diff --git a/apis/supervisor/clientsecret/register.go.tmpl b/apis/supervisor/clientsecret/register.go.tmpl index 4a1c0173..8a76f0fe 100644 --- a/apis/supervisor/clientsecret/register.go.tmpl +++ b/apis/supervisor/clientsecret/register.go.tmpl @@ -32,6 +32,7 @@ var ( func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) return nil } diff --git a/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go.tmpl b/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go.tmpl index 7fd1eb65..c7ef37b2 100644 --- a/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go.tmpl +++ b/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go.tmpl @@ -6,15 +6,26 @@ package clientsecret import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" type OIDCClientSecretRequestSpec struct { + // Request a new client secret to for the OIDCClient referenced by the metadata.name field. GenerateNewSecret bool `json:"generateNewSecret"` - RevokeOldSecrets bool `json:"revokeOldSecrets"` + + // Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name + // field. + RevokeOldSecrets bool `json:"revokeOldSecrets"` } type OIDCClientSecretRequestStatus struct { - GeneratedSecret string `json:"generatedSecret,omitempty"` - TotalClientSecrets int `json:"totalClientSecrets"` + // The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot + // be recovered if you lose it. + GeneratedSecret string `json:"generatedSecret,omitempty"` + + // The total number of client secrets associated with the OIDCClient referenced by the + // metadata.name field. + TotalClientSecrets int `json:"totalClientSecrets"` } +// OIDCClientSecretRequest can be used to update the client secrets associated with an +// OIDCClient. // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object type OIDCClientSecretRequest struct { metav1.TypeMeta `json:",inline"` @@ -23,3 +34,13 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// OIDCClientSecretList is a list of OIDCClientSecretRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta + metav1.ListMeta + + // Items is a list of OIDCClientSecretRequest + Items []OIDCClientSecretRequest +} diff --git a/apis/supervisor/clientsecret/v1alpha1/register.go.tmpl b/apis/supervisor/clientsecret/v1alpha1/register.go.tmpl index 49602125..4660e407 100644 --- a/apis/supervisor/clientsecret/v1alpha1/register.go.tmpl +++ b/apis/supervisor/clientsecret/v1alpha1/register.go.tmpl @@ -31,6 +31,7 @@ func init() { func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go.tmpl b/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go.tmpl index dda2f3bb..ef48e6c0 100644 --- a/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go.tmpl +++ b/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go.tmpl @@ -26,3 +26,11 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []OIDCClientSecretRequest `json:"items"` +} diff --git a/generated/1.17/README.adoc b/generated/1.17/README.adoc index 739a669e..b3957510 100644 --- a/generated/1.17/README.adoc +++ b/generated/1.17/README.adoc @@ -219,6 +219,26 @@ Package clientsecret is the internal version of the Pinniped client secret API. +[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-clientsecret-oidcclientsecretrequest"] +==== OIDCClientSecretRequest + +OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +|=== + + [id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] @@ -234,8 +254,8 @@ Package clientsecret is the internal version of the Pinniped client secret API. [cols="25a,75a", options="header"] |=== | Field | Description -| *`generateNewSecret`* __boolean__ | -| *`revokeOldSecrets`* __boolean__ | +| *`generateNewSecret`* __boolean__ | Request a new client secret to for the OIDCClient referenced by the metadata.name field. +| *`revokeOldSecrets`* __boolean__ | Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field. |=== @@ -252,8 +272,8 @@ Package clientsecret is the internal version of the Pinniped client secret API. [cols="25a,75a", options="header"] |=== | Field | Description -| *`generatedSecret`* __string__ | -| *`totalClientSecrets`* __integer__ | +| *`generatedSecret`* __string__ | The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if you lose it. +| *`totalClientSecrets`* __integer__ | The total number of client secrets associated with the OIDCClient referenced by the metadata.name field. |=== @@ -265,6 +285,26 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. +[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] +==== OIDCClientSecretRequest + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +|=== + + [id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] diff --git a/generated/1.17/apis/supervisor/clientsecret/register.go b/generated/1.17/apis/supervisor/clientsecret/register.go index 4a1c0173..8a76f0fe 100644 --- a/generated/1.17/apis/supervisor/clientsecret/register.go +++ b/generated/1.17/apis/supervisor/clientsecret/register.go @@ -32,6 +32,7 @@ var ( func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) return nil } diff --git a/generated/1.17/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go b/generated/1.17/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go index 7fd1eb65..c7ef37b2 100644 --- a/generated/1.17/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go +++ b/generated/1.17/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go @@ -6,15 +6,26 @@ package clientsecret import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" type OIDCClientSecretRequestSpec struct { + // Request a new client secret to for the OIDCClient referenced by the metadata.name field. GenerateNewSecret bool `json:"generateNewSecret"` - RevokeOldSecrets bool `json:"revokeOldSecrets"` + + // Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name + // field. + RevokeOldSecrets bool `json:"revokeOldSecrets"` } type OIDCClientSecretRequestStatus struct { - GeneratedSecret string `json:"generatedSecret,omitempty"` - TotalClientSecrets int `json:"totalClientSecrets"` + // The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot + // be recovered if you lose it. + GeneratedSecret string `json:"generatedSecret,omitempty"` + + // The total number of client secrets associated with the OIDCClient referenced by the + // metadata.name field. + TotalClientSecrets int `json:"totalClientSecrets"` } +// OIDCClientSecretRequest can be used to update the client secrets associated with an +// OIDCClient. // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object type OIDCClientSecretRequest struct { metav1.TypeMeta `json:",inline"` @@ -23,3 +34,13 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// OIDCClientSecretList is a list of OIDCClientSecretRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta + metav1.ListMeta + + // Items is a list of OIDCClientSecretRequest + Items []OIDCClientSecretRequest +} diff --git a/generated/1.17/apis/supervisor/clientsecret/v1alpha1/register.go b/generated/1.17/apis/supervisor/clientsecret/v1alpha1/register.go index 49602125..4660e407 100644 --- a/generated/1.17/apis/supervisor/clientsecret/v1alpha1/register.go +++ b/generated/1.17/apis/supervisor/clientsecret/v1alpha1/register.go @@ -31,6 +31,7 @@ func init() { func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.17/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go b/generated/1.17/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go index dda2f3bb..ef48e6c0 100644 --- a/generated/1.17/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go +++ b/generated/1.17/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go @@ -26,3 +26,11 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []OIDCClientSecretRequest `json:"items"` +} diff --git a/generated/1.17/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go b/generated/1.17/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go index c559d1c2..7f29beb6 100644 --- a/generated/1.17/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go +++ b/generated/1.17/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go @@ -9,6 +9,8 @@ package v1alpha1 import ( + unsafe "unsafe" + clientsecret "go.pinniped.dev/generated/1.17/apis/supervisor/clientsecret" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" @@ -31,6 +33,16 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestList)(nil), (*clientsecret.OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(a.(*OIDCClientSecretRequestList), b.(*clientsecret.OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequestList)(nil), (*OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(a.(*clientsecret.OIDCClientSecretRequestList), b.(*OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestSpec)(nil), (*clientsecret.OIDCClientSecretRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(a.(*OIDCClientSecretRequestSpec), b.(*clientsecret.OIDCClientSecretRequestSpec), scope) }); err != nil { @@ -86,6 +98,28 @@ func Convert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRe return autoConvert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(in, out, s) } +func autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]clientsecret.OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in, out, s) +} + +func autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in, out, s) +} + func autoConvert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(in *OIDCClientSecretRequestSpec, out *clientsecret.OIDCClientSecretRequestSpec, s conversion.Scope) error { out.GenerateNewSecret = in.GenerateNewSecret out.RevokeOldSecrets = in.RevokeOldSecrets diff --git a/generated/1.17/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go index e4fce842..781e9831 100644 --- a/generated/1.17/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/1.17/apis/supervisor/clientsecret/zz_generated.deepcopy.go b/generated/1.17/apis/supervisor/clientsecret/zz_generated.deepcopy.go index e0dc7d68..ffd5e96e 100644 --- a/generated/1.17/apis/supervisor/clientsecret/zz_generated.deepcopy.go +++ b/generated/1.17/apis/supervisor/clientsecret/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/1.18/README.adoc b/generated/1.18/README.adoc index 21512761..c16afbfc 100644 --- a/generated/1.18/README.adoc +++ b/generated/1.18/README.adoc @@ -219,6 +219,26 @@ Package clientsecret is the internal version of the Pinniped client secret API. +[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-clientsecret-oidcclientsecretrequest"] +==== OIDCClientSecretRequest + +OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +|=== + + [id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] @@ -234,8 +254,8 @@ Package clientsecret is the internal version of the Pinniped client secret API. [cols="25a,75a", options="header"] |=== | Field | Description -| *`generateNewSecret`* __boolean__ | -| *`revokeOldSecrets`* __boolean__ | +| *`generateNewSecret`* __boolean__ | Request a new client secret to for the OIDCClient referenced by the metadata.name field. +| *`revokeOldSecrets`* __boolean__ | Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field. |=== @@ -252,8 +272,8 @@ Package clientsecret is the internal version of the Pinniped client secret API. [cols="25a,75a", options="header"] |=== | Field | Description -| *`generatedSecret`* __string__ | -| *`totalClientSecrets`* __integer__ | +| *`generatedSecret`* __string__ | The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if you lose