Merge pull request #70 from suzerain-io/self_test

Self test feature
This commit is contained in:
Ryan Richard 2020-08-26 14:26:59 -07:00 committed by GitHub
commit d8bcea88a7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
90 changed files with 3109 additions and 2073 deletions

View File

@ -33,8 +33,8 @@ func init() {
// Adds the list of known types to the given scheme. // Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error { func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion, scheme.AddKnownTypes(SchemeGroupVersion,
&PinnipedDiscoveryInfo{}, &CredentialIssuerConfig{},
&PinnipedDiscoveryInfoList{}, &CredentialIssuerConfigList{},
) )
metav1.AddToGroupVersion(scheme, SchemeGroupVersion) metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil return nil

View File

@ -7,7 +7,28 @@ package v1alpha1
import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
type PinnipedDiscoveryInfoSpec struct { type StrategyType string
type StrategyStatus string
type StrategyReason string
const (
KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate")
SuccessStrategyStatus = StrategyStatus("Success")
ErrorStrategyStatus = StrategyStatus("Error")
CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey")
FetchedKeyStrategyReason = StrategyReason("FetchedKey")
)
type CredentialIssuerConfigStatus struct {
Strategies []CredentialIssuerConfigStrategy `json:"strategies"`
// +optional
KubeConfigInfo *CredentialIssuerConfigKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
}
type CredentialIssuerConfigKubeConfigInfo struct {
// The K8s API server URL. Required. // The K8s API server URL. Required.
Server string `json:"server,omitempty"` Server string `json:"server,omitempty"`
@ -15,21 +36,29 @@ type PinnipedDiscoveryInfoSpec struct {
CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"`
} }
type CredentialIssuerConfigStrategy struct {
Type StrategyType `json:"type,omitempty"`
Status StrategyStatus `json:"status,omitempty"`
Reason StrategyReason `json:"reason,omitempty"`
Message string `json:"message,omitempty"`
LastUpdateTime metav1.Time `json:"lastUpdateTime"`
}
// +genclient // +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type PinnipedDiscoveryInfo struct { type CredentialIssuerConfig struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"` metav1.ObjectMeta `json:"metadata,omitempty"`
Spec PinnipedDiscoveryInfoSpec `json:"spec"` Status CredentialIssuerConfigStatus `json:"status"`
} }
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type PinnipedDiscoveryInfoList struct { type CredentialIssuerConfigList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"` metav1.ListMeta `json:"metadata,omitempty"`
Items []PinnipedDiscoveryInfo `json:"items"` Items []CredentialIssuerConfig `json:"items"`
} }

View File

@ -1,37 +1,73 @@
#@ load("@ytt:data", "data") #! Copyright 2020 VMware, Inc.
#! SPDX-License-Identifier: Apache-2.0
#! Example of valid PinnipedDiscoveryInfo object: #! Example of valid CredentialIssuerConfig object:
#! --- #! ---
#! apiVersion: crd.pinniped.dev/v1alpha1 #! apiVersion: crd.pinniped.dev/v1alpha1
#! kind: PinnipedDiscoveryInfo #! kind: CredentialIssuerConfig
#! metadata: #! metadata:
#! name: login-discovery #! name: credential-issuer-config
#! namespace: integration #! namespace: integration
#! spec: #! status:
#! kubeConfigInfo:
#! server: https://foo #! server: https://foo
#! certificateAuthorityData: bar #! certificateAuthorityData: bar
#! strategies:
#! - type: KubeClusterSigningCertificate
#! status: Error
#! reason: CouldNotFetchKey
#! message: "There was an error getting the signing cert"
#! lastUpdateTime: 2020-08-21T20:08:18Z
#@ load("@ytt:data", "data")
--- ---
apiVersion: apiextensions.k8s.io/v1 apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
name: pinnipeddiscoveryinfos.crd.pinniped.dev name: credentialissuerconfigs.crd.pinniped.dev
spec: spec:
group: crd.pinniped.dev group: crd.pinniped.dev
versions: versions:
#! Any changes to these schemas should also be reflected in the types.go file(s) #! Any changes to these schemas should also be reflected in the types.go file(s)
#! in https://github.com/suzerain-io/pinniped-api/tree/main/pkg/apis/pinniped
- name: v1alpha1 - name: v1alpha1
served: true served: true
storage: true storage: true
schema: schema:
openAPIV3Schema: openAPIV3Schema:
type: object type: object
required: [spec]
properties: properties:
spec: status:
type: object type: object
required: [server, certificateAuthorityData] properties:
strategies:
type: array
items:
type: object
required: [ type, status, reason, message, lastUpdateTime ]
properties:
type: #! this property is called "type"
type: string
minLength: 1
pattern: '^KubeClusterSigningCertificate$'
status:
type: string
minLength: 1
pattern: '^Success$|^Error$'
reason:
type: string
minLength: 1
pattern: '^CouldNotFetchKey$|^FetchedKey$'
message:
type: string
minLength: 1
lastUpdateTime:
type: string
format: date-time
minLength: 1
kubeConfigInfo:
type: object
required: [ server, certificateAuthorityData ]
properties: properties:
server: server:
type: string type: string
@ -42,8 +78,8 @@ spec:
minLength: 1 minLength: 1
scope: Namespaced scope: Namespaced
names: names:
plural: pinnipeddiscoveryinfos plural: credentialissuerconfigs
singular: pinnipeddiscoveryinfo singular: credentialissuerconfig
kind: PinnipedDiscoveryInfo kind: CredentialIssuerConfig
shortNames: shortNames:
- ldc - cic

