djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add generated code for new CredentialIssuer API fields.

Browse Source 
Signed-off-by: Matt Moyer <moyerm@vmware.com>
This commit is contained in:
Matt Moyer 2021-02-24 10:47:06 -06:00
parent 96d7743eab
commit 7be8927d5e
No known key found for this signature in database
GPG Key ID: EAE88AD172C5AE2D
19 changed files with 418 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
deploy/concierge/config.concierge.pinniped.dev_credentialissuers.yaml
View File

@ -38,16 +38,34 @@ spec:
status: status:
description: Status of the credential issuer. description: Status of the credential issuer.
properties: properties:
kubeConfigInfo: impersonationProxyInfo:
description: Information needed to form a valid Pinniped-based kubeconfig description: Information needed to form a valid Pinniped-based kubeconfig
using this credential issuer. using the impersonation proxy.
properties: properties:
certificateAuthorityData: certificateAuthorityData:
description: The K8s API server CA bundle. description: The CA bundle to validate connections to the impersonation
proxy.
minLength: 1
type: string
endpoint:
description: The HTTPS endpoint of the impersonation proxy.
minLength: 1
pattern: ^https://
type: string
required:
- certificateAuthorityData
- endpoint
type: object
kubeConfigInfo:
description: Information needed to form a valid Pinniped-based kubeconfig
using the TokenCredentialRequest API.
properties:
certificateAuthorityData:
description: The Kubernetes API server CA bundle.
minLength: 1 minLength: 1
type: string type: string
server: server:
description: The K8s API server URL. description: The Kubernetes API server URL.
minLength: 1 minLength: 1
pattern: ^https://|^http:// pattern: ^https://|^http://
type: string type: string

25
generated/1.17/README.adoc generated
View File

@ -236,6 +236,24 @@ Describes the configuration status of a Pinniped credential issuer.
|=== |===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerimpersonationproxyinfo"]
==== CredentialIssuerImpersonationProxyInfo
.Appears In:
****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]
****
[cols="25a,75a", options="header"]
|===
| Field | Description
| *`endpoint`* __string__ | The HTTPS endpoint of the impersonation proxy.
| *`certificateAuthorityData`* __string__ | The CA bundle to validate connections to the impersonation proxy.
|===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"]
==== CredentialIssuerKubeConfigInfo ==== CredentialIssuerKubeConfigInfo
@ -249,8 +267,8 @@ Describes the configuration status of a Pinniped credential issuer.
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
|=== |===
| Field | Description | Field | Description
| *`server`* __string__ | The K8s API server URL. | *`server`* __string__ | The Kubernetes API server URL.
| *`certificateAuthorityData`* __string__ | The K8s API server CA bundle. | *`certificateAuthorityData`* __string__ | The Kubernetes API server CA bundle.
|=== |===
@ -270,7 +288,8 @@ Status of a credential issuer.
|=== |===
| Field | Description | Field | Description
| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. | *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped.
| *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. | *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using the TokenCredentialRequest API.
| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-config-v1alpha1-credentialissuerimpersonationproxyinfo[$$CredentialIssuerImpersonationProxyInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using the impersonation proxy.
|=== |===

27
generated/1.17/apis/concierge/config/v1alpha1/types_credentialissuer.go generated
View File