it. +| *`totalClientSecrets`* __integer__ | The total number of client secrets associated with the OIDCClient referenced by the metadata.name field. |=== @@ -265,6 +285,26 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. +[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] +==== OIDCClientSecretRequest + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +|=== + + [id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] diff --git a/generated/1.18/apis/supervisor/clientsecret/register.go b/generated/1.18/apis/supervisor/clientsecret/register.go index 4a1c0173..8a76f0fe 100644 --- a/generated/1.18/apis/supervisor/clientsecret/register.go +++ b/generated/1.18/apis/supervisor/clientsecret/register.go @@ -32,6 +32,7 @@ var ( func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) return nil } diff --git a/generated/1.18/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go b/generated/1.18/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go index 7fd1eb65..c7ef37b2 100644 --- a/generated/1.18/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go +++ b/generated/1.18/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go @@ -6,15 +6,26 @@ package clientsecret import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" type OIDCClientSecretRequestSpec struct { + // Request a new client secret to for the OIDCClient referenced by the metadata.name field. GenerateNewSecret bool `json:"generateNewSecret"` - RevokeOldSecrets bool `json:"revokeOldSecrets"` + + // Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name + // field. + RevokeOldSecrets bool `json:"revokeOldSecrets"` } type OIDCClientSecretRequestStatus struct { - GeneratedSecret string `json:"generatedSecret,omitempty"` - TotalClientSecrets int `json:"totalClientSecrets"` + // The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot + // be recovered if you lose it. + GeneratedSecret string `json:"generatedSecret,omitempty"` + + // The total number of client secrets associated with the OIDCClient referenced by the + // metadata.name field. + TotalClientSecrets int `json:"totalClientSecrets"` } +// OIDCClientSecretRequest can be used to update the client secrets associated with an +// OIDCClient. // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object type OIDCClientSecretRequest struct { metav1.TypeMeta `json:",inline"` @@ -23,3 +34,13 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// OIDCClientSecretList is a list of OIDCClientSecretRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta + metav1.ListMeta + + // Items is a list of OIDCClientSecretRequest + Items []OIDCClientSecretRequest +} diff --git a/generated/1.18/apis/supervisor/clientsecret/v1alpha1/register.go b/generated/1.18/apis/supervisor/clientsecret/v1alpha1/register.go index 49602125..4660e407 100644 --- a/generated/1.18/apis/supervisor/clientsecret/v1alpha1/register.go +++ b/generated/1.18/apis/supervisor/clientsecret/v1alpha1/register.go @@ -31,6 +31,7 @@ func init() { func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.18/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go b/generated/1.18/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go index dda2f3bb..ef48e6c0 100644 --- a/generated/1.18/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go +++ b/generated/1.18/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go @@ -26,3 +26,11 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []OIDCClientSecretRequest `json:"items"` +} diff --git a/generated/1.18/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go b/generated/1.18/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go index 990c4deb..0ced8135 100644 --- a/generated/1.18/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go +++ b/generated/1.18/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go @@ -9,6 +9,8 @@ package v1alpha1 import ( + unsafe "unsafe" + clientsecret "go.pinniped.dev/generated/1.18/apis/supervisor/clientsecret" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" @@ -31,6 +33,16 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestList)(nil), (*clientsecret.OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(a.(*OIDCClientSecretRequestList), b.(*clientsecret.OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequestList)(nil), (*OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(a.(*clientsecret.OIDCClientSecretRequestList), b.(*OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestSpec)(nil), (*clientsecret.OIDCClientSecretRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(a.(*OIDCClientSecretRequestSpec), b.(*clientsecret.OIDCClientSecretRequestSpec), scope) }); err != nil { @@ -86,6 +98,28 @@ func Convert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRe return autoConvert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(in, out, s) } +func autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]clientsecret.OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in, out, s) +} + +func autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in, out, s) +} + func autoConvert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(in *OIDCClientSecretRequestSpec, out *clientsecret.OIDCClientSecretRequestSpec, s conversion.Scope) error { out.GenerateNewSecret = in.GenerateNewSecret out.RevokeOldSecrets = in.RevokeOldSecrets diff --git a/generated/1.18/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go index e4fce842..781e9831 100644 --- a/generated/1.18/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/1.18/apis/supervisor/clientsecret/zz_generated.deepcopy.go b/generated/1.18/apis/supervisor/clientsecret/zz_generated.deepcopy.go index e0dc7d68..ffd5e96e 100644 --- a/generated/1.18/apis/supervisor/clientsecret/zz_generated.deepcopy.go +++ b/generated/1.18/apis/supervisor/clientsecret/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/1.19/README.adoc b/generated/1.19/README.adoc index bdba4347..cacb5f67 100644 --- a/generated/1.19/README.adoc +++ b/generated/1.19/README.adoc @@ -219,6 +219,26 @@ Package clientsecret is the internal version of the Pinniped client secret API. +[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-clientsecret-oidcclientsecretrequest"] +==== OIDCClientSecretRequest + +OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +|=== + + [id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] @@ -234,8 +254,8 @@ Package clientsecret is the internal version of the Pinniped client secret API. [cols="25a,75a", options="header"] |=== | Field | Description -| *`generateNewSecret`* __boolean__ | -| *`revokeOldSecrets`* __boolean__ | +| *`generateNewSecret`* __boolean__ | Request a new client secret to for the OIDCClient referenced by the metadata.name field. +| *`revokeOldSecrets`* __boolean__ | Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field. |=== @@ -252,8 +272,8 @@ Package clientsecret is the internal version of the Pinniped client secret API. [cols="25a,75a", options="header"] |=== | Field | Description -| *`generatedSecret`* __string__ | -| *`totalClientSecrets`* __integer__ | +| *`generatedSecret`* __string__ | The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if you lose it. +| *`totalClientSecrets`* __integer__ | The total number of client secrets associated with the OIDCClient referenced by the metadata.name field. |=== @@ -265,6 +285,26 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. +[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] +==== OIDCClientSecretRequest + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +|=== + + [id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] diff --git a/generated/1.19/apis/supervisor/clientsecret/register.go b/generated/1.19/apis/supervisor/clientsecret/register.go index 4a1c0173..8a76f0fe 100644 --- a/generated/1.19/apis/supervisor/clientsecret/register.go +++ b/generated/1.19/apis/supervisor/clientsecret/register.go @@ -32,6 +32,7 @@ var ( func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) return nil } diff --git a/generated/1.19/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go b/generated/1.19/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go index 7fd1eb65..c7ef37b2 100644 --- a/generated/1.19/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go +++ b/generated/1.19/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go @@ -6,15 +6,26 @@ package clientsecret import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" type OIDCClientSecretRequestSpec struct { + // Request a new client secret to for the OIDCClient referenced by the metadata.name field. GenerateNewSecret bool `json:"generateNewSecret"` - RevokeOldSecrets bool `json:"revokeOldSecrets"` + + // Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name + // field. + RevokeOldSecrets bool `json:"revokeOldSecrets"` } type OIDCClientSecretRequestStatus struct { - GeneratedSecret string `json:"generatedSecret,omitempty"` - TotalClientSecrets int `json:"totalClientSecrets"` + // The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot + // be recovered if you lose it. + GeneratedSecret string `json:"generatedSecret,omitempty"` + + // The total number of client secrets associated with the OIDCClient referenced by the + // metadata.name field. + TotalClientSecrets int `json:"totalClientSecrets"` } +// OIDCClientSecretRequest can be used to update the client secrets associated with an +// OIDCClient. // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object type OIDCClientSecretRequest struct { metav1.TypeMeta `json:",inline"` @@ -23,3 +34,13 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// OIDCClientSecretList is a list of OIDCClientSecretRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta + metav1.ListMeta + + // Items is a list of OIDCClientSecretRequest + Items []OIDCClientSecretRequest +} diff --git a/generated/1.19/apis/supervisor/clientsecret/v1alpha1/register.go b/generated/1.19/apis/supervisor/clientsecret/v1alpha1/register.go index 49602125..4660e407 100644 --- a/generated/1.19/apis/supervisor/clientsecret/v1alpha1/register.go +++ b/generated/1.19/apis/supervisor/clientsecret/v1alpha1/register.go @@ -31,6 +31,7 @@ func init() { func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.19/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go b/generated/1.19/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go index dda2f3bb..ef48e6c0 100644 --- a/generated/1.19/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go +++ b/generated/1.19/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go @@ -26,3 +26,11 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []OIDCClientSecretRequest `json:"items"` +} diff --git a/generated/1.19/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go b/generated/1.19/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go index bf34cde1..c9c13bee 100644 --- a/generated/1.19/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go +++ b/generated/1.19/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go @@ -9,6 +9,8 @@ package v1alpha1 import ( + unsafe "unsafe" + clientsecret "go.pinniped.dev/generated/1.19/apis/supervisor/clientsecret" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" @@ -31,6 +33,16 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestList)(nil), (*clientsecret.OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(a.(*OIDCClientSecretRequestList), b.