View File

@ -1,3 +1,6 @@
#! Copyright 2020 VMware, Inc.
#! SPDX-License-Identifier: Apache-2.0
#@ load("@ytt:data", "data") #@ load("@ytt:data", "data")
--- ---

View File

@ -1,3 +1,6 @@
#! Copyright 2020 VMware, Inc.
#! SPDX-License-Identifier: Apache-2.0
#@ load("@ytt:data", "data") #@ load("@ytt:data", "data")
#! Give permission to various cluster-scoped objects #! Give permission to various cluster-scoped objects
@ -45,7 +48,7 @@ rules:
resources: [secrets] resources: [secrets]
verbs: [create, get, list, patch, update, watch, delete] verbs: [create, get, list, patch, update, watch, delete]
- apiGroups: [crd.pinniped.dev] - apiGroups: [crd.pinniped.dev]
resources: [pinnipeddiscoveryinfos] resources: [credentialissuerconfigs]
verbs: [create, get, list, update, watch] verbs: [create, get, list, update, watch]
--- ---
kind: RoleBinding kind: RoleBinding

View File

@ -1,3 +1,6 @@
#! Copyright 2020 VMware, Inc.
#! SPDX-License-Identifier: Apache-2.0
#@data/values #@data/values
--- ---

View File

@ -33,8 +33,8 @@ func init() {
// Adds the list of known types to the given scheme. // Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error { func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion, scheme.AddKnownTypes(SchemeGroupVersion,
&PinnipedDiscoveryInfo{}, &CredentialIssuerConfig{},
&PinnipedDiscoveryInfoList{}, &CredentialIssuerConfigList{},
) )
metav1.AddToGroupVersion(scheme, SchemeGroupVersion) metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil return nil

View File

@ -7,7 +7,28 @@ package v1alpha1
import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
type PinnipedDiscoveryInfoSpec struct { type StrategyType string
type StrategyStatus string
type StrategyReason string
const (
KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate")
SuccessStrategyStatus = StrategyStatus("Success")
ErrorStrategyStatus = StrategyStatus("Error")
CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey")
FetchedKeyStrategyReason = StrategyReason("FetchedKey")
)
type CredentialIssuerConfigStatus struct {
Strategies []CredentialIssuerConfigStrategy `json:"strategies"`
// +optional
KubeConfigInfo *CredentialIssuerConfigKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
}
type CredentialIssuerConfigKubeConfigInfo struct {
// The K8s API server URL. Required. // The K8s API server URL. Required.
Server string `json:"server,omitempty"` Server string `json:"server,omitempty"`
@ -15,21 +36,29 @@ type PinnipedDiscoveryInfoSpec struct {
CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"`
} }
type CredentialIssuerConfigStrategy struct {
Type StrategyType `json:"type,omitempty"`
Status StrategyStatus `json:"status,omitempty"`
Reason StrategyReason `json:"reason,omitempty"`
Message string `json:"message,omitempty"`
LastUpdateTime metav1.Time `json:"lastUpdateTime"`
}
// +genclient // +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type PinnipedDiscoveryInfo struct { type CredentialIssuerConfig struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"` metav1.ObjectMeta `json:"metadata,omitempty"`
Spec PinnipedDiscoveryInfoSpec `json:"spec"` Status CredentialIssuerConfigStatus `json:"status"`
} }
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type PinnipedDiscoveryInfoList struct { type CredentialIssuerConfigList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"` metav1.ListMeta `json:"metadata,omitempty"`
Items []PinnipedDiscoveryInfo `json:"items"` Items []CredentialIssuerConfig `json:"items"`
} }