@ -16,12 +16,15 @@ type StrategyReason string
const ( const (
KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate") KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate")
ImpersonationProxyStrategyType = StrategyType("ImpersonationProxy")
SuccessStrategyStatus = StrategyStatus("Success") SuccessStrategyStatus = StrategyStatus("Success")
ErrorStrategyStatus = StrategyStatus("Error") ErrorStrategyStatus = StrategyStatus("Error")
CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey") CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey")
FetchedKeyStrategyReason = StrategyReason("FetchedKey") FetchedKeyStrategyReason = StrategyReason("FetchedKey")
ListeningStrategyReason = StrategyReason("Listening")
DisabledStrategyReason = StrategyReason("Disabled")
) )
// Status of a credential issuer. // Status of a credential issuer.
@ -29,19 +32,35 @@ type CredentialIssuerStatus struct {
// List of integration strategies that were attempted by Pinniped. // List of integration strategies that were attempted by Pinniped.
Strategies []CredentialIssuerStrategy `json:"strategies"` Strategies []CredentialIssuerStrategy `json:"strategies"`
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to form a valid Pinniped-based kubeconfig using the TokenCredentialRequest API.
// +optional // +optional
KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"` KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
// Information needed to form a valid Pinniped-based kubeconfig using the impersonation proxy.
// +optional
ImpersonationProxyInfo *CredentialIssuerImpersonationProxyInfo `json:"impersonationProxyInfo,omitempty"`
} }
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to connect to the TokenCredentialRequest API on this cluster.
type CredentialIssuerKubeConfigInfo struct { type CredentialIssuerKubeConfigInfo struct {
// The K8s API server URL. // The Kubernetes API server URL.
// +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://|^http://` // +kubebuilder:validation:Pattern=`^https://|^http://`
Server string `json:"server"` Server string `json:"server"`
// The K8s API server CA bundle. // The Kubernetes API server CA bundle.
// +kubebuilder:validation:MinLength=1
CertificateAuthorityData string `json:"certificateAuthorityData"`
}
// Information needed to connect to the TokenCredentialRequest API on this cluster.
type CredentialIssuerImpersonationProxyInfo struct {
// The HTTPS endpoint of the impersonation proxy.
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://`
Endpoint string `json:"endpoint"`
// The CA bundle to validate connections to the impersonation proxy.
// +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MinLength=1
CertificateAuthorityData string `json:"certificateAuthorityData"` CertificateAuthorityData string `json:"certificateAuthorityData"`
} }

21
generated/1.17/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go generated
View File

@ -38,6 +38,22 @@ func (in *CredentialIssuer) DeepCopyObject() runtime.Object {
return nil return nil
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerImpersonationProxyInfo) DeepCopyInto(out *CredentialIssuerImpersonationProxyInfo) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerImpersonationProxyInfo.
func (in *CredentialIssuerImpersonationProxyInfo) DeepCopy() *CredentialIssuerImpersonationProxyInfo {
if in == nil {
return nil
}
out := new(CredentialIssuerImpersonationProxyInfo)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) { func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) {
*out = *in *out = *in
@ -102,6 +118,11 @@ func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) {
*out = new(CredentialIssuerKubeConfigInfo) *out = new(CredentialIssuerKubeConfigInfo)
**out = **in **out = **in
} }
if in.ImpersonationProxyInfo != nil {
in, out := &in.ImpersonationProxyInfo, &out.ImpersonationProxyInfo
*out = new(CredentialIssuerImpersonationProxyInfo)
**out = **in
}
return return
} }

26
generated/1.17/crds/config.concierge.pinniped.dev_credentialissuers.yaml generated
View File

@ -38,16 +38,34 @@ spec:
status: status:
description: Status of the credential issuer. description: Status of the credential issuer.
properties: properties:
kubeConfigInfo: impersonationProxyInfo:
description: Information needed to form a valid Pinniped-based kubeconfig description: Information needed to form a valid Pinniped-based kubeconfig
using this credential issuer. using the impersonation proxy.
properties: properties:
certificateAuthorityData: certificateAuthorityData:
description: The K8s API server CA bundle. description: The CA bundle to validate connections to the impersonation
proxy.
minLength: 1
type: string
endpoint:
description: The HTTPS endpoint of the impersonation proxy.
minLength: 1
pattern: ^https://
type: string
required:
- certificateAuthorityData
- endpoint
type: object
kubeConfigInfo:
description: Information needed to form a valid Pinniped-based kubeconfig
using the TokenCredentialRequest API.
properties:
certificateAuthorityData:
description: The Kubernetes API server CA bundle.
minLength: 1 minLength: 1
type: string type: string
server: server:
description: The K8s API server URL. description: The Kubernetes API server URL.
minLength: 1 minLength: 1
pattern: ^https://|^http:// pattern: ^https://|^http://
type: string type: string