(*clientsecret.OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequestList)(nil), (*OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(a.(*clientsecret.OIDCClientSecretRequestList), b.(*OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestSpec)(nil), (*clientsecret.OIDCClientSecretRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(a.(*OIDCClientSecretRequestSpec), b.(*clientsecret.OIDCClientSecretRequestSpec), scope) }); err != nil { @@ -86,6 +98,28 @@ func Convert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRe return autoConvert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(in, out, s) } +func autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]clientsecret.OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in, out, s) +} + +func autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in, out, s) +} + func autoConvert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(in *OIDCClientSecretRequestSpec, out *clientsecret.OIDCClientSecretRequestSpec, s conversion.Scope) error { out.GenerateNewSecret = in.GenerateNewSecret out.RevokeOldSecrets = in.RevokeOldSecrets diff --git a/generated/1.19/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go index e4fce842..781e9831 100644 --- a/generated/1.19/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/1.19/apis/supervisor/clientsecret/zz_generated.deepcopy.go b/generated/1.19/apis/supervisor/clientsecret/zz_generated.deepcopy.go index e0dc7d68..ffd5e96e 100644 --- a/generated/1.19/apis/supervisor/clientsecret/zz_generated.deepcopy.go +++ b/generated/1.19/apis/supervisor/clientsecret/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/1.20/README.adoc b/generated/1.20/README.adoc index 958b952c..2483e34a 100644 --- a/generated/1.20/README.adoc +++ b/generated/1.20/README.adoc @@ -219,6 +219,26 @@ Package clientsecret is the internal version of the Pinniped client secret API. +[id="{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-clientsecret-oidcclientsecretrequest"] +==== OIDCClientSecretRequest + +OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.2/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +|=== + + [id="{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] @@ -234,8 +254,8 @@ Package clientsecret is the internal version of the Pinniped client secret API. [cols="25a,75a", options="header"] |=== | Field | Description -| *`generateNewSecret`* __boolean__ | -| *`revokeOldSecrets`* __boolean__ | +| *`generateNewSecret`* __boolean__ | Request a new client secret to for the OIDCClient referenced by the metadata.name field. +| *`revokeOldSecrets`* __boolean__ | Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field. |=== @@ -252,8 +272,8 @@ Package clientsecret is the internal version of the Pinniped client secret API. [cols="25a,75a", options="header"] |=== | Field | Description -| *`generatedSecret`* __string__ | -| *`totalClientSecrets`* __integer__ | +| *`generatedSecret`* __string__ | The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if you lose it. +| *`totalClientSecrets`* __integer__ | The total number of client secrets associated with the OIDCClient referenced by the metadata.name field. |=== @@ -265,6 +285,26 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. +[id="{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] +==== OIDCClientSecretRequest + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.2/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +|=== + + [id="{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] diff --git a/generated/1.20/apis/supervisor/clientsecret/register.go b/generated/1.20/apis/supervisor/clientsecret/register.go index 4a1c0173..8a76f0fe 100644 --- a/generated/1.20/apis/supervisor/clientsecret/register.go +++ b/generated/1.20/apis/supervisor/clientsecret/register.go @@ -32,6 +32,7 @@ var ( func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) return nil } diff --git a/generated/1.20/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go b/generated/1.20/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go index 7fd1eb65..c7ef37b2 100644 --- a/generated/1.20/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go +++ b/generated/1.20/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go @@ -6,15 +6,26 @@ package clientsecret import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" type OIDCClientSecretRequestSpec struct { + // Request a new client secret to for the OIDCClient referenced by the metadata.name field. GenerateNewSecret bool `json:"generateNewSecret"` - RevokeOldSecrets bool `json:"revokeOldSecrets"` + + // Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name + // field. + RevokeOldSecrets bool `json:"revokeOldSecrets"` } type OIDCClientSecretRequestStatus struct { - GeneratedSecret string `json:"generatedSecret,omitempty"` - TotalClientSecrets int `json:"totalClientSecrets"` + // The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot + // be recovered if you lose it. + GeneratedSecret string `json:"generatedSecret,omitempty"` + + // The total number of client secrets associated with the OIDCClient referenced by the + // metadata.name field. + TotalClientSecrets int `json:"totalClientSecrets"` } +// OIDCClientSecretRequest can be used to update the client secrets associated with an +// OIDCClient. // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object type OIDCClientSecretRequest struct { metav1.TypeMeta `json:",inline"` @@ -23,3 +34,13 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// OIDCClientSecretList is a list of OIDCClientSecretRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta + metav1.ListMeta + + // Items is a list of OIDCClientSecretRequest + Items []OIDCClientSecretRequest +} diff --git a/generated/1.20/apis/supervisor/clientsecret/v1alpha1/register.go b/generated/1.20/apis/supervisor/clientsecret/v1alpha1/register.go index 49602125..4660e407 100644 --- a/generated/1.20/apis/supervisor/clientsecret/v1alpha1/register.go +++ b/generated/1.20/apis/supervisor/clientsecret/v1alpha1/register.go @@ -31,6 +31,7 @@ func init() { func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.20/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go b/generated/1.20/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go index dda2f3bb..ef48e6c0 100644 --- a/generated/1.20/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go +++ b/generated/1.20/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go @@ -26,3 +26,11 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []OIDCClientSecretRequest `json:"items"` +} diff --git a/generated/1.20/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go b/generated/1.20/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go index f33c9a56..0f9f7ed3 100644 --- a/generated/1.20/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go +++ b/generated/1.20/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go @@ -9,6 +9,8 @@ package v1alpha1 import ( + unsafe "unsafe" + clientsecret "go.pinniped.dev/generated/1.20/apis/supervisor/clientsecret" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" @@ -31,6 +33,16 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestList)(nil), (*clientsecret.OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(a.(*OIDCClientSecretRequestList), b.(*clientsecret.OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequestList)(nil), (*OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(a.(*clientsecret.OIDCClientSecretRequestList), b.(*OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestSpec)(nil), (*clientsecret.OIDCClientSecretRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(a.(*OIDCClientSecretRequestSpec), b.(*clientsecret.OIDCClientSecretRequestSpec), scope) }); err != nil { @@ -86,6 +98,28 @@ func Convert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRe return autoConvert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(in, out, s) } +func autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]clientsecret.OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in, out, s) +} + +func autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in, out, s) +} + func autoConvert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(in *OIDCClientSecretRequestSpec, out *clientsecret.OIDCClientSecretRequestSpec, s conversion.Scope) error { out.GenerateNewSecret = in.GenerateNewSecret out.RevokeOldSecrets = in.RevokeOldSecrets diff --git a/generated/1.20/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go b/generated/1.20/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go index e4fce842..781e9831 100644 --- a/generated/1.20/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.20/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/1.20/apis/supervisor/clientsecret/zz_generated.deepcopy.go b/generated/1.20/apis/supervisor/clientsecret/zz_generated.deepcopy.go index e0dc7d68..ffd5e96e 100644 --- a/generated/1.20/apis/supervisor/clientsecret/zz_generated.deepcopy.go +++ b/generated/1.20/apis/supervisor/clientsecret/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/1.21/README.adoc b/generated/1.21/README.adoc index 9eb23eb5..57a7b10c 100644 --- a/generated/1.21/README.adoc +++ b/generated/1.21/README.adoc @@ -219,6 +219,26 @@ Package clientsecret is the internal version of the Pinniped client secret API. +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-clientsecret-oidcclientsecretrequest"] +==== OIDCClientSecretRequest + +OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +|=== + + [id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] @@ -234,8 +254,8 @@ Package clientsecret is the internal version of the Pinniped client secret API. [cols="25a,75a", options="header"] |=== | Field | Description -| *`generateNewSecret`* __boolean__ | -| *`revokeOldSecrets`* __boolean__ | +| *`generateNewSecret`* __boolean__ | Request a new client secret to for the OIDCClient referenced by the metadata.name field. +| *`revokeOldSecrets`* __boolean__ | Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field. |=== @@ -252,8 +272,8 @@ Package clientsecret is the internal version of the Pinniped client secret API. [cols="25a,75a", options="header"] |=== | Field | Description -| *`generatedSecret`* __string__ | -| *`totalClientSecrets`* __integer__ | +| *`generatedSecret`* __string__ | The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if you lose it. +| *`totalClientSecrets`* __integer__ | The total number of client secrets associated with the OIDCClient referenced by the metadata.name field. |=== @@ -265,6 +285,26 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] +==== OIDCClientSecretRequest + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +|=== + + [id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] diff --git a/generated/1.21/apis/supervisor/clientsecret/register.go b/generated/1.21/apis/supervisor/clientsecret/register.go index 4a1c0173..8a76f0fe 100644 --- a/generated/1.21/apis/supervisor/clientsecret/register.go +++ b/generated/1.21/apis/supervisor/clientsecret/register.go @@ -32,6 +32,7 @@ var ( func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) return nil } diff --git a/generated/1.21/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go b/generated/1.21/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go index 7fd1eb65..c7ef37b2 100644 --- a/generated/1.21/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go +++ b/generated/1.21/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go @@ -6,15 +6,26 @@ package clientsecret import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" type OIDCClientSecretRequestSpec struct { + // Request a new client secret to for the OIDCClient referenced by the metadata.name field. GenerateNewSecret bool `json:"generateNewSecret"` - RevokeOldSecrets bool `json:"revokeOldSecrets"` + + // Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name + // field. + RevokeOldSecrets bool `json:"revokeOldSecrets"` } type OIDCClientSecretRequestStatus struct { - GeneratedSecret string `json:"generatedSecret,omitempty"` - TotalClientSecrets int `json:"totalClientSecrets"` + // The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot + // be recovered if you lose it. + GeneratedSecret string `json:"generatedSecret,omitempty"` + + // The total number of client secrets associated with the OIDCClient referenced by the + // metadata.name field. + TotalClientSecrets int `json:"totalClientSecrets"` } +// OIDCClientSecretRequest can be used to update the client secrets associated with an +// OIDCClient. // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object type OIDCClientSecretRequest struct { metav1.TypeMeta `json:",inline"` @@ -23,3 +34,13 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// OIDCClientSecretList is a list of OIDCClientSecretRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta + metav1.ListMeta + + // Items is a list of OIDCClientSecretRequest + Items []OIDCClientSecretRequest +} diff --git a/generated/1.21/apis/supervisor/clientsecret/v1alpha1/register.go b/generated/1.21/apis/supervisor/clientsecret/v1alpha1/register.go index 49602125..4660e407 100644 --- a/generated/1.21/apis/supervisor/clientsecret/v1alpha1/register.go +++ b/generated/1.21/apis/supervisor/clientsecret/v1alpha1/register.go @@ -31,6 +31,7 @@ func init() { func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.21/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go b/generated/1.21/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go index dda2f3bb..ef48e6c0 100644 --- a/generated/1.21/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go +++ b/generated/1.21/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go @@ -26,3 +26,11 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []OIDCClientSecretRequest `json:"items"` +} diff --git a/generated/1.21/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go b/generated/1.21/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go index a5fbb3bb..f5aabafa 100644 --- a/generated/1.21/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go +++ b/generated/1.21/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go @@ -9,6 +9,8 @@ package v1alpha1 import ( + unsafe "unsafe" + clientsecret "go.pinniped.dev/generated/1.21/apis/supervisor/clientsecret" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" @@ -31,6 +33,16 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestList)(nil), (*clientsecret.OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(a.(*OIDCClientSecretRequestList), b.(*clientsecret.OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequestList)(nil), (*OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(a.(*clientsecret.OIDCClientSecretRequestList), b.(*OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestSpec)(nil), (*clientsecret.OIDCClientSecretRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(a.(*OIDCClientSecretRequestSpec), b.(*clientsecret.OIDCClientSecretRequestSpec), scope) }); err != nil { @@ -86,6 +98,28 @@ func Convert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRe return autoConvert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(in, out, s) } +func autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]clientsecret.OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in, out, s) +} + +func autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in, out, s) +} + func autoConvert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(in *OIDCClientSecretRequestSpec, out *clientsecret.OIDCClientSecretRequestSpec, s conversion.Scope) error { out.GenerateNewSecret = in.GenerateNewSecret out.RevokeOldSecrets = in.RevokeOldSecrets diff --git a/generated/1.21/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go b/generated/1.21/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go index e4fce842..781e9831 100644 --- a/generated/1.21/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.21/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/1.21/apis/supervisor/clientsecret/zz_generated.deepcopy.go b/generated/1.21/apis/supervisor/clientsecret/zz_generated.deepcopy.go index e0dc7d68..ffd5e96e 100644 --- a/generated/1.21/apis/supervisor/clientsecret/zz_generated.deepcopy.go +++ b/generated/1.21/apis/supervisor/clientsecret/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/1.22/README.adoc b/generated/1.22/README.adoc index 0a4498b9..a51284cf 100644 --- a/generated/1.22/README.adoc +++ b/generated/1.22/README.adoc @@ -219,6 +219,26 @@ Package clientsecret is the internal version of the Pinniped client secret API. +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-clientsecret-oidcclientsecretrequest"] +==== OIDCClientSecretRequest + +OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +|=== + + [id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] @@ -234,8 +254,8 @@ Package clientsecret is the internal version of the Pinniped client secret API. [cols="25a,75a", options="header"] |=== | Field | Description -| *`generateNewSecret`* __boolean__ | -| *`revokeOldSecrets`* __boolean__ | +| *`generateNewSecret`* __boolean__ | Request a new client secret to for the OIDCClient referenced by the metadata.name field. +| *`revokeOldSecrets`* __boolean__ | Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field. |=== @@ -252,8 +272,8 @@ Package clientsecret is the internal version of the Pinniped client secret API. [cols="25a,75a", options="header"] |=== | Field | Description -| *`generatedSecret`* __string__ | -| *`totalClientSecrets`* __integer__ | +| *`generatedSecret`* __string__ | The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if you lose it. +| *`totalClientSecrets`* __integer__ | The total number of client secrets associated with the OIDCClient referenced by the metadata.name field. |=== @@ -265,6 +285,26 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] +==== OIDCClientSecretRequest + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +|=== + + [id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] diff --git a/generated/1.22/apis/supervisor/clientsecret/register.go b/generated/1.22/apis/supervisor/clientsecret/register.go index 4a1c0173..8a76f0fe 100644 --- a/generated/1.22/apis/supervisor/clientsecret/register.go +++ b/generated/1.22/apis/supervisor/clientsecret/register.go @@ -32,6 +32,7 @@ var ( func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) return nil } diff --git a/generated/1.22/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go b/generated/1.22/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go index 7fd1eb65..c7ef37b2 100644 --- a/generated/1.22/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go +++ b/generated/1.22/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go @@ -6,15 +6,26 @@ package clientsecret import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" type OIDCClientSecretRequestSpec struct { + // Request a new client secret to for the OIDCClient referenced by the metadata.name field. GenerateNewSecret bool `json:"generateNewSecret"` - RevokeOldSecrets bool `json:"revokeOldSecrets"` + + // Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name + // field. + RevokeOldSecrets bool `json:"revokeOldSecrets"` } type OIDCClientSecretRequestStatus struct { - GeneratedSecret string `json:"generatedSecret,omitempty"` - TotalClientSecrets int `json:"totalClientSecrets"` + // The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot + // be recovered if you lose it. + GeneratedSecret string `json:"generatedSecret,omitempty"` + + // The total number of client secrets associated with the OIDCClient referenced by the + // metadata.name field. + TotalClientSecrets int `json:"totalClientSecrets"` } +// OIDCClientSecretRequest can be used to update the client secrets associated with an +// OIDCClient. // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object type OIDCClientSecretRequest struct { metav1.TypeMeta `json:",inline"` @@ -23,3 +34,13 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// OIDCClientSecretList is a list of OIDCClientSecretRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta + metav1.ListMeta + + // Items is a list of OIDCClientSecretRequest + Items []OIDCClientSecretRequest +} diff --git a/generated/1.22/apis/supervisor/clientsecret/v1alpha1/register.go b/generated/1.22/apis/supervisor/clientsecret/v1alpha1/register.go index 49602125..4660e407 100644 --- a/generated/1.22/apis/supervisor/clientsecret/v1alpha1/register.go +++ b/generated/1.22/apis/supervisor/clientsecret/v1alpha1/register.go @@ -31,6 +31,7 @@ func init() { func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.22/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go b/generated/1.22/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go index dda2f3bb..ef48e6c0 100644 --- a/generated/1.22/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go +++ b/generated/1.22/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go @@ -26,3 +26,11 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []OIDCClientSecretRequest `json:"items"` +} diff --git a/generated/1.22/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go b/generated/1.22/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go index 4071a9d2..8de08fb5 100644 --- a/generated/1.22/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go +++ b/generated/1.22/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go @@ -9,6 +9,8 @@ package v1alpha1 import ( + unsafe "unsafe" + clientsecret "go.pinniped.dev/generated/1.22/apis/supervisor/clientsecret" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" @@ -31,6 +33,16 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestList)(nil), (*clientsecret.OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(a.(*OIDCClientSecretRequestList), b.(*clientsecret.OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequestList)(nil), (*OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(a.(*clientsecret.OIDCClientSecretRequestList), b.(*OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestSpec)(nil), (*clientsecret.OIDCClientSecretRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(a.(*OIDCClientSecretRequestSpec), b.