View File

@ -14,26 +14,26 @@ import (
) )
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PinnipedDiscoveryInfo) DeepCopyInto(out *PinnipedDiscoveryInfo) { func (in *CredentialIssuerConfig) DeepCopyInto(out *CredentialIssuerConfig) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
out.Spec = in.Spec in.Status.DeepCopyInto(&out.Status)
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnipedDiscoveryInfo. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfig.
func (in *PinnipedDiscoveryInfo) DeepCopy() *PinnipedDiscoveryInfo { func (in *CredentialIssuerConfig) DeepCopy() *CredentialIssuerConfig {
if in == nil { if in == nil {
return nil return nil
} }
out := new(PinnipedDiscoveryInfo) out := new(CredentialIssuerConfig)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *PinnipedDiscoveryInfo) DeepCopyObject() runtime.Object { func (in *CredentialIssuerConfig) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -41,13 +41,29 @@ func (in *PinnipedDiscoveryInfo) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PinnipedDiscoveryInfoList) DeepCopyInto(out *PinnipedDiscoveryInfoList) { func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopyInto(out *CredentialIssuerConfigKubeConfigInfo) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigKubeConfigInfo.
func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopy() *CredentialIssuerConfigKubeConfigInfo {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigKubeConfigInfo)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigList) DeepCopyInto(out *CredentialIssuerConfigList) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta) in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil { if in.Items != nil {
in, out := &in.Items, &out.Items in, out := &in.Items, &out.Items
*out = make([]PinnipedDiscoveryInfo, len(*in)) *out = make([]CredentialIssuerConfig, len(*in))
for i := range *in { for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i]) (*in)[i].DeepCopyInto(&(*out)[i])
} }
@ -55,18 +71,18 @@ func (in *PinnipedDiscoveryInfoList) DeepCopyInto(out *PinnipedDiscoveryInfoList
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnipedDiscoveryInfoList. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigList.
func (in *PinnipedDiscoveryInfoList) DeepCopy() *PinnipedDiscoveryInfoList { func (in *CredentialIssuerConfigList) DeepCopy() *CredentialIssuerConfigList {
if in == nil { if in == nil {
return nil return nil
} }
out := new(PinnipedDiscoveryInfoList) out := new(CredentialIssuerConfigList)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *PinnipedDiscoveryInfoList) DeepCopyObject() runtime.Object { func (in *CredentialIssuerConfigList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -74,17 +90,46 @@ func (in *PinnipedDiscoveryInfoList) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PinnipedDiscoveryInfoSpec) DeepCopyInto(out *PinnipedDiscoveryInfoSpec) { func (in *CredentialIssuerConfigStatus) DeepCopyInto(out *CredentialIssuerConfigStatus) {
*out = *in *out = *in
if in.Strategies != nil {
in, out := &in.Strategies, &out.Strategies
*out = make([]CredentialIssuerConfigStrategy, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
if in.KubeConfigInfo != nil {
in, out := &in.KubeConfigInfo, &out.KubeConfigInfo
*out = new(CredentialIssuerConfigKubeConfigInfo)
**out = **in
}
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnipedDiscoveryInfoSpec. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStatus.
func (in *PinnipedDiscoveryInfoSpec) DeepCopy() *PinnipedDiscoveryInfoSpec { func (in *CredentialIssuerConfigStatus) DeepCopy() *CredentialIssuerConfigStatus {
if in == nil { if in == nil {
return nil return nil
} }
out := new(PinnipedDiscoveryInfoSpec) out := new(CredentialIssuerConfigStatus)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigStrategy) DeepCopyInto(out *CredentialIssuerConfigStrategy) {
*out = *in
in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStrategy.
func (in *CredentialIssuerConfigStrategy) DeepCopy() *CredentialIssuerConfigStrategy {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigStrategy)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }

View File

@ -15,7 +15,7 @@ import (
type CrdV1alpha1Interface interface { type CrdV1alpha1Interface interface {
RESTClient() rest.Interface RESTClient() rest.Interface
PinnipedDiscoveryInfosGetter CredentialIssuerConfigsGetter
} }
// CrdV1alpha1Client is used to interact with features provided by the crd.pinniped.dev group. // CrdV1alpha1Client is used to interact with features provided by the crd.pinniped.dev group.
@ -23,8 +23,8 @@ type CrdV1alpha1Client struct {
restClient rest.Interface restClient rest.Interface
} }
func (c *CrdV1alpha1Client) PinnipedDiscoveryInfos(namespace string) PinnipedDiscoveryInfoInterface { func (c *CrdV1alpha1Client) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface {
return newPinnipedDiscoveryInfos(c, namespace) return newCredentialIssuerConfigs(c, namespace)
} }
// NewForConfig creates a new CrdV1alpha1Client for the given config. // NewForConfig creates a new CrdV1alpha1Client for the given config.

View File

@ -0,0 +1,180 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"time"
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1"
scheme "github.com/suzerain-io/pinniped/generated/1.17/client/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// CredentialIssuerConfigsGetter has a method to return a CredentialIssuerConfigInterface.
// A group's client should implement this interface.
type CredentialIssuerConfigsGetter interface {
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface
}
// CredentialIssuerConfigInterface has methods to work with CredentialIssuerConfig resources.
type CredentialIssuerConfigInterface interface {
Create(*v1alpha1.CredentialIssuerConfig) (*v1alpha1.CredentialIssuerConfig, error)
Update(*v1alpha1.CredentialIssuerConfig) (*v1alpha1.CredentialIssuerConfig, error)
UpdateStatus(*v1alpha1.CredentialIssuerConfig) (*v1alpha1.CredentialIssuerConfig, error)
Delete(name string, options *v1.DeleteOptions) error
DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
Get(name string, options v1.GetOptions) (*v1alpha1.CredentialIssuerConfig, error)
List(opts v1.ListOptions) (*v1alpha1.CredentialIssuerConfigList, error)
Watch(opts v1.ListOptions) (watch.Interface, error)
Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error)
CredentialIssuerConfigExpansion
}
// credentialIssuerConfigs implements CredentialIssuerConfigInterface
type credentialIssuerConfigs struct {
client rest.Interface
ns string
}
// newCredentialIssuerConfigs returns a CredentialIssuerConfigs
func newCredentialIssuerConfigs(c *CrdV1alpha1Client, namespace string) *credentialIssuerConfigs {
return &credentialIssuerConfigs{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *credentialIssuerConfigs) Get(name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do().
Into(result)
return
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *credentialIssuerConfigs) List(opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.CredentialIssuerConfigList{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do().
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *credentialIssuerConfigs) Watch(opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch()
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Create(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Post().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Body(credentialIssuerConfig).
Do().
Into(result)
return
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Update(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
Body(credentialIssuerConfig).
Do().
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *credentialIssuerConfigs) UpdateStatus(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
SubResource("status").
Body(credentialIssuerConfig).
Do().
Into(result)
return
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *credentialIssuerConfigs) Delete(name string, options *v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
Body(options).
Do().
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *credentialIssuerConfigs) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
var timeout time.Duration
if listOptions.TimeoutSeconds != nil {
timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&listOptions, scheme.ParameterCodec).
Timeout(timeout).
Body(options).
Do().
Error()
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *credentialIssuerConfigs) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("credentialissuerconfigs").
SubResource(subresources...).
Name(name).
Body(data).
Do().
Into(result)
return
}

