|
||||||
|
if err := o.Add(obj); err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
cs := &Clientset{tracker: o}
|
||||||
|
cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake}
|
||||||
|
cs.AddReactor("*", "*", testing.ObjectReaction(o))
|
||||||
|
cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) {
|
||||||
|
gvr := action.GetResource()
|
||||||
|
ns := action.GetNamespace()
|
||||||
|
watch, err := o.Watch(gvr, ns)
|
||||||
|
if err != nil {
|
||||||
|
return false, nil, err
|
||||||
|
}
|
||||||
|
return true, watch, nil
|
||||||
|
})
|
||||||
|
|
||||||
|
return cs
|
||||||
|
}
|
||||||
|
|
||||||
|
// Clientset implements clientset.Interface. Meant to be embedded into a
|
||||||
|
// struct to get a default implementation. This makes faking out just the method
|
||||||
|
// you want to test easier.
|
||||||
|
type Clientset struct {
|
||||||
|
testing.Fake
|
||||||
|
discovery *fakediscovery.FakeDiscovery
|
||||||
|
tracker testing.ObjectTracker
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *Clientset) Discovery() discovery.DiscoveryInterface {
|
||||||
|
return c.discovery
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *Clientset) Tracker() testing.ObjectTracker {
|
||||||
|
return c.tracker
|
||||||
|
}
|
||||||
|
|
||||||
|
var (
|
||||||
|
_ clientset.Interface = &Clientset{}
|
||||||
|
_ testing.FakeClient = &Clientset{}
|
||||||
|
)
|
||||||
|
|
||||||
|
// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client
|
||||||
|
func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface {
|
||||||
|
return &fakeauthenticationv1alpha1.FakeAuthenticationV1alpha1{Fake: &c.Fake}
|
||||||
|
}
|
||||||
|
|
||||||
|
// ConfigV1alpha1 retrieves the ConfigV1alpha1Client
|
||||||
|
func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface {
|
||||||
|
return &fakeconfigv1alpha1.FakeConfigV1alpha1{Fake: &c.Fake}
|
||||||
|
}
|
||||||
|
|
||||||
|
// IdentityV1alpha1 retrieves the IdentityV1alpha1Client
|
||||||
|
func (c *Clientset) IdentityV1alpha1() identityv1alpha1.IdentityV1alpha1Interface {
|
||||||
|
return &fakeidentityv1alpha1.FakeIdentityV1alpha1{Fake: &c.Fake}
|
||||||
|
}
|
||||||
|
|
||||||
|
// LoginV1alpha1 retrieves the LoginV1alpha1Client
|
||||||
|
func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface {
|
||||||
|
return &fakeloginv1alpha1.FakeLoginV1alpha1{Fake: &c.Fake}
|
||||||
|
}
|
7
generated/1.25/client/concierge/clientset/versioned/fake/doc.go
generated
Normal file
7
generated/1.25/client/concierge/clientset/versioned/fake/doc.go
generated
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by client-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
// This package has the automatically generated fake clientset.
|
||||||
|
package fake
|
49
generated/1.25/client/concierge/clientset/versioned/fake/register.go
generated
Normal file
49
generated/1.25/client/concierge/clientset/versioned/fake/register.go
generated
Normal file
@ -0,0 +1,49 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by client-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
package fake
|
||||||
|
|
||||||
|
import (
|
||||||
|
authenticationv1alpha1 "go.pinniped.dev/generated/1.25/apis/concierge/authentication/v1alpha1"
|
||||||
|
configv1alpha1 "go.pinniped.dev/generated/1.25/apis/concierge/config/v1alpha1"
|
||||||
|
identityv1alpha1 "go.pinniped.dev/generated/1.25/apis/concierge/identity/v1alpha1"
|
||||||
|
loginv1alpha1 "go.pinniped.dev/generated/1.25/apis/concierge/login/v1alpha1"
|
||||||
|
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||||
|
schema "k8s.io/apimachinery/pkg/runtime/schema"
|
||||||
|
serializer "k8s.io/apimachinery/pkg/runtime/serializer"
|
||||||
|
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
var scheme = runtime.NewScheme()
|
||||||
|
var codecs = serializer.NewCodecFactory(scheme)
|
||||||
|
|
||||||
|
var localSchemeBuilder = runtime.SchemeBuilder{
|
||||||
|
authenticationv1alpha1.AddToScheme,
|
||||||
|
configv1alpha1.AddToScheme,
|
||||||
|
identityv1alpha1.AddToScheme,
|
||||||
|
loginv1alpha1.AddToScheme,
|
||||||
|
}
|
||||||
|
|
||||||
|
// AddToScheme adds all types of this clientset into the given scheme. This allows composition
|
||||||
|
// of clientsets, like in:
|
||||||
|
//
|
||||||
|
// import (
|
||||||
|
// "k8s.io/client-go/kubernetes"
|
||||||
|
// clientsetscheme "k8s.io/client-go/kubernetes/scheme"
|
||||||
|
// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme"
|
||||||
|
// )
|
||||||
|
//
|
||||||
|
// kclientset, _ := kubernetes.NewForConfig(c)
|
||||||
|
// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme)
|
||||||
|
//
|
||||||
|
// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types
|
||||||
|
// correctly.