25
generated/1.18/README.adoc generated
View File

@ -236,6 +236,24 @@ Describes the configuration status of a Pinniped credential issuer.
|=== |===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerimpersonationproxyinfo"]
==== CredentialIssuerImpersonationProxyInfo
.Appears In:
****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]
****
[cols="25a,75a", options="header"]
|===
| Field | Description
| *`endpoint`* __string__ | The HTTPS endpoint of the impersonation proxy.
| *`certificateAuthorityData`* __string__ | The CA bundle to validate connections to the impersonation proxy.
|===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"]
==== CredentialIssuerKubeConfigInfo ==== CredentialIssuerKubeConfigInfo
@ -249,8 +267,8 @@ Describes the configuration status of a Pinniped credential issuer.
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
|=== |===
| Field | Description | Field | Description
| *`server`* __string__ | The K8s API server URL. | *`server`* __string__ | The Kubernetes API server URL.
| *`certificateAuthorityData`* __string__ | The K8s API server CA bundle. | *`certificateAuthorityData`* __string__ | The Kubernetes API server CA bundle.
|=== |===
@ -270,7 +288,8 @@ Status of a credential issuer.
|=== |===
| Field | Description | Field | Description
| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. | *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped.
| *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. | *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using the TokenCredentialRequest API.
| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-config-v1alpha1-credentialissuerimpersonationproxyinfo[$$CredentialIssuerImpersonationProxyInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using the impersonation proxy.
|=== |===

27
generated/1.18/apis/concierge/config/v1alpha1/types_credentialissuer.go generated
View File

@ -16,12 +16,15 @@ type StrategyReason string
const ( const (
KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate") KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate")
ImpersonationProxyStrategyType = StrategyType("ImpersonationProxy")
SuccessStrategyStatus = StrategyStatus("Success") SuccessStrategyStatus = StrategyStatus("Success")
ErrorStrategyStatus = StrategyStatus("Error") ErrorStrategyStatus = StrategyStatus("Error")
CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey") CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey")
FetchedKeyStrategyReason = StrategyReason("FetchedKey") FetchedKeyStrategyReason = StrategyReason("FetchedKey")
ListeningStrategyReason = StrategyReason("Listening")
DisabledStrategyReason = StrategyReason("Disabled")
) )
// Status of a credential issuer. // Status of a credential issuer.
@ -29,19 +32,35 @@ type CredentialIssuerStatus struct {
// List of integration strategies that were attempted by Pinniped. // List of integration strategies that were attempted by Pinniped.
Strategies []CredentialIssuerStrategy `json:"strategies"` Strategies []CredentialIssuerStrategy `json:"strategies"`
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to form a valid Pinniped-based kubeconfig using the TokenCredentialRequest API.
// +optional // +optional
KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"` KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
// Information needed to form a valid Pinniped-based kubeconfig using the impersonation proxy.
// +optional
ImpersonationProxyInfo *CredentialIssuerImpersonationProxyInfo `json:"impersonationProxyInfo,omitempty"`
} }
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to connect to the TokenCredentialRequest API on this cluster.
type CredentialIssuerKubeConfigInfo struct { type CredentialIssuerKubeConfigInfo struct {
// The K8s API server URL. // The Kubernetes API server URL.
// +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://|^http://` // +kubebuilder:validation:Pattern=`^https://|^http://`
Server string `json:"server"` Server string `json:"server"`
// The K8s API server CA bundle. // The Kubernetes API server CA bundle.
// +kubebuilder:validation:MinLength=1
CertificateAuthorityData string `json:"certificateAuthorityData"`
}
// Information needed to connect to the TokenCredentialRequest API on this cluster.
type CredentialIssuerImpersonationProxyInfo struct {
// The HTTPS endpoint of the impersonation proxy.
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://`
Endpoint string `json:"endpoint"`
// The CA bundle to validate connections to the impersonation proxy.
// +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MinLength=1
CertificateAuthorityData string `json:"certificateAuthorityData"` CertificateAuthorityData string `json:"certificateAuthorityData"`
} }