View File

@ -17,8 +17,8 @@ type FakeCrdV1alpha1 struct {
*testing.Fake *testing.Fake
} }
func (c *FakeCrdV1alpha1) PinnipedDiscoveryInfos(namespace string) v1alpha1.PinnipedDiscoveryInfoInterface { func (c *FakeCrdV1alpha1) CredentialIssuerConfigs(namespace string) v1alpha1.CredentialIssuerConfigInterface {
return &FakePinnipedDiscoveryInfos{c, namespace} return &FakeCredentialIssuerConfigs{c, namespace}
} }
// RESTClient returns a RESTClient that is used to communicate // RESTClient returns a RESTClient that is used to communicate

View File

@ -0,0 +1,129 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeCredentialIssuerConfigs implements CredentialIssuerConfigInterface
type FakeCredentialIssuerConfigs struct {
Fake *FakeCrdV1alpha1
ns string
}
var credentialissuerconfigsResource = schema.GroupVersionResource{Group: "crd.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuerconfigs"}
var credentialissuerconfigsKind = schema.GroupVersionKind{Group: "crd.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuerConfig"}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *FakeCredentialIssuerConfigs) Get(name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *FakeCredentialIssuerConfigs) List(opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(credentialissuerconfigsResource, credentialissuerconfigsKind, c.ns, opts), &v1alpha1.CredentialIssuerConfigList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.CredentialIssuerConfigList{ListMeta: obj.(*v1alpha1.CredentialIssuerConfigList).ListMeta}
for _, item := range obj.(*v1alpha1.CredentialIssuerConfigList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *FakeCredentialIssuerConfigs) Watch(opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(credentialissuerconfigsResource, c.ns, opts))
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Create(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Update(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeCredentialIssuerConfigs) UpdateStatus(credentialIssuerConfig *v1alpha1.CredentialIssuerConfig) (*v1alpha1.CredentialIssuerConfig, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(credentialissuerconfigsResource, "status", c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *FakeCredentialIssuerConfigs) Delete(name string, options *v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeCredentialIssuerConfigs) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(credentialissuerconfigsResource, c.ns, listOptions)
_, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerConfigList{})
return err
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *FakeCredentialIssuerConfigs) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(credentialissuerconfigsResource, c.ns, name, pt, data, subresources...), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}

View File

@ -1,117 +0,0 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakePinnipedDiscoveryInfos implements PinnipedDiscoveryInfoInterface
type FakePinnipedDiscoveryInfos struct {
Fake *FakeCrdV1alpha1
ns string
}
var pinnipeddiscoveryinfosResource = schema.GroupVersionResource{Group: "crd.pinniped.dev", Version: "v1alpha1", Resource: "pinnipeddiscoveryinfos"}
var pinnipeddiscoveryinfosKind = schema.GroupVersionKind{Group: "crd.pinniped.dev", Version: "v1alpha1", Kind: "PinnipedDiscoveryInfo"}
// Get takes name of the pinnipedDiscoveryInfo, and returns the corresponding pinnipedDiscoveryInfo object, and an error if there is any.
func (c *FakePinnipedDiscoveryInfos) Get(name string, options v1.GetOptions) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(pinnipeddiscoveryinfosResource, c.ns, name), &v1alpha1.PinnipedDiscoveryInfo{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.PinnipedDiscoveryInfo), err
}
// List takes label and field selectors, and returns the list of PinnipedDiscoveryInfos that match those selectors.
func (c *FakePinnipedDiscoveryInfos) List(opts v1.ListOptions) (result *v1alpha1.PinnipedDiscoveryInfoList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(pinnipeddiscoveryinfosResource, pinnipeddiscoveryinfosKind, c.ns, opts), &v1alpha1.PinnipedDiscoveryInfoList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.PinnipedDiscoveryInfoList{ListMeta: obj.(*v1alpha1.PinnipedDiscoveryInfoList).ListMeta}
for _, item := range obj.(*v1alpha1.PinnipedDiscoveryInfoList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested pinnipedDiscoveryInfos.
func (c *FakePinnipedDiscoveryInfos) Watch(opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(pinnipeddiscoveryinfosResource, c.ns, opts))
}
// Create takes the representation of a pinnipedDiscoveryInfo and creates it. Returns the server's representation of the pinnipedDiscoveryInfo, and an error, if there is any.
func (c *FakePinnipedDiscoveryInfos) Create(pinnipedDiscoveryInfo *v1alpha1.PinnipedDiscoveryInfo) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(pinnipeddiscoveryinfosResource, c.ns, pinnipedDiscoveryInfo), &v1alpha1.PinnipedDiscoveryInfo{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.PinnipedDiscoveryInfo), err
}
// Update takes the representation of a pinnipedDiscoveryInfo and updates it. Returns the server's representation of the pinnipedDiscoveryInfo, and an error, if there is any.
func (c *FakePinnipedDiscoveryInfos) Update(pinnipedDiscoveryInfo *v1alpha1.PinnipedDiscoveryInfo) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(pinnipeddiscoveryinfosResource, c.ns, pinnipedDiscoveryInfo), &v1alpha1.PinnipedDiscoveryInfo{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.PinnipedDiscoveryInfo), err
}
// Delete takes name of the pinnipedDiscoveryInfo and deletes it. Returns an error if one occurs.
func (c *FakePinnipedDiscoveryInfos) Delete(name string, options *v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(pinnipeddiscoveryinfosResource, c.ns, name), &v1alpha1.PinnipedDiscoveryInfo{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakePinnipedDiscoveryInfos) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(pinnipeddiscoveryinfosResource, c.ns, listOptions)
_, err := c.Fake.Invokes(action, &v1alpha1.PinnipedDiscoveryInfoList{})
return err
}
// Patch applies the patch and returns the patched pinnipedDiscoveryInfo.
func (c *FakePinnipedDiscoveryInfos) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(pinnipeddiscoveryinfosResource, c.ns, name, pt, data, subresources...), &v1alpha1.PinnipedDiscoveryInfo{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.PinnipedDiscoveryInfo), err
}