(*clientsecret.OIDCClientSecretRequestSpec), scope) }); err != nil { @@ -86,6 +98,28 @@ func Convert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRe return autoConvert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(in, out, s) } +func autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]clientsecret.OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in, out, s) +} + +func autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in, out, s) +} + func autoConvert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(in *OIDCClientSecretRequestSpec, out *clientsecret.OIDCClientSecretRequestSpec, s conversion.Scope) error { out.GenerateNewSecret = in.GenerateNewSecret out.RevokeOldSecrets = in.RevokeOldSecrets diff --git a/generated/1.22/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go b/generated/1.22/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go index e4fce842..781e9831 100644 --- a/generated/1.22/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.22/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/1.22/apis/supervisor/clientsecret/zz_generated.deepcopy.go b/generated/1.22/apis/supervisor/clientsecret/zz_generated.deepcopy.go index e0dc7d68..ffd5e96e 100644 --- a/generated/1.22/apis/supervisor/clientsecret/zz_generated.deepcopy.go +++ b/generated/1.22/apis/supervisor/clientsecret/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/1.23/README.adoc b/generated/1.23/README.adoc index 2e9fde69..5f4ad98b 100644 --- a/generated/1.23/README.adoc +++ b/generated/1.23/README.adoc @@ -219,6 +219,26 @@ Package clientsecret is the internal version of the Pinniped client secret API. +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-clientsecret-oidcclientsecretrequest"] +==== OIDCClientSecretRequest + +OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +|=== + + [id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] @@ -234,8 +254,8 @@ Package clientsecret is the internal version of the Pinniped client secret API. [cols="25a,75a", options="header"] |=== | Field | Description -| *`generateNewSecret`* __boolean__ | -| *`revokeOldSecrets`* __boolean__ | +| *`generateNewSecret`* __boolean__ | Request a new client secret to for the OIDCClient referenced by the metadata.name field. +| *`revokeOldSecrets`* __boolean__ | Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field. |=== @@ -252,8 +272,8 @@ Package clientsecret is the internal version of the Pinniped client secret API. [cols="25a,75a", options="header"] |=== | Field | Description -| *`generatedSecret`* __string__ | -| *`totalClientSecrets`* __integer__ | +| *`generatedSecret`* __string__ | The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if you lose it. +| *`totalClientSecrets`* __integer__ | The total number of client secrets associated with the OIDCClient referenced by the metadata.name field. |=== @@ -265,6 +285,26 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] +==== OIDCClientSecretRequest + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +|=== + + [id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] diff --git a/generated/1.23/apis/supervisor/clientsecret/register.go b/generated/1.23/apis/supervisor/clientsecret/register.go index 4a1c0173..8a76f0fe 100644 --- a/generated/1.23/apis/supervisor/clientsecret/register.go +++ b/generated/1.23/apis/supervisor/clientsecret/register.go @@ -32,6 +32,7 @@ var ( func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) return nil } diff --git a/generated/1.23/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go b/generated/1.23/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go index 7fd1eb65..c7ef37b2 100644 --- a/generated/1.23/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go +++ b/generated/1.23/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go @@ -6,15 +6,26 @@ package clientsecret import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" type OIDCClientSecretRequestSpec struct { + // Request a new client secret to for the OIDCClient referenced by the metadata.name field. GenerateNewSecret bool `json:"generateNewSecret"` - RevokeOldSecrets bool `json:"revokeOldSecrets"` + + // Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name + // field. + RevokeOldSecrets bool `json:"revokeOldSecrets"` } type OIDCClientSecretRequestStatus struct { - GeneratedSecret string `json:"generatedSecret,omitempty"` - TotalClientSecrets int `json:"totalClientSecrets"` + // The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot + // be recovered if you lose it. + GeneratedSecret string `json:"generatedSecret,omitempty"` + + // The total number of client secrets associated with the OIDCClient referenced by the + // metadata.name field. + TotalClientSecrets int `json:"totalClientSecrets"` } +// OIDCClientSecretRequest can be used to update the client secrets associated with an +// OIDCClient. // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object type OIDCClientSecretRequest struct { metav1.TypeMeta `json:",inline"` @@ -23,3 +34,13 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// OIDCClientSecretList is a list of OIDCClientSecretRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta + metav1.ListMeta + + // Items is a list of OIDCClientSecretRequest + Items []OIDCClientSecretRequest +} diff --git a/generated/1.23/apis/supervisor/clientsecret/v1alpha1/register.go b/generated/1.23/apis/supervisor/clientsecret/v1alpha1/register.go index 49602125..4660e407 100644 --- a/generated/1.23/apis/supervisor/clientsecret/v1alpha1/register.go +++ b/generated/1.23/apis/supervisor/clientsecret/v1alpha1/register.go @@ -31,6 +31,7 @@ func init() { func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.23/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go b/generated/1.23/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go index dda2f3bb..ef48e6c0 100644 --- a/generated/1.23/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go +++ b/generated/1.23/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go @@ -26,3 +26,11 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []OIDCClientSecretRequest `json:"items"` +} diff --git a/generated/1.23/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go b/generated/1.23/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go index 4b0bc6ae..3c37704b 100644 --- a/generated/1.23/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go +++ b/generated/1.23/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go @@ -9,6 +9,8 @@ package v1alpha1 import ( + unsafe "unsafe" + clientsecret "go.pinniped.dev/generated/1.23/apis/supervisor/clientsecret" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" @@ -31,6 +33,16 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestList)(nil), (*clientsecret.OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(a.(*OIDCClientSecretRequestList), b.(*clientsecret.OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequestList)(nil), (*OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(a.(*clientsecret.OIDCClientSecretRequestList), b.(*OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestSpec)(nil), (*clientsecret.OIDCClientSecretRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(a.(*OIDCClientSecretRequestSpec), b.(*clientsecret.OIDCClientSecretRequestSpec), scope) }); err != nil { @@ -86,6 +98,28 @@ func Convert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRe return autoConvert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(in, out, s) } +func autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]clientsecret.OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in, out, s) +} + +func autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in, out, s) +} + func autoConvert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(in *OIDCClientSecretRequestSpec, out *clientsecret.OIDCClientSecretRequestSpec, s conversion.Scope) error { out.GenerateNewSecret = in.GenerateNewSecret out.RevokeOldSecrets = in.RevokeOldSecrets diff --git a/generated/1.23/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go b/generated/1.23/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go index e4fce842..781e9831 100644 --- a/generated/1.23/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.23/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/1.23/apis/supervisor/clientsecret/zz_generated.deepcopy.go b/generated/1.23/apis/supervisor/clientsecret/zz_generated.deepcopy.go index e0dc7d68..ffd5e96e 100644 --- a/generated/1.23/apis/supervisor/clientsecret/zz_generated.deepcopy.go +++ b/generated/1.23/apis/supervisor/clientsecret/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/1.24/README.adoc b/generated/1.24/README.adoc index 8d9d524d..c711183b 100644 --- a/generated/1.24/README.adoc +++ b/generated/1.24/README.adoc @@ -219,6 +219,26 @@ Package clientsecret is the internal version of the Pinniped client secret API. +[id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-clientsecret-oidcclientsecretrequest"] +==== OIDCClientSecretRequest + +OIDCClientSecretRequest can be used to update the client secrets associated with an OIDCClient. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-clientsecret-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-clientsecret-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-clientsecret-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +|=== + + [id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-clientsecret-oidcclientsecretrequestspec"] @@ -234,8 +254,8 @@ Package clientsecret is the internal version of the Pinniped client secret API. [cols="25a,75a", options="header"] |=== | Field | Description -| *`generateNewSecret`* __boolean__ | -| *`revokeOldSecrets`* __boolean__ | +| *`generateNewSecret`* __boolean__ | Request a new client secret to for the OIDCClient referenced by the metadata.name field. +| *`revokeOldSecrets`* __boolean__ | Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name field. |=== @@ -252,8 +272,8 @@ Package clientsecret is the internal version of the Pinniped client secret API. [cols="25a,75a", options="header"] |=== | Field | Description -| *`generatedSecret`* __string__ | -| *`totalClientSecrets`* __integer__ | +| *`generatedSecret`* __string__ | The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot be recovered if you lose it. +| *`totalClientSecrets`* __integer__ | The total number of client secrets associated with the OIDCClient referenced by the metadata.name field. |=== @@ -265,6 +285,26 @@ Package v1alpha1 is the v1alpha1 version of the Pinniped client secret API. +[id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequest"] +==== OIDCClientSecretRequest + + + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestlist[$$OIDCClientSecretRequestList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec[$$OIDCClientSecretRequestSpec$$]__ | +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequeststatus[$$OIDCClientSecretRequestStatus$$]__ | +|=== + + [id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-clientsecret-v1alpha1-oidcclientsecretrequestspec"] diff --git a/generated/1.24/apis/supervisor/clientsecret/register.go b/generated/1.24/apis/supervisor/clientsecret/register.go index 4a1c0173..8a76f0fe 100644 --- a/generated/1.24/apis/supervisor/clientsecret/register.go +++ b/generated/1.24/apis/supervisor/clientsecret/register.go @@ -32,6 +32,7 @@ var ( func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) return nil } diff --git a/generated/1.24/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go b/generated/1.24/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go index 7fd1eb65..c7ef37b2 100644 --- a/generated/1.24/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go +++ b/generated/1.24/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go @@ -6,15 +6,26 @@ package clientsecret import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" type OIDCClientSecretRequestSpec