21
generated/1.18/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go generated
View File

@ -38,6 +38,22 @@ func (in *CredentialIssuer) DeepCopyObject() runtime.Object {
return nil return nil
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerImpersonationProxyInfo) DeepCopyInto(out *CredentialIssuerImpersonationProxyInfo) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerImpersonationProxyInfo.
func (in *CredentialIssuerImpersonationProxyInfo) DeepCopy() *CredentialIssuerImpersonationProxyInfo {
if in == nil {
return nil
}
out := new(CredentialIssuerImpersonationProxyInfo)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) { func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) {
*out = *in *out = *in
@ -102,6 +118,11 @@ func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) {
*out = new(CredentialIssuerKubeConfigInfo) *out = new(CredentialIssuerKubeConfigInfo)
**out = **in **out = **in
} }
if in.ImpersonationProxyInfo != nil {
in, out := &in.ImpersonationProxyInfo, &out.ImpersonationProxyInfo
*out = new(CredentialIssuerImpersonationProxyInfo)
**out = **in
}
return return
} }

26
generated/1.18/crds/config.concierge.pinniped.dev_credentialissuers.yaml generated
View File

@ -38,16 +38,34 @@ spec:
status: status:
description: Status of the credential issuer. description: Status of the credential issuer.
properties: properties:
kubeConfigInfo: impersonationProxyInfo:
description: Information needed to form a valid Pinniped-based kubeconfig description: Information needed to form a valid Pinniped-based kubeconfig
using this credential issuer. using the impersonation proxy.
properties: properties:
certificateAuthorityData: certificateAuthorityData:
description: The K8s API server CA bundle. description: The CA bundle to validate connections to the impersonation
proxy.
minLength: 1
type: string
endpoint:
description: The HTTPS endpoint of the impersonation proxy.
minLength: 1
pattern: ^https://
type: string
required:
- certificateAuthorityData
- endpoint
type: object
kubeConfigInfo:
description: Information needed to form a valid Pinniped-based kubeconfig
using the TokenCredentialRequest API.
properties:
certificateAuthorityData:
description: The Kubernetes API server CA bundle.
minLength: 1 minLength: 1
type: string type: string
server: server:
description: The K8s API server URL. description: The Kubernetes API server URL.
minLength: 1 minLength: 1
pattern: ^https://|^http:// pattern: ^https://|^http://
type: string type: string

25
generated/1.19/README.adoc generated
View File

@ -236,6 +236,24 @@ Describes the configuration status of a Pinniped credential issuer.
|=== |===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerimpersonationproxyinfo"]
==== CredentialIssuerImpersonationProxyInfo
.Appears In:
****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]
****
[cols="25a,75a", options="header"]
|===
| Field | Description
| *`endpoint`* __string__ | The HTTPS endpoint of the impersonation proxy.
| *`certificateAuthorityData`* __string__ | The CA bundle to validate connections to the impersonation proxy.
|===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"]
==== CredentialIssuerKubeConfigInfo ==== CredentialIssuerKubeConfigInfo
@ -249,8 +267,8 @@ Describes the configuration status of a Pinniped credential issuer.
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
|=== |===
| Field | Description | Field | Description
| *`server`* __string__ | The K8s API server URL. | *`server`* __string__ | The Kubernetes API server URL.
| *`certificateAuthorityData`* __string__ | The K8s API server CA bundle. | *`certificateAuthorityData`* __string__ | The Kubernetes API server CA bundle.
|=== |===
@ -270,7 +288,8 @@ Status of a credential issuer.
|=== |===
| Field | Description | Field | Description
| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. | *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped.
| *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. | *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using the TokenCredentialRequest API.
| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-config-v1alpha1-credentialissuerimpersonationproxyinfo[$$CredentialIssuerImpersonationProxyInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using the impersonation proxy.
|=== |===

27
generated/1.19/apis/concierge/config/v1alpha1/types_credentialissuer.go generated
View File