View File

@ -7,4 +7,4 @@ SPDX-License-Identifier: Apache-2.0
package v1alpha1 package v1alpha1
type PinnipedDiscoveryInfoExpansion interface{} type CredentialIssuerConfigExpansion interface{}

View File

@ -1,163 +0,0 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"time"
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1"
scheme "github.com/suzerain-io/pinniped/generated/1.17/client/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// PinnipedDiscoveryInfosGetter has a method to return a PinnipedDiscoveryInfoInterface.
// A group's client should implement this interface.
type PinnipedDiscoveryInfosGetter interface {
PinnipedDiscoveryInfos(namespace string) PinnipedDiscoveryInfoInterface
}
// PinnipedDiscoveryInfoInterface has methods to work with PinnipedDiscoveryInfo resources.
type PinnipedDiscoveryInfoInterface interface {
Create(*v1alpha1.PinnipedDiscoveryInfo) (*v1alpha1.PinnipedDiscoveryInfo, error)
Update(*v1alpha1.PinnipedDiscoveryInfo) (*v1alpha1.PinnipedDiscoveryInfo, error)
Delete(name string, options *v1.DeleteOptions) error
DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
Get(name string, options v1.GetOptions) (*v1alpha1.PinnipedDiscoveryInfo, error)
List(opts v1.ListOptions) (*v1alpha1.PinnipedDiscoveryInfoList, error)
Watch(opts v1.ListOptions) (watch.Interface, error)
Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.PinnipedDiscoveryInfo, err error)
PinnipedDiscoveryInfoExpansion
}
// pinnipedDiscoveryInfos implements PinnipedDiscoveryInfoInterface
type pinnipedDiscoveryInfos struct {
client rest.Interface
ns string
}
// newPinnipedDiscoveryInfos returns a PinnipedDiscoveryInfos
func newPinnipedDiscoveryInfos(c *CrdV1alpha1Client, namespace string) *pinnipedDiscoveryInfos {
return &pinnipedDiscoveryInfos{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the pinnipedDiscoveryInfo, and returns the corresponding pinnipedDiscoveryInfo object, and an error if there is any.
func (c *pinnipedDiscoveryInfos) Get(name string, options v1.GetOptions) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
result = &v1alpha1.PinnipedDiscoveryInfo{}
err = c.client.Get().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do().
Into(result)
return
}
// List takes label and field selectors, and returns the list of PinnipedDiscoveryInfos that match those selectors.
func (c *pinnipedDiscoveryInfos) List(opts v1.ListOptions) (result *v1alpha1.PinnipedDiscoveryInfoList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.PinnipedDiscoveryInfoList{}
err = c.client.Get().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do().
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested pinnipedDiscoveryInfos.
func (c *pinnipedDiscoveryInfos) Watch(opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch()
}
// Create takes the representation of a pinnipedDiscoveryInfo and creates it. Returns the server's representation of the pinnipedDiscoveryInfo, and an error, if there is any.
func (c *pinnipedDiscoveryInfos) Create(pinnipedDiscoveryInfo *v1alpha1.PinnipedDiscoveryInfo) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
result = &v1alpha1.PinnipedDiscoveryInfo{}
err = c.client.Post().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
Body(pinnipedDiscoveryInfo).
Do().
Into(result)
return
}
// Update takes the representation of a pinnipedDiscoveryInfo and updates it. Returns the server's representation of the pinnipedDiscoveryInfo, and an error, if there is any.
func (c *pinnipedDiscoveryInfos) Update(pinnipedDiscoveryInfo *v1alpha1.PinnipedDiscoveryInfo) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
result = &v1alpha1.PinnipedDiscoveryInfo{}
err = c.client.Put().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
Name(pinnipedDiscoveryInfo.Name).
Body(pinnipedDiscoveryInfo).
Do().
Into(result)
return
}
// Delete takes name of the pinnipedDiscoveryInfo and deletes it. Returns an error if one occurs.
func (c *pinnipedDiscoveryInfos) Delete(name string, options *v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
Name(name).
Body(options).
Do().
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *pinnipedDiscoveryInfos) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
var timeout time.Duration
if listOptions.TimeoutSeconds != nil {
timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
VersionedParams(&listOptions, scheme.ParameterCodec).
Timeout(timeout).
Body(options).
Do().
Error()
}
// Patch applies the patch and returns the patched pinnipedDiscoveryInfo.
func (c *pinnipedDiscoveryInfos) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
result = &v1alpha1.PinnipedDiscoveryInfo{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
SubResource(subresources...).
Name(name).
Body(data).
Do().
Into(result)
return
}