struct { + // Request a new client secret to for the OIDCClient referenced by the metadata.name field. GenerateNewSecret bool `json:"generateNewSecret"` - RevokeOldSecrets bool `json:"revokeOldSecrets"` + + // Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name + // field. + RevokeOldSecrets bool `json:"revokeOldSecrets"` } type OIDCClientSecretRequestStatus struct { - GeneratedSecret string `json:"generatedSecret,omitempty"` - TotalClientSecrets int `json:"totalClientSecrets"` + // The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot + // be recovered if you lose it. + GeneratedSecret string `json:"generatedSecret,omitempty"` + + // The total number of client secrets associated with the OIDCClient referenced by the + // metadata.name field. + TotalClientSecrets int `json:"totalClientSecrets"` } +// OIDCClientSecretRequest can be used to update the client secrets associated with an +// OIDCClient. // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object type OIDCClientSecretRequest struct { metav1.TypeMeta `json:",inline"` @@ -23,3 +34,13 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// OIDCClientSecretList is a list of OIDCClientSecretRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta + metav1.ListMeta + + // Items is a list of OIDCClientSecretRequest + Items []OIDCClientSecretRequest +} diff --git a/generated/1.24/apis/supervisor/clientsecret/v1alpha1/register.go b/generated/1.24/apis/supervisor/clientsecret/v1alpha1/register.go index 49602125..4660e407 100644 --- a/generated/1.24/apis/supervisor/clientsecret/v1alpha1/register.go +++ b/generated/1.24/apis/supervisor/clientsecret/v1alpha1/register.go @@ -31,6 +31,7 @@ func init() { func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.24/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go b/generated/1.24/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go index dda2f3bb..ef48e6c0 100644 --- a/generated/1.24/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go +++ b/generated/1.24/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go @@ -26,3 +26,11 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []OIDCClientSecretRequest `json:"items"` +} diff --git a/generated/1.24/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go b/generated/1.24/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go index fd6f7ceb..78fbd0dc 100644 --- a/generated/1.24/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go +++ b/generated/1.24/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go @@ -9,6 +9,8 @@ package v1alpha1 import ( + unsafe "unsafe" + clientsecret "go.pinniped.dev/generated/1.24/apis/supervisor/clientsecret" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" @@ -31,6 +33,16 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestList)(nil), (*clientsecret.OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(a.(*OIDCClientSecretRequestList), b.(*clientsecret.OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequestList)(nil), (*OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(a.(*clientsecret.OIDCClientSecretRequestList), b.(*OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestSpec)(nil), (*clientsecret.OIDCClientSecretRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(a.(*OIDCClientSecretRequestSpec), b.(*clientsecret.OIDCClientSecretRequestSpec), scope) }); err != nil { @@ -86,6 +98,28 @@ func Convert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRe return autoConvert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(in, out, s) } +func autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]clientsecret.OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in, out, s) +} + +func autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in, out, s) +} + func autoConvert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(in *OIDCClientSecretRequestSpec, out *clientsecret.OIDCClientSecretRequestSpec, s conversion.Scope) error { out.GenerateNewSecret = in.GenerateNewSecret out.RevokeOldSecrets = in.RevokeOldSecrets diff --git a/generated/1.24/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go b/generated/1.24/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go index e4fce842..781e9831 100644 --- a/generated/1.24/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.24/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/1.24/apis/supervisor/clientsecret/zz_generated.deepcopy.go b/generated/1.24/apis/supervisor/clientsecret/zz_generated.deepcopy.go index e0dc7d68..ffd5e96e 100644 --- a/generated/1.24/apis/supervisor/clientsecret/zz_generated.deepcopy.go +++ b/generated/1.24/apis/supervisor/clientsecret/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/latest/apis/supervisor/clientsecret/register.go b/generated/latest/apis/supervisor/clientsecret/register.go index 4a1c0173..8a76f0fe 100644 --- a/generated/latest/apis/supervisor/clientsecret/register.go +++ b/generated/latest/apis/supervisor/clientsecret/register.go @@ -32,6 +32,7 @@ var ( func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) return nil } diff --git a/generated/latest/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go b/generated/latest/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go index 7fd1eb65..c7ef37b2 100644 --- a/generated/latest/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go +++ b/generated/latest/apis/supervisor/clientsecret/types_oidcclientsecretrequest.go @@ -6,15 +6,26 @@ package clientsecret import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" type OIDCClientSecretRequestSpec struct { + // Request a new client secret to for the OIDCClient referenced by the metadata.name field. GenerateNewSecret bool `json:"generateNewSecret"` - RevokeOldSecrets bool `json:"revokeOldSecrets"` + + // Revoke the old client secrets associated with the OIDCClient referenced by the metadata.name + // field. + RevokeOldSecrets bool `json:"revokeOldSecrets"` } type OIDCClientSecretRequestStatus struct { - GeneratedSecret string `json:"generatedSecret,omitempty"` - TotalClientSecrets int `json:"totalClientSecrets"` + // The unencrypted OIDC Client Secret. This will only be shared upon creation and cannot + // be recovered if you lose it. + GeneratedSecret string `json:"generatedSecret,omitempty"` + + // The total number of client secrets associated with the OIDCClient referenced by the + // metadata.name field. + TotalClientSecrets int `json:"totalClientSecrets"` } +// OIDCClientSecretRequest can be used to update the client secrets associated with an +// OIDCClient. // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object type OIDCClientSecretRequest struct { metav1.TypeMeta `json:",inline"` @@ -23,3 +34,13 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// OIDCClientSecretList is a list of OIDCClientSecretRequest objects. +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta + metav1.ListMeta + + // Items is a list of OIDCClientSecretRequest + Items []OIDCClientSecretRequest +} diff --git a/generated/latest/apis/supervisor/clientsecret/v1alpha1/register.go b/generated/latest/apis/supervisor/clientsecret/v1alpha1/register.go index 49602125..4660e407 100644 --- a/generated/latest/apis/supervisor/clientsecret/v1alpha1/register.go +++ b/generated/latest/apis/supervisor/clientsecret/v1alpha1/register.go @@ -31,6 +31,7 @@ func init() { func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &OIDCClientSecretRequest{}, + &OIDCClientSecretRequestList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/latest/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go b/generated/latest/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go index dda2f3bb..ef48e6c0 100644 --- a/generated/latest/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go +++ b/generated/latest/apis/supervisor/clientsecret/v1alpha1/types_oidcclientsecretrequest.go @@ -26,3 +26,11 @@ type OIDCClientSecretRequest struct { Spec OIDCClientSecretRequestSpec `json:"spec"` Status OIDCClientSecretRequestStatus `json:"status"` } + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type OIDCClientSecretRequestList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []OIDCClientSecretRequest `json:"items"` +} diff --git a/generated/latest/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go b/generated/latest/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go index b2a4d732..d52f2c10 100644 --- a/generated/latest/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go +++ b/generated/latest/apis/supervisor/clientsecret/v1alpha1/zz_generated.conversion.go @@ -9,6 +9,8 @@ package v1alpha1 import ( + unsafe "unsafe" + clientsecret "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" @@ -31,6 +33,16 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestList)(nil), (*clientsecret.OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(a.(*OIDCClientSecretRequestList), b.(*clientsecret.OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } + if err := s.AddGeneratedConversionFunc((*clientsecret.OIDCClientSecretRequestList)(nil), (*OIDCClientSecretRequestList)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(a.(*clientsecret.OIDCClientSecretRequestList), b.(*OIDCClientSecretRequestList), scope) + }); err != nil { + return err + } if err := s.AddGeneratedConversionFunc((*OIDCClientSecretRequestSpec)(nil), (*clientsecret.OIDCClientSecretRequestSpec)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(a.(*OIDCClientSecretRequestSpec), b.(*clientsecret.OIDCClientSecretRequestSpec), scope) }); err != nil { @@ -86,6 +98,28 @@ func Convert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRe return autoConvert_clientsecret_OIDCClientSecretRequest_To_v1alpha1_OIDCClientSecretRequest(in, out, s) } +func autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]clientsecret.OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in *OIDCClientSecretRequestList, out *clientsecret.OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_v1alpha1_OIDCClientSecretRequestList_To_clientsecret_OIDCClientSecretRequestList(in, out, s) +} + +func autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + out.ListMeta = in.ListMeta + out.Items = *(*[]OIDCClientSecretRequest)(unsafe.Pointer(&in.Items)) + return nil +} + +// Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList is an autogenerated conversion function. +func Convert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in *clientsecret.OIDCClientSecretRequestList, out *OIDCClientSecretRequestList, s conversion.Scope) error { + return autoConvert_clientsecret_OIDCClientSecretRequestList_To_v1alpha1_OIDCClientSecretRequestList(in, out, s) +} + func autoConvert_v1alpha1_OIDCClientSecretRequestSpec_To_clientsecret_OIDCClientSecretRequestSpec(in *OIDCClientSecretRequestSpec, out *clientsecret.OIDCClientSecretRequestSpec, s conversion.Scope) error { out.GenerateNewSecret = in.GenerateNewSecret out.RevokeOldSecrets = in.RevokeOldSecrets diff --git a/generated/latest/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go b/generated/latest/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go index e4fce842..781e9831 100644 --- a/generated/latest/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go +++ b/generated/latest/apis/supervisor/clientsecret/v1alpha1/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/generated/latest/apis/supervisor/clientsecret/zz_generated.deepcopy.go