@ -16,12 +16,15 @@ type StrategyReason string
const ( const (
KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate") KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate")
ImpersonationProxyStrategyType = StrategyType("ImpersonationProxy")
SuccessStrategyStatus = StrategyStatus("Success") SuccessStrategyStatus = StrategyStatus("Success")
ErrorStrategyStatus = StrategyStatus("Error") ErrorStrategyStatus = StrategyStatus("Error")
CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey") CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey")
FetchedKeyStrategyReason = StrategyReason("FetchedKey") FetchedKeyStrategyReason = StrategyReason("FetchedKey")
ListeningStrategyReason = StrategyReason("Listening")
DisabledStrategyReason = StrategyReason("Disabled")
) )
// Status of a credential issuer. // Status of a credential issuer.
@ -29,19 +32,35 @@ type CredentialIssuerStatus struct {
// List of integration strategies that were attempted by Pinniped. // List of integration strategies that were attempted by Pinniped.
Strategies []CredentialIssuerStrategy `json:"strategies"` Strategies []CredentialIssuerStrategy `json:"strategies"`
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to form a valid Pinniped-based kubeconfig using the TokenCredentialRequest API.
// +optional // +optional
KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"` KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
// Information needed to form a valid Pinniped-based kubeconfig using the impersonation proxy.
// +optional
ImpersonationProxyInfo *CredentialIssuerImpersonationProxyInfo `json:"impersonationProxyInfo,omitempty"`
} }
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to connect to the TokenCredentialRequest API on this cluster.
type CredentialIssuerKubeConfigInfo struct { type CredentialIssuerKubeConfigInfo struct {
// The K8s API server URL. // The Kubernetes API server URL.
// +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://|^http://` // +kubebuilder:validation:Pattern=`^https://|^http://`
Server string `json:"server"` Server string `json:"server"`
// The K8s API server CA bundle. // The Kubernetes API server CA bundle.
// +kubebuilder:validation:MinLength=1
CertificateAuthorityData string `json:"certificateAuthorityData"`
}
// Information needed to connect to the TokenCredentialRequest API on this cluster.
type CredentialIssuerImpersonationProxyInfo struct {
// The HTTPS endpoint of the impersonation proxy.
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://`
Endpoint string `json:"endpoint"`
// The CA bundle to validate connections to the impersonation proxy.
// +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MinLength=1
CertificateAuthorityData string `json:"certificateAuthorityData"` CertificateAuthorityData string `json:"certificateAuthorityData"`
} }

21
generated/1.19/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go generated
View File

@ -38,6 +38,22 @@ func (in *CredentialIssuer) DeepCopyObject() runtime.Object {
return nil return nil
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerImpersonationProxyInfo) DeepCopyInto(out *CredentialIssuerImpersonationProxyInfo) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerImpersonationProxyInfo.
func (in *CredentialIssuerImpersonationProxyInfo) DeepCopy() *CredentialIssuerImpersonationProxyInfo {
if in == nil {
return nil
}
out := new(CredentialIssuerImpersonationProxyInfo)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) { func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) {
*out = *in *out = *in
@ -102,6 +118,11 @@ func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) {
*out = new(CredentialIssuerKubeConfigInfo) *out = new(CredentialIssuerKubeConfigInfo)
**out = **in **out = **in
} }
if in.ImpersonationProxyInfo != nil {
in, out := &in.ImpersonationProxyInfo, &out.ImpersonationProxyInfo
*out = new(CredentialIssuerImpersonationProxyInfo)
**out = **in
}
return return
} }

26
generated/1.19/crds/config.concierge.pinniped.dev_credentialissuers.yaml generated
View File