View File

@ -0,0 +1,78 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
time "time"
crdpinnipedv1alpha1 "github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1"
versioned "github.com/suzerain-io/pinniped/generated/1.17/client/clientset/versioned"
internalinterfaces "github.com/suzerain-io/pinniped/generated/1.17/client/informers/externalversions/internalinterfaces"
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.17/client/listers/crdpinniped/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigInformer provides access to a shared informer and lister for
// CredentialIssuerConfigs.
type CredentialIssuerConfigInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.CredentialIssuerConfigLister
}
type credentialIssuerConfigInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.CrdV1alpha1().CredentialIssuerConfigs(namespace).List(options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.CrdV1alpha1().CredentialIssuerConfigs(namespace).Watch(options)
},
},
&crdpinnipedv1alpha1.CredentialIssuerConfig{},
resyncPeriod,
indexers,
)
}
func (f *credentialIssuerConfigInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *credentialIssuerConfigInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&crdpinnipedv1alpha1.CredentialIssuerConfig{}, f.defaultInformer)
}
func (f *credentialIssuerConfigInformer) Lister() v1alpha1.CredentialIssuerConfigLister {
return v1alpha1.NewCredentialIssuerConfigLister(f.Informer().GetIndexer())
}

View File

@ -13,8 +13,8 @@ import (
// Interface provides access to all the informers in this group version. // Interface provides access to all the informers in this group version.
type Interface interface { type Interface interface {
// PinnipedDiscoveryInfos returns a PinnipedDiscoveryInfoInformer. // CredentialIssuerConfigs returns a CredentialIssuerConfigInformer.
PinnipedDiscoveryInfos() PinnipedDiscoveryInfoInformer CredentialIssuerConfigs() CredentialIssuerConfigInformer
} }
type version struct { type version struct {
@ -28,7 +28,7 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
} }
// PinnipedDiscoveryInfos returns a PinnipedDiscoveryInfoInformer. // CredentialIssuerConfigs returns a CredentialIssuerConfigInformer.
func (v *version) PinnipedDiscoveryInfos() PinnipedDiscoveryInfoInformer { func (v *version) CredentialIssuerConfigs() CredentialIssuerConfigInformer {
return &pinnipedDiscoveryInfoInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} return &credentialIssuerConfigInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
} }

View File

@ -1,78 +0,0 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
time "time"
crdpinnipedv1alpha1 "github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1"
versioned "github.com/suzerain-io/pinniped/generated/1.17/client/clientset/versioned"
internalinterfaces "github.com/suzerain-io/pinniped/generated/1.17/client/informers/externalversions/internalinterfaces"
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.17/client/listers/crdpinniped/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// PinnipedDiscoveryInfoInformer provides access to a shared informer and lister for
// PinnipedDiscoveryInfos.
type PinnipedDiscoveryInfoInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.PinnipedDiscoveryInfoLister
}
type pinnipedDiscoveryInfoInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewPinnipedDiscoveryInfoInformer constructs a new informer for PinnipedDiscoveryInfo type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewPinnipedDiscoveryInfoInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredPinnipedDiscoveryInfoInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredPinnipedDiscoveryInfoInformer constructs a new informer for PinnipedDiscoveryInfo type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredPinnipedDiscoveryInfoInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.CrdV1alpha1().PinnipedDiscoveryInfos(namespace).List(options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.CrdV1alpha1().PinnipedDiscoveryInfos(namespace).Watch(options)
},
},
&crdpinnipedv1alpha1.PinnipedDiscoveryInfo{},
resyncPeriod,
indexers,
)
}
func (f *pinnipedDiscoveryInfoInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredPinnipedDiscoveryInfoInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *pinnipedDiscoveryInfoInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&crdpinnipedv1alpha1.PinnipedDiscoveryInfo{}, f.defaultInformer)
}
func (f *pinnipedDiscoveryInfoInformer) Lister() v1alpha1.PinnipedDiscoveryInfoLister {
return v1alpha1.NewPinnipedDiscoveryInfoLister(f.Informer().GetIndexer())
}