|
||||||
|
var AddToScheme = localSchemeBuilder.AddToScheme
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"})
|
||||||
|
utilruntime.Must(AddToScheme(scheme))
|
||||||
|
}
|
7
generated/1.25/client/concierge/clientset/versioned/scheme/doc.go
generated
Normal file
7
generated/1.25/client/concierge/clientset/versioned/scheme/doc.go
generated
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by client-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
// This package contains the scheme of the automatically generated clientset.
|
||||||
|
package scheme
|
49
generated/1.25/client/concierge/clientset/versioned/scheme/register.go
generated
Normal file
49
generated/1.25/client/concierge/clientset/versioned/scheme/register.go
generated
Normal file
@ -0,0 +1,49 @@
|
|||||||
|
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
// Code generated by client-gen. DO NOT EDIT.
|
||||||
|
|
||||||
|
package scheme
|
||||||
|
|
||||||
|
import (
|
||||||
|
authenticationv1alpha1 "go.pinniped.dev/generated/1.25/apis/concierge/authentication/v1alpha1"
|
||||||
|
configv1alpha1 "go.pinniped.dev/generated/1.25/apis/concierge/config/v1alpha1"
|
||||||
|
identityv1alpha1 "go.pinniped.dev/generated/1.25/apis/concierge/identity/v1alpha1"
|
||||||
|
loginv1alpha1 "go.pinniped.dev/generated/1.25/apis/concierge/login/v1alpha1"
|
||||||
|
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||||
|
schema "k8s.io/apimachinery/pkg/runtime/schema"
|
||||||
|
serializer "k8s.io/apimachinery/pkg/runtime/serializer"
|
||||||
|
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
var Scheme = runtime.NewScheme()
|
||||||
|
var Codecs = serializer.NewCodecFactory(Scheme)
|
||||||
|
var ParameterCodec = runtime.NewParameterCodec(Scheme)
|
||||||
|
var localSchemeBuilder = runtime.SchemeBuilder{
|
||||||
|
authenticationv1alpha1.AddToScheme,
|
||||||
|
configv1alpha1.AddToScheme,
|
||||||
|
identityv1alpha1.AddToScheme,
|
||||||
|
loginv1alpha1.AddToScheme,
|
||||||
|
}
|
||||||
|
|
||||||
|
// AddToScheme adds all types of this clientset into the given scheme. This allows composition
|
||||||
|
// of clientsets, like in:
|
||||||
|
//
|
||||||
|
// import (
|
||||||
|
// "k8s.io/client-go/kubernetes"
|
||||||
|
// clientsetscheme "k8s.io/client-go/kubernetes/scheme"
|
||||||
|
// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme"
|
||||||
|
// )
|
||||||
|
//
|
||||||
|
// kclientset, _ := kubernetes.NewForConfig(c)
|
||||||
|
// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme)
|
||||||
|
//
|
||||||
|
// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types
|
||||||
|
// correctly.
|
||||||
|
var AddToScheme = localSchemeBuilder.AddToScheme
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"})
|
||||||
|
utilruntime.Must(AddToScheme(Scheme))
|
||||||
|
}
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user