@ -38,16 +38,34 @@ spec:
status: status:
description: Status of the credential issuer. description: Status of the credential issuer.
properties: properties:
kubeConfigInfo: impersonationProxyInfo:
description: Information needed to form a valid Pinniped-based kubeconfig description: Information needed to form a valid Pinniped-based kubeconfig
using this credential issuer. using the impersonation proxy.
properties: properties:
certificateAuthorityData: certificateAuthorityData:
description: The K8s API server CA bundle. description: The CA bundle to validate connections to the impersonation
proxy.
minLength: 1
type: string
endpoint:
description: The HTTPS endpoint of the impersonation proxy.
minLength: 1
pattern: ^https://
type: string
required:
- certificateAuthorityData
- endpoint
type: object
kubeConfigInfo:
description: Information needed to form a valid Pinniped-based kubeconfig
using the TokenCredentialRequest API.
properties:
certificateAuthorityData:
description: The Kubernetes API server CA bundle.
minLength: 1 minLength: 1
type: string type: string
server: server:
description: The K8s API server URL. description: The Kubernetes API server URL.
minLength: 1 minLength: 1
pattern: ^https://|^http:// pattern: ^https://|^http://
type: string type: string

25
generated/1.20/README.adoc generated
View File

@ -236,6 +236,24 @@ Describes the configuration status of a Pinniped credential issuer.
|=== |===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-concierge-config-v1alpha1-credentialissuerimpersonationproxyinfo"]
==== CredentialIssuerImpersonationProxyInfo
.Appears In:
****
- xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-concierge-config-v1alpha1-credentialissuerstatus[$$CredentialIssuerStatus$$]
****
[cols="25a,75a", options="header"]
|===
| Field | Description
| *`endpoint`* __string__ | The HTTPS endpoint of the impersonation proxy.
| *`certificateAuthorityData`* __string__ | The CA bundle to validate connections to the impersonation proxy.
|===
[id="{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"] [id="{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo"]
==== CredentialIssuerKubeConfigInfo ==== CredentialIssuerKubeConfigInfo
@ -249,8 +267,8 @@ Describes the configuration status of a Pinniped credential issuer.
[cols="25a,75a", options="header"] [cols="25a,75a", options="header"]
|=== |===
| Field | Description | Field | Description
| *`server`* __string__ | The K8s API server URL. | *`server`* __string__ | The Kubernetes API server URL.
| *`certificateAuthorityData`* __string__ | The K8s API server CA bundle. | *`certificateAuthorityData`* __string__ | The Kubernetes API server CA bundle.
|=== |===
@ -270,7 +288,8 @@ Status of a credential issuer.
|=== |===
| Field | Description | Field | Description
| *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped. | *`strategies`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-concierge-config-v1alpha1-credentialissuerstrategy[$$CredentialIssuerStrategy$$] array__ | List of integration strategies that were attempted by Pinniped.
| *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. | *`kubeConfigInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-concierge-config-v1alpha1-credentialissuerkubeconfiginfo[$$CredentialIssuerKubeConfigInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using the TokenCredentialRequest API.
| *`impersonationProxyInfo`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-concierge-config-v1alpha1-credentialissuerimpersonationproxyinfo[$$CredentialIssuerImpersonationProxyInfo$$]__ | Information needed to form a valid Pinniped-based kubeconfig using the impersonation proxy.
|=== |===

27
generated/1.20/apis/concierge/config/v1alpha1/types_credentialissuer.go generated
View File