View File

@ -43,8 +43,8 @@ func (f *genericInformer) Lister() cache.GenericLister {
func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) {
switch resource { switch resource {
// Group=crd.pinniped.dev, Version=v1alpha1 // Group=crd.pinniped.dev, Version=v1alpha1
case v1alpha1.SchemeGroupVersion.WithResource("pinnipeddiscoveryinfos"): case v1alpha1.SchemeGroupVersion.WithResource("credentialissuerconfigs"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1alpha1().PinnipedDiscoveryInfos().Informer()}, nil return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1alpha1().CredentialIssuerConfigs().Informer()}, nil
// Group=pinniped.dev, Version=v1alpha1 // Group=pinniped.dev, Version=v1alpha1
case pinnipedv1alpha1.SchemeGroupVersion.WithResource("credentialrequests"): case pinnipedv1alpha1.SchemeGroupVersion.WithResource("credentialrequests"):

View File

@ -0,0 +1,83 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigLister helps list CredentialIssuerConfigs.
type CredentialIssuerConfigLister interface {
// List lists all CredentialIssuerConfigs in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister
CredentialIssuerConfigListerExpansion
}
// credentialIssuerConfigLister implements the CredentialIssuerConfigLister interface.
type credentialIssuerConfigLister struct {
indexer cache.Indexer
}
// NewCredentialIssuerConfigLister returns a new CredentialIssuerConfigLister.
func NewCredentialIssuerConfigLister(indexer cache.Indexer) CredentialIssuerConfigLister {
return &credentialIssuerConfigLister{indexer: indexer}
}
// List lists all CredentialIssuerConfigs in the indexer.
func (s *credentialIssuerConfigLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
func (s *credentialIssuerConfigLister) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister {
return credentialIssuerConfigNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// CredentialIssuerConfigNamespaceLister helps list and get CredentialIssuerConfigs.
type CredentialIssuerConfigNamespaceLister interface {
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.CredentialIssuerConfig, error)
CredentialIssuerConfigNamespaceListerExpansion
}
// credentialIssuerConfigNamespaceLister implements the CredentialIssuerConfigNamespaceLister
// interface.
type credentialIssuerConfigNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
func (s credentialIssuerConfigNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
func (s credentialIssuerConfigNamespaceLister) Get(name string) (*v1alpha1.CredentialIssuerConfig, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuerconfig"), name)
}
return obj.(*v1alpha1.CredentialIssuerConfig), nil
}

View File

@ -7,10 +7,10 @@ SPDX-License-Identifier: Apache-2.0
package v1alpha1 package v1alpha1
// PinnipedDiscoveryInfoListerExpansion allows custom methods to be added to // CredentialIssuerConfigListerExpansion allows custom methods to be added to
// PinnipedDiscoveryInfoLister. // CredentialIssuerConfigLister.
type PinnipedDiscoveryInfoListerExpansion interface{} type CredentialIssuerConfigListerExpansion interface{}
// PinnipedDiscoveryInfoNamespaceListerExpansion allows custom methods to be added to // CredentialIssuerConfigNamespaceListerExpansion allows custom methods to be added to
// PinnipedDiscoveryInfoNamespaceLister. // CredentialIssuerConfigNamespaceLister.
type PinnipedDiscoveryInfoNamespaceListerExpansion interface{} type CredentialIssuerConfigNamespaceListerExpansion interface{}

View File

@ -1,83 +0,0 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// PinnipedDiscoveryInfoLister helps list PinnipedDiscoveryInfos.
type PinnipedDiscoveryInfoLister interface {
// List lists all PinnipedDiscoveryInfos in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.PinnipedDiscoveryInfo, err error)
// PinnipedDiscoveryInfos returns an object that can list and get PinnipedDiscoveryInfos.
PinnipedDiscoveryInfos(namespace string) PinnipedDiscoveryInfoNamespaceLister
PinnipedDiscoveryInfoListerExpansion
}
// pinnipedDiscoveryInfoLister implements the PinnipedDiscoveryInfoLister interface.
type pinnipedDiscoveryInfoLister struct {
indexer cache.Indexer
}
// NewPinnipedDiscoveryInfoLister returns a new PinnipedDiscoveryInfoLister.
func NewPinnipedDiscoveryInfoLister(indexer cache.Indexer) PinnipedDiscoveryInfoLister {
return &pinnipedDiscoveryInfoLister{indexer: indexer}
}
// List lists all PinnipedDiscoveryInfos in the indexer.
func (s *pinnipedDiscoveryInfoLister) List(selector labels.Selector) (ret []*v1alpha1.PinnipedDiscoveryInfo, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.PinnipedDiscoveryInfo))
})
return ret, err
}
// PinnipedDiscoveryInfos returns an object that can list and get PinnipedDiscoveryInfos.
func (s *pinnipedDiscoveryInfoLister) PinnipedDiscoveryInfos(namespace string) PinnipedDiscoveryInfoNamespaceLister {
return pinnipedDiscoveryInfoNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// PinnipedDiscoveryInfoNamespaceLister helps list and get PinnipedDiscoveryInfos.
type PinnipedDiscoveryInfoNamespaceLister interface {
// List lists all PinnipedDiscoveryInfos in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.PinnipedDiscoveryInfo, err error)
// Get retrieves the PinnipedDiscoveryInfo from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.PinnipedDiscoveryInfo, error)
PinnipedDiscoveryInfoNamespaceListerExpansion
}
// pinnipedDiscoveryInfoNamespaceLister implements the PinnipedDiscoveryInfoNamespaceLister
// interface.
type pinnipedDiscoveryInfoNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all PinnipedDiscoveryInfos in the indexer for a given namespace.
func (s pinnipedDiscoveryInfoNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.PinnipedDiscoveryInfo, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.PinnipedDiscoveryInfo))
})
return ret, err
}
// Get retrieves the PinnipedDiscoveryInfo from the indexer for a given namespace and name.
func (s pinnipedDiscoveryInfoNamespaceLister) Get(name string) (*v1alpha1.PinnipedDiscoveryInfo, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("pinnipeddiscoveryinfo"), name)
}
return obj.(*v1alpha1.PinnipedDiscoveryInfo), nil
}