b/generated/latest/apis/supervisor/clientsecret/zz_generated.deepcopy.go index e0dc7d68..ffd5e96e 100644 --- a/generated/latest/apis/supervisor/clientsecret/zz_generated.deepcopy.go +++ b/generated/latest/apis/supervisor/clientsecret/zz_generated.deepcopy.go @@ -40,6 +40,39 @@ func (in *OIDCClientSecretRequest) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSecretRequestList) DeepCopyInto(out *OIDCClientSecretRequestList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClientSecretRequest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSecretRequestList. +func (in *OIDCClientSecretRequestList) DeepCopy() *OIDCClientSecretRequestList { + if in == nil { + return nil + } + out := new(OIDCClientSecretRequestList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientSecretRequestList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCClientSecretRequestSpec) DeepCopyInto(out *OIDCClientSecretRequestSpec) { *out = *in diff --git a/internal/config/supervisor/config.go b/internal/config/supervisor/config.go index 192d9790..44c98eef 100644 --- a/internal/config/supervisor/config.go +++ b/internal/config/supervisor/config.go @@ -24,6 +24,12 @@ const ( NetworkDisabled = "disabled" NetworkUnix = "unix" NetworkTCP = "tcp" + + // Use 10250 because it happens to be the same port on which the Kubelet listens, so some cluster types + // are more permissive with servers that run on this port. For example, GKE private clusters do not + // allow traffic from the control plane to most ports, but do allow traffic to port 10250. This allows + // the Concierge to work without additional configuration on these types of clusters. + aggregatedAPIServerPortDefault = 10250 ) // FromPath loads an Config from a provided local file path, inserts any @@ -50,6 +56,12 @@ func FromPath(ctx context.Context, path string) (*Config, error) { return nil, fmt.Errorf("validate apiGroupSuffix: %w", err) } + maybeSetAggregatedAPIServerPortDefaults(&config.AggregatedAPIServerPort) + + if err := validateServerPort(config.AggregatedAPIServerPort); err != nil { + return nil, fmt.Errorf("validate aggregatedAPIServerPort: %w", err) + } + if err := validateNames(&config.NamesConfig); err != nil { return nil, fmt.Errorf("validate names: %w", err) } @@ -105,6 +117,12 @@ func validateAPIGroupSuffix(apiGroupSuffix string) error { return groupsuffix.Validate(apiGroupSuffix) } +func maybeSetAggregatedAPIServerPortDefaults(port **int64) { + if *port == nil { + *port = pointer.Int64Ptr(aggregatedAPIServerPortDefault) + } +} + func validateNames(names *NamesConfigSpec) error { missingNames := []string{} if names.DefaultTLSCertificateSecret == "" { @@ -193,3 +211,11 @@ func addrIsOnlyOnLoopback(addr string) bool { } return ip.IsLoopback() } + +func validateServerPort(port *int64) error { + // It cannot be below 1024 because the container is not running as root. + if *port < 1024 || *port > 65535 { + return constable.Error("must be within range 1024 to 65535") + } + return nil +} diff --git a/internal/config/supervisor/config_test.go b/internal/config/supervisor/config_test.go index ac4651a7..44da6ec5 100644 --- a/internal/config/supervisor/config_test.go +++ b/internal/config/supervisor/config_test.go @@ -43,6 +43,7 @@ func TestFromPath(t *testing.T) { address: 127.0.0.1:1234 insecureAcceptExternalUnencryptedHttpRequests: false logLevel: trace + aggregatedAPIServerPort: 12345 `), wantConfig: &Config{ APIGroupSuffix: pointer.StringPtr("some.suffix.com"), @@ -68,6 +69,7 @@ func TestFromPath(t *testing.T) { Log: plog.LogSpec{ Level: plog.LevelTrace, }, + AggregatedAPIServerPort: pointer.Int64Ptr(12345), }, }, { @@ -91,6 +93,7 @@ func TestFromPath(t *testing.T) { log: level: info format: text + aggregatedAPIServerPort: 12345 `), wantConfig: &Config{ APIGroupSuffix: pointer.StringPtr("some.suffix.com"), @@ -116,6 +119,7 @@ func TestFromPath(t *testing.T) { Level: plog.LevelInfo, Format: plog.FormatText, }, + AggregatedAPIServerPort: pointer.Int64Ptr(12345), }, }, { @@ -166,6 +170,7 @@ func TestFromPath(t *testing.T) { Level: plog.LevelTrace, Format: plog.FormatText, }, + AggregatedAPIServerPort: pointer.Int64Ptr(10250), }, }, { @@ -202,7 +207,8 @@ func TestFromPath(t *testing.T) { Network: "disabled", }, }, - AllowExternalHTTP: false, + AllowExternalHTTP: false, + AggregatedAPIServerPort: pointer.Int64Ptr(10250), }, }, { @@ -332,7 +338,8 @@ func TestFromPath(t *testing.T) { Address: ":1234", }, }, - AllowExternalHTTP: true, + AllowExternalHTTP: true, + AggregatedAPIServerPort: pointer.Int64Ptr(10250), }, }, { @@ -363,7 +370,8 @@ func TestFromPath(t *testing.T) { Address: ":1234", }, }, - AllowExternalHTTP: true, + AllowExternalHTTP: true, + AggregatedAPIServerPort: pointer.Int64Ptr(10250), }, }, { @@ -420,6 +428,22 @@ func TestFromPath(t *testing.T) { `), wantError: "validate apiGroupSuffix: a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character (e.g. 'example.com', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*')", }, + { + name: "AggregatedAPIServerPortDefault too small", + yaml: here.Doc(` + --- + aggregatedAPIServerPort: 1023 + `), + wantError: "validate aggregatedAPIServerPort: must be within range 1024 to 65535", + }, + { + name: "AggregatedAPIServerPortDefault too large", + yaml: here.Doc(` + --- + aggregatedAPIServerPort: 65536 + `), + wantError: "validate aggregatedAPIServerPort: must be within range 1024 to 65535", + }, } for _, test := range tests { test := test diff --git a/internal/config/supervisor/types.go b/internal/config/supervisor/types.go index edef3ce7..bd89e2c7 100644 --- a/internal/config/supervisor/types.go +++ b/internal/config/supervisor/types.go @@ -15,10 +15,11 @@ type Config struct { Labels map[string]string `json:"labels"` NamesConfig NamesConfigSpec `json:"names"` // Deprecated: use log.level instead - LogLevel *plog.LogLevel `json:"logLevel"` - Log plog.LogSpec `json:"log"` - Endpoints *Endpoints `json:"endpoints"` - AllowExternalHTTP stringOrBoolAsBool `json:"insecureAcceptExternalUnencryptedHttpRequests"` + LogLevel *plog.LogLevel `json:"logLevel"` + Log plog.LogSpec `json:"log"` + Endpoints *Endpoints `json:"endpoints"` + AllowExternalHTTP stringOrBoolAsBool `json:"insecureAcceptExternalUnencryptedHttpRequests"` + AggregatedAPIServerPort *int64 `json:"aggregatedAPIServerPort"` } // NamesConfigSpec configures the names of some Kubernetes resources for the Supervisor. diff --git a/internal/registry/clientsecretrequest/rest.go b/internal/registry/clientsecretrequest/rest.go index 70a7eb07..12621f1f 100644 --- a/internal/registry/clientsecretrequest/rest.go +++ b/internal/registry/clientsecretrequest/rest.go @@ -9,19 +9,24 @@ import ( "fmt" apierrors "k8s.io/apimachinery/pkg/api/errors" + metainternalversion "k8s.io/apimachinery/pkg/apis/meta/internalversion" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apiserver/pkg/registry/rest" "k8s.io/utils/trace" clientsecretapi "go.pinniped.dev/generated/latest/apis/supervisor/clientsecret" ) -func NewREST() *REST { - return &REST{} +func NewREST(resource schema.GroupResource) *REST { + return &REST{ + tableConvertor: rest.NewDefaultTableConvertor(resource), + } } type REST struct { + tableConvertor rest.TableConvertor } // Assert that our *REST implements all the optional interfaces that we expect it to implement. @@ -30,19 +35,38 @@ var _ interface { rest.NamespaceScopedStrategy rest.Scoper rest.Storage + rest.CategoriesProvider + rest.Lister + rest.TableConvertor } = (*REST)(nil) func (*REST) New() runtime.Object { return &clientsecretapi.OIDCClientSecretRequest{} } +func (*REST) NewList() runtime.Object { + return &clientsecretapi.OIDCClientSecretRequestList{} +} + +func (*REST) List(_ context.Context, _ *metainternalversion.ListOptions) (runtime.Object, error) { + return &clientsecretapi.OIDCClientSecretRequestList{ + ListMeta: metav1.ListMeta{ + ResourceVersion: "0", // this resource version means "from the API server cache" + }, + Items: []clientsecretapi.OIDCClientSecretRequest{}, // avoid sending nil items list + }, nil +} + +func (r *REST) ConvertToTable(ctx context.Context, obj runtime.Object, tableOptions runtime.Object) (*metav1.Table, error) { + return r.tableConvertor.ConvertToTable(ctx, obj, tableOptions) +} + func (*REST) NamespaceScoped() bool { return true } func (*REST) Categories() []string { - // because we haven't implemented lister, adding it to categories breaks things. - return []string{} + return []string{"pinniped"} } func (r *REST) Create(ctx context.Context, obj runtime.Object, createValidation rest.ValidateObjectFunc, options *metav1.CreateOptions) (runtime.Object, error) { diff --git a/internal/supervisor/apiserver/apiserver.go b/internal/supervisor/apiserver/apiserver.go index 21c620e3..135aeca9 100644 --- a/internal/supervisor/apiserver/apiserver.go +++ b/internal/supervisor/apiserver/apiserver.go @@ -30,7 +30,7 @@ type ExtraConfig struct { BuildControllersPostStartHook controllerinit.RunnerBuilder Scheme *runtime.Scheme NegotiatedSerializer runtime.NegotiatedSerializer - OauthVirtualSupervisorGroupVersion schema.GroupVersion + ClientSecretSupervisorGroupVersion schema.GroupVersion } type PinnipedServer struct { @@ -74,8 +74,8 @@ func (c completedConfig) New() (*PinnipedServer, error) { var errs []error //nolint: prealloc for _, f := range []func() (schema.GroupVersionResource, rest.Storage){ func() (schema.GroupVersionResource, rest.Storage) { - clientSecretReqGVR := c.ExtraConfig.OauthVirtualSupervisorGroupVersion.WithResource("oidcclientsecretrequests") - clientSecretReqStorage := clientsecretrequest.NewREST() + clientSecretReqGVR := c.ExtraConfig.ClientSecretSupervisorGroupVersion.WithResource("oidcclientsecretrequests") + clientSecretReqStorage := clientsecretrequest.NewREST(clientSecretReqGVR.GroupResource()) return clientSecretReqGVR, clientSecretReqStorage }, } { diff --git a/internal/supervisor/scheme/scheme.go b/internal/supervisor/scheme/scheme.go index d977d012..ad6f3aba 100644 --- a/internal/supervisor/scheme/scheme.go +++ b/internal/supervisor/scheme/scheme.go @@ -38,9 +38,9 @@ func New(apiGroupSuffix string) (_ *runtime.Scheme, oauth schema.GroupVersion) { return scheme, clientsecretv1alpha1.SchemeGroupVersion } - oauthVirtualSupervisorGroupData := groupsuffix.SupervisorAggregatedGroups(apiGroupSuffix) + clientSecretSupervisorGroupData := groupsuffix.SupervisorAggregatedGroups(apiGroupSuffix) - addToSchemeAtNewGroup(scheme, clientsecretv1alpha1.GroupName, oauthVirtualSupervisorGroupData.Group, clientsecretv1alpha1.AddToScheme, clientsecretapi.AddToScheme) + addToSchemeAtNewGroup(scheme, clientsecretv1alpha1.GroupName, clientSecretSupervisorGroupData.Group, clientsecretv1alpha1.AddToScheme, clientsecretapi.AddToScheme) // manually register conversions and defaulting into the correct scheme since we cannot directly call AddToScheme schemeBuilder := runtime.NewSchemeBuilder( @@ -57,7 +57,7 @@ func New(apiGroupSuffix string) (_ *runtime.Scheme, oauth schema.GroupVersion) { // defaulting func registered, but it will almost certainly panic if one is added. scheme.Default((*clientsecretv1alpha1.OIDCClientSecretRequest)(nil)) - return scheme, schema.GroupVersion(oauthVirtualSupervisorGroupData) + return scheme, schema.GroupVersion(clientSecretSupervisorGroupData) } func addToSchemeAtNewGroup(scheme *runtime.Scheme, oldGroup, newGroup string, funcs ...func(*runtime.Scheme) error) { diff --git a/internal/supervisor/scheme/scheme_test.go b/internal/supervisor/scheme/scheme_test.go index fa860773..8c0b0bde 100644 --- a/internal/supervisor/scheme/scheme_test.go +++ b/internal/supervisor/scheme/scheme_test.go @@ -44,10 +44,10 @@ func TestNew(t *testing.T) { } tests := []struct { - name string - apiGroupSuffix string - want map[schema.GroupVersionKind]reflect.Type - wantOAuthGroupVersion schema.GroupVersion + name string + apiGroupSuffix string + want map[schema.GroupVersionKind]reflect.Type + wantClientSecretGroupVersion schema.GroupVersion }{ { name: "regular api group", @@ -55,9 +55,11 @@ func TestNew(t *testing.T) { want: map[schema.GroupVersionKind]reflect.Type{ // all the types that are in the aggregated API group - regularClientSecretGV.WithKind("OIDCClientSecretRequest"): reflect.TypeOf(&clientsecretv1alpha1.OIDCClientSecretRequest{}).Elem(), + regularClientSecretGV.WithKind("OIDCClientSecretRequest"): reflect.TypeOf(&clientsecretv1alpha1.OIDCClientSecretRequest{}).Elem(), + regularClientSecretGV.WithKind("OIDCClientSecretRequestList"): reflect.TypeOf(&clientsecretv1alpha1.OIDCClientSecretRequestList{}).Elem(), - regularClientSecretGVInternal.WithKind("OIDCClientSecretRequest"): reflect.TypeOf(&clientsecretapi.OIDCClientSecretRequest{}).Elem(), + regularClientSecretGVInternal.WithKind("OIDCClientSecretRequest"): reflect.TypeOf(&clientsecretapi.OIDCClientSecretRequest{}).Elem(), + regularClientSecretGVInternal.WithKind("OIDCClientSecretRequestList"): reflect.TypeOf(&clientsecretapi.OIDCClientSecretRequestList{}).Elem(), regularClientSecretGV.WithKind("CreateOptions"): reflect.TypeOf(&metav1.CreateOptions{}).Elem(), regularClientSecretGV.WithKind("DeleteOptions"): reflect.TypeOf(&metav1.DeleteOptions{}).Elem(), @@ -86,7 +88,7 @@ func TestNew(t *testing.T) { metav1.Unversioned.WithKind("UpdateOptions"): reflect.TypeOf(&metav1.UpdateOptions{}).Elem(), metav1.Unversioned.WithKind("WatchEvent"): reflect.TypeOf(&metav1.WatchEvent{}).Elem(), }, - wantOAuthGroupVersion: regularClientSecretGV, + wantClientSecretGroupVersion: regularClientSecretGV, }, { name: "other api group", @@ -94,9 +96,11 @@ func TestNew(t *testing.T) { want: map[schema.GroupVersionKind]reflect.Type{ // all the types that are in the aggregated API group - otherClientSecretGV.WithKind("OIDCClientSecretRequest"): reflect.TypeOf(&clientsecretv1alpha1.OIDCClientSecretRequest{}).Elem(), + otherClientSecretGV.WithKind("OIDCClientSecretRequest"): reflect.TypeOf(&clientsecretv1alpha1.OIDCClientSecretRequest{}).Elem(), + otherClientSecretGV.WithKind("OIDCClientSecretRequestList"): reflect.TypeOf(&clientsecretv1alpha1.OIDCClientSecretRequestList{}).Elem(), - otherClientSecretGVInternal.WithKind("OIDCClientSecretRequest"): reflect.TypeOf(&clientsecretapi.OIDCClientSecretRequest{}).Elem(), + otherClientSecretGVInternal.WithKind("OIDCClientSecretRequest"): reflect.TypeOf(&clientsecretapi.OIDCClientSecretRequest{}).Elem(), + otherClientSecretGVInternal.WithKind("OIDCClientSecretRequestList"): reflect.TypeOf(&clientsecretapi.OIDCClientSecretRequestList{}).Elem(), otherClientSecretGV.WithKind("CreateOptions"): reflect.TypeOf(&metav1.CreateOptions{}).Elem(), otherClientSecretGV.WithKind("DeleteOptions"): reflect.TypeOf(&metav1.DeleteOptions{}).Elem(), @@ -125,15 +129,15 @@ func TestNew(t *testing.T) { metav1.Unversioned.WithKind("UpdateOptions"): reflect.TypeOf(&metav1.UpdateOptions{}).Elem(), metav1.Unversioned.WithKind("WatchEvent"): reflect.TypeOf(&metav1.WatchEvent{}).Elem(), }, - wantOAuthGroupVersion: otherClientSecretGV, + wantClientSecretGroupVersion: otherClientSecretGV, }, } for _, tt := range tests { tt := tt t.Run(tt.name, func(t *testing.T) { - scheme, oauthGV := New(tt.apiGroupSuffix) + scheme, clientSecretGV := New(tt.apiGroupSuffix) require.Equal(t, tt.want, scheme.AllKnownTypes()) - require.Equal(t, tt.wantOAuthGroupVersion, oauthGV) + require.Equal(t, tt.wantClientSecretGroupVersion, clientSecretGV) }) } } diff --git a/internal/supervisor/server/server.go b/internal/supervisor/server/server.go index d4320091..30cdf48f 100644 --- a/internal/supervisor/server/server.go +++ b/internal/supervisor/server/server.go @@ -138,7 +138,8 @@ func prepareControllers( leaderElector controllerinit.RunnerWrapper, podInfo *downward.PodInfo, ) controllerinit.RunnerBuilder { - oauthSupervisorGroupData := groupsuffix.SupervisorAggregatedGroups(*cfg.APIGroupSuffix) + const certificateName string = "pinniped-supervisor-api-tls-serving-certificate" + clientSecretSupervisorGroupData := groupsuffix.SupervisorAggregatedGroups(*cfg.APIGroupSuffix) federationDomainInformer := pinnipedInformers.Config().V1alpha1().FederationDomains() secretInformer := kubeInformers.Core().V1().Secrets() @@ -310,14 +311,14 @@ func prepareControllers( WithController( apicerts.NewCertsManagerController( podInfo.Namespace, - "pinniped-supervisor-api-tls-serving-certificate", + certificateName, cfg.Labels, kubeClient, secretInformer, controllerlib.WithInformer, controllerlib.WithInitialEvent, - 31536000*time.Second, - "Pinniped Aggregation CA", + 365*24*time.Hour, // about one year + "Pinniped Supervisor Aggregation CA", cfg.NamesConfig.APIService, ), singletonWorker, @@ -325,8 +326,8 @@ func prepareControllers( WithController( apicerts.NewAPIServiceUpdaterController( podInfo.Namespace, - "pinniped-supervisor-api-tls-serving-certificate", - oauthSupervisorGroupData.APIServiceName(), + certificateName, + clientSecretSupervisorGroupData.APIServiceName(), aggregatorClient, secretInformer, controllerlib.WithInformer, @@ -336,7 +337,7 @@ func prepareControllers( WithController( apicerts.NewCertsObserverController( podInfo.Namespace, - "pinniped-supervisor-api-tls-serving-certificate", + certificateName, dynamicServingCertProvider, secretInformer, controllerlib.WithInformer, @@ -346,11 +347,11 @@ func prepareControllers( WithController( apicerts.NewCertsExpirerController( podInfo.Namespace, - "pinniped-supervisor-api-tls-serving-certificate", + certificateName, kubeClient, secretInformer, controllerlib.WithInformer, - 23328000*time.Second, + 9*30*24*time.Hour, // about 9 months apicerts.TLSCertificateChainSecretKey, plog.New(), ), @@ -363,9 +364,9 @@ func prepareControllers( //nolint:funlen func runSupervisor(ctx context.Context, podInfo *downward.PodInfo, cfg *supervisor.Config) error { serverInstallationNamespace := podInfo.Namespace - oauthSupervisorGroupData := groupsuffix.SupervisorAggregatedGroups(*cfg.APIGroupSuffix) + clientSecretSupervisorGroupData := groupsuffix.SupervisorAggregatedGroups(*cfg.APIGroupSuffix) - apiServiceRef, err := apiserviceref.New(oauthSupervisorGroupData.APIServiceName()) + apiServiceRef, err := apiserviceref.New(clientSecretSupervisorGroupData.APIServiceName()) if err != nil { return fmt.Errorf("cannot create API service ref: %w", err) } @@ -429,9 +430,9 @@ func runSupervisor(ctx context.Context, podInfo *downward.PodInfo, cfg *supervis clientWithoutLeaderElection.Kubernetes.CoreV1().Secrets(serverInstallationNamespace), // writes to kube storage are allowed for non-leaders ) - // Get the "real" name of the oauth virtual supervisor API group (i.e., the API group name with the + // Get the "real" name of the client secret supervisor API group (i.e., the API group name with the // injected suffix). - scheme, oauthGV := supervisorscheme.New(*cfg.APIGroupSuffix) + scheme, clientSecretGV := supervisorscheme.New(*cfg.APIGroupSuffix) buildControllersFunc := prepareControllers( cfg, @@ -458,9 +459,9 @@ func runSupervisor(ctx context.Context, podInfo *downward.PodInfo, cfg *supervis dynamicServingCertProvider, buildControllersFunc, *cfg.APIGroupSuffix, - 10250, + *cfg.AggregatedAPIServerPort, scheme, - oauthGV, + clientSecretGV, ) if err != nil { return fmt.Errorf("could not configure aggregated API server: %w", err) @@ -561,16 +562,16 @@ func getAggregatedAPIServerConfig( apiGroupSuffix string, aggregatedAPIServerPort int64, scheme *runtime.Scheme, - oauthVirtualSupervisorGroupVersion schema.GroupVersion, + clientSecretSupervisorGroupVersion schema.GroupVersion, ) (*apiserver.Config, error) { codecs := serializer.NewCodecFactory(scheme) // this is unused for now but it is a safe value that we could use in the future - defaultEtcdPathPrefix := fmt.Sprintf("/pinniped-concierge-registry/%s", apiGroupSuffix) + defaultEtcdPathPrefix := fmt.Sprintf("/pinniped-supervisor-registry/%s", apiGroupSuffix) recommendedOptions := genericoptions.NewRecommendedOptions( defaultEtcdPathPrefix, - codecs.LegacyCodec(oauthVirtualSupervisorGroupVersion), + codecs.LegacyCodec(clientSecretSupervisorGroupVersion), ) recommendedOptions.Etcd = nil // turn off etcd storage because we don't need it yet recommendedOptions.SecureServing.ServerCert.GeneratedCert = dynamicCertProvider @@ -605,7 +606,7 @@ func getAggregatedAPIServerConfig( BuildControllersPostStartHook: buildControllers, Scheme: scheme, NegotiatedSerializer: codecs, - OauthVirtualSupervisorGroupVersion: oauthVirtualSupervisorGroupVersion, + ClientSecretSupervisorGroupVersion: clientSecretSupervisorGroupVersion, }, } return apiServerConfig, nil diff --git a/test/integration/kube_api_discovery_test.go b/test/integration/kube_api_discovery_test.go index 9c3b9602..c46d01bf 100644 --- a/test/integration/kube_api_discovery_test.go +++ b/test/integration/kube_api_discovery_test.go @@ -53,7 +53,7 @@ func TestGetAPIResourceList(t *testing.T) { configConciergeGV := makeGV("config", "concierge") idpSupervisorGV := makeGV("idp", "supervisor") configSupervisorGV := makeGV("config", "supervisor") - oauthVirtualSupervisorGV := makeGV("clientsecret", "supervisor") + clientSecretSupervisorGV := makeGV("clientsecret", "supervisor") tests := []struct { group metav1.APIGroup @@ -113,26 +113,26 @@ func TestGetAPIResourceList(t *testing.T) { }, { group: metav1.APIGroup{ - Name: oauthVirtualSupervisorGV.Group, + Name: clientSecretSupervisorGV.Group, Versions: []metav1.GroupVersionForDiscovery{ { - GroupVersion: oauthVirtualSupervisorGV.String(), - Version: oauthVirtualSupervisorGV.Version, + GroupVersion: clientSecretSupervisorGV.String(), + Version: clientSecretSupervisorGV.Version, }, }, PreferredVersion: metav1.GroupVersionForDiscovery{ - GroupVersion: oauthVirtualSupervisorGV.String(), - Version: oauthVirtualSupervisorGV.Version, + GroupVersion: clientSecretSupervisorGV.String(), + Version: clientSecretSupervisorGV.Version, }, }, resourceByVersion: map[string][]metav1.APIResource{ - oauthVirtualSupervisorGV.String(): { + clientSecretSupervisorGV.String(): { { Name: "oidcclientsecretrequests", Kind: "OIDCClientSecretRequest", - Verbs: []string{"create"}, + Verbs: []string{"create", "list"}, Namespaced: true, - Categories: nil, + Categories: []string{"pinniped"}, }, }, }, @@ -354,11 +354,6 @@ func TestGetAPIResourceList(t *testing.T) { if strings.HasSuffix(a.Name, "/status") { continue } - if a.Name == "oidcclientsecretrequests" { - // OIDCClientSecretRequest does not implement list, - // so it doesn't make sense for it to belong to a category. - continue - } assert.Containsf(t, a.Categories, "pinniped", "expected resource %q to be in the 'pinniped' category", a.Name) assert.NotContainsf(t, a.Categories, "all", "expected resource %q not to be in the 'all' category", a.Name) }