@ -16,12 +16,15 @@ type StrategyReason string
const ( const (
KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate") KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate")
ImpersonationProxyStrategyType = StrategyType("ImpersonationProxy")
SuccessStrategyStatus = StrategyStatus("Success") SuccessStrategyStatus = StrategyStatus("Success")
ErrorStrategyStatus = StrategyStatus("Error") ErrorStrategyStatus = StrategyStatus("Error")
CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey") CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey")
FetchedKeyStrategyReason = StrategyReason("FetchedKey") FetchedKeyStrategyReason = StrategyReason("FetchedKey")
ListeningStrategyReason = StrategyReason("Listening")
DisabledStrategyReason = StrategyReason("Disabled")
) )
// Status of a credential issuer. // Status of a credential issuer.
@ -29,19 +32,35 @@ type CredentialIssuerStatus struct {
// List of integration strategies that were attempted by Pinniped. // List of integration strategies that were attempted by Pinniped.
Strategies []CredentialIssuerStrategy `json:"strategies"` Strategies []CredentialIssuerStrategy `json:"strategies"`
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to form a valid Pinniped-based kubeconfig using the TokenCredentialRequest API.
// +optional // +optional
KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"` KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
// Information needed to form a valid Pinniped-based kubeconfig using the impersonation proxy.
// +optional
ImpersonationProxyInfo *CredentialIssuerImpersonationProxyInfo `json:"impersonationProxyInfo,omitempty"`
} }
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to connect to the TokenCredentialRequest API on this cluster.
type CredentialIssuerKubeConfigInfo struct { type CredentialIssuerKubeConfigInfo struct {
// The K8s API server URL. // The Kubernetes API server URL.
// +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://|^http://` // +kubebuilder:validation:Pattern=`^https://|^http://`
Server string `json:"server"` Server string `json:"server"`
// The K8s API server CA bundle. // The Kubernetes API server CA bundle.
// +kubebuilder:validation:MinLength=1
CertificateAuthorityData string `json:"certificateAuthorityData"`
}
// Information needed to connect to the TokenCredentialRequest API on this cluster.
type CredentialIssuerImpersonationProxyInfo struct {
// The HTTPS endpoint of the impersonation proxy.
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://`
Endpoint string `json:"endpoint"`
// The CA bundle to validate connections to the impersonation proxy.
// +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MinLength=1
CertificateAuthorityData string `json:"certificateAuthorityData"` CertificateAuthorityData string `json:"certificateAuthorityData"`
} }

21
generated/1.20/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go generated
View File

@ -38,6 +38,22 @@ func (in *CredentialIssuer) DeepCopyObject() runtime.Object {
return nil return nil
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerImpersonationProxyInfo) DeepCopyInto(out *CredentialIssuerImpersonationProxyInfo) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerImpersonationProxyInfo.
func (in *CredentialIssuerImpersonationProxyInfo) DeepCopy() *CredentialIssuerImpersonationProxyInfo {
if in == nil {
return nil
}
out := new(CredentialIssuerImpersonationProxyInfo)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) { func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) {
*out = *in *out = *in
@ -102,6 +118,11 @@ func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) {
*out = new(CredentialIssuerKubeConfigInfo) *out = new(CredentialIssuerKubeConfigInfo)
**out = **in **out = **in
} }
if in.ImpersonationProxyInfo != nil {
in, out := &in.ImpersonationProxyInfo, &out.ImpersonationProxyInfo
*out = new(CredentialIssuerImpersonationProxyInfo)
**out = **in
}
return return
} }

26
generated/1.20/crds/config.concierge.pinniped.dev_credentialissuers.yaml generated
View File

@ -38,16 +38,34 @@ spec:
status: status:
description: Status of the credential issuer. description: Status of the credential issuer.
properties: properties:
kubeConfigInfo: impersonationProxyInfo:
description: Information needed to form a valid Pinniped-based kubeconfig description: Information needed to form a valid Pinniped-based kubeconfig
using this credential issuer. using the impersonation proxy.
properties: properties:
certificateAuthorityData: certificateAuthorityData:
description: The K8s API server CA bundle. description: The CA bundle to validate connections to the impersonation
proxy.
minLength: 1
type: string
endpoint:
description: The HTTPS endpoint of the impersonation proxy.
minLength: 1
pattern: ^https://
type: string
required:
- certificateAuthorityData
- endpoint
type: object
kubeConfigInfo:
description: Information needed to form a valid Pinniped-based kubeconfig
using the TokenCredentialRequest API.
properties:
certificateAuthorityData:
description: The Kubernetes API server CA bundle.
minLength: 1 minLength: 1
type: string type: string
server: server:
description: The K8s API server URL. description: The Kubernetes API server URL.
minLength: 1 minLength: 1
pattern: ^https://|^http:// pattern: ^https://|^http://
type: string type: string

27
generated/latest/apis/concierge/config/v1alpha1/types_credentialissuer.go generated
View File

@ -16,12 +16,15 @@ type StrategyReason string
const ( const (
KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate") KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate")
ImpersonationProxyStrategyType = StrategyType("ImpersonationProxy")
SuccessStrategyStatus = StrategyStatus("Success") SuccessStrategyStatus = StrategyStatus("Success")
ErrorStrategyStatus = StrategyStatus("Error") ErrorStrategyStatus = StrategyStatus("Error")
CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey") CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey")
FetchedKeyStrategyReason = StrategyReason("FetchedKey") FetchedKeyStrategyReason = StrategyReason("FetchedKey")
ListeningStrategyReason = StrategyReason("Listening")
DisabledStrategyReason = StrategyReason("Disabled")
) )
// Status of a credential issuer. // Status of a credential issuer.
@ -29,19 +32,35 @@ type CredentialIssuerStatus struct {
// List of integration strategies that were attempted by Pinniped. // List of integration strategies that were attempted by Pinniped.
Strategies []CredentialIssuerStrategy `json:"strategies"` Strategies []CredentialIssuerStrategy `json:"strategies"`
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to form a valid Pinniped-based kubeconfig using the TokenCredentialRequest API.
// +optional // +optional
KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"` KubeConfigInfo *CredentialIssuerKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
// Information needed to form a valid Pinniped-based kubeconfig using the impersonation proxy.
// +optional
ImpersonationProxyInfo *CredentialIssuerImpersonationProxyInfo `json:"impersonationProxyInfo,omitempty"`
} }
// Information needed to form a valid Pinniped-based kubeconfig using this credential issuer. // Information needed to connect to the TokenCredentialRequest API on this cluster.
type CredentialIssuerKubeConfigInfo struct { type CredentialIssuerKubeConfigInfo struct {
// The K8s API server URL. // The Kubernetes API server URL.
// +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://|^http://` // +kubebuilder:validation:Pattern=`^https://|^http://`
Server string `json:"server"` Server string `json:"server"`
// The K8s API server CA bundle. // The Kubernetes API server CA bundle.
// +kubebuilder:validation:MinLength=1
CertificateAuthorityData string `json:"certificateAuthorityData"`
}
// Information needed to connect to the TokenCredentialRequest API on this cluster.
type CredentialIssuerImpersonationProxyInfo struct {
// The HTTPS endpoint of the impersonation proxy.
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:Pattern=`^https://`
Endpoint string `json:"endpoint"`
// The CA bundle to validate connections to the impersonation proxy.
// +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MinLength=1
CertificateAuthorityData string `json:"certificateAuthorityData"` CertificateAuthorityData string `json:"certificateAuthorityData"`
} }

21
generated/latest/apis/concierge/config/v1alpha1/zz_generated.deepcopy.go generated
View File

@ -38,6 +38,22 @@ func (in *CredentialIssuer) DeepCopyObject() runtime.Object {
return nil return nil
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerImpersonationProxyInfo) DeepCopyInto(out *CredentialIssuerImpersonationProxyInfo) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerImpersonationProxyInfo.
func (in *CredentialIssuerImpersonationProxyInfo) DeepCopy() *CredentialIssuerImpersonationProxyInfo {
if in == nil {
return nil
}
out := new(CredentialIssuerImpersonationProxyInfo)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) { func (in *CredentialIssuerKubeConfigInfo) DeepCopyInto(out *CredentialIssuerKubeConfigInfo) {
*out = *in *out = *in
@ -102,6 +118,11 @@ func (in *CredentialIssuerStatus) DeepCopyInto(out *CredentialIssuerStatus) {
*out = new(CredentialIssuerKubeConfigInfo) *out = new(CredentialIssuerKubeConfigInfo)
**out = **in **out = **in
} }
if in.ImpersonationProxyInfo != nil {
in, out := &in.ImpersonationProxyInfo, &out.ImpersonationProxyInfo
*out = new(CredentialIssuerImpersonationProxyInfo)
**out = **in
}
return return
} }