View File

@ -19,9 +19,11 @@ import (
func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition {
return map[string]common.OpenAPIDefinition{ return map[string]common.OpenAPIDefinition{
"github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfo": schema_117_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfo(ref), "github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.CredentialIssuerConfig": schema_117_apis_crdpinniped_v1alpha1_CredentialIssuerConfig(ref),
"github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfoList": schema_117_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoList(ref), "github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.CredentialIssuerConfigKubeConfigInfo": schema_117_apis_crdpinniped_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref),
"github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfoSpec": schema_117_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoSpec(ref), "github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.CredentialIssuerConfigList": schema_117_apis_crdpinniped_v1alpha1_CredentialIssuerConfigList(ref),
"github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStatus": schema_117_apis_crdpinniped_v1alpha1_CredentialIssuerConfigStatus(ref),
"github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStrategy": schema_117_apis_crdpinniped_v1alpha1_CredentialIssuerConfigStrategy(ref),
"github.com/suzerain-io/pinniped/generated/1.17/apis/pinniped/v1alpha1.CredentialRequest": schema_117_apis_pinniped_v1alpha1_CredentialRequest(ref), "github.com/suzerain-io/pinniped/generated/1.17/apis/pinniped/v1alpha1.CredentialRequest": schema_117_apis_pinniped_v1alpha1_CredentialRequest(ref),
"github.com/suzerain-io/pinniped/generated/1.17/apis/pinniped/v1alpha1.CredentialRequestCredential": schema_117_apis_pinniped_v1alpha1_CredentialRequestCredential(ref), "github.com/suzerain-io/pinniped/generated/1.17/apis/pinniped/v1alpha1.CredentialRequestCredential": schema_117_apis_pinniped_v1alpha1_CredentialRequestCredential(ref),
"github.com/suzerain-io/pinniped/generated/1.17/apis/pinniped/v1alpha1.CredentialRequestList": schema_117_apis_pinniped_v1alpha1_CredentialRequestList(ref), "github.com/suzerain-io/pinniped/generated/1.17/apis/pinniped/v1alpha1.CredentialRequestList": schema_117_apis_pinniped_v1alpha1_CredentialRequestList(ref),
@ -82,7 +84,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
} }
} }
func schema_117_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_117_apis_crdpinniped_v1alpha1_CredentialIssuerConfig(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -107,21 +109,47 @@ func schema_117_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfo(ref common.Refer
Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
}, },
}, },
"spec": { "status": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Ref: ref("github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfoSpec"), Ref: ref("github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStatus"),
}, },
}, },
}, },
Required: []string{"spec"}, Required: []string{"status"},
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfoSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, "github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
} }
} }
func schema_117_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoList(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_117_apis_crdpinniped_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
Type: []string{"object"},
Properties: map[string]spec.Schema{
"server": {
SchemaProps: spec.SchemaProps{
Description: "The K8s API server URL. Required.",
Type: []string{"string"},
Format: "",
},
},
"certificateAuthorityData": {
SchemaProps: spec.SchemaProps{
Description: "The K8s API server CA bundle. Required.",
Type: []string{"string"},
Format: "",
},
},
},
},
},
}
}
func schema_117_apis_crdpinniped_v1alpha1_CredentialIssuerConfigList(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -152,7 +180,7 @@ func schema_117_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoList(ref common.R
Items: &spec.SchemaOrArray{ Items: &spec.SchemaOrArray{
Schema: &spec.Schema{ Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Ref: ref("github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfo"), Ref: ref("github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.CredentialIssuerConfig"),
}, },
}, },
}, },
@ -163,33 +191,83 @@ func schema_117_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoList(ref common.R
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfo", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, "github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.CredentialIssuerConfig", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
} }
} }
func schema_117_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_117_apis_crdpinniped_v1alpha1_CredentialIssuerConfigStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"server": { "strategies": {
SchemaProps: spec.SchemaProps{
Type: []string{"array"},
Items: &spec.SchemaOrArray{
Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{
Ref: ref("github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStrategy"),
},
},
},
},
},
"kubeConfigInfo": {
SchemaProps: spec.SchemaProps{
Ref: ref("github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.CredentialIssuerConfigKubeConfigInfo"),
},
},
},
Required: []string{"strategies"},
},
},
Dependencies: []string{
"github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.CredentialIssuerConfigKubeConfigInfo", "github.com/suzerain-io/pinniped/generated/1.17/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStrategy"},
}
}
func schema_117_apis_crdpinniped_v1alpha1_CredentialIssuerConfigStrategy(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
Type: []string{"object"},
Properties: map[string]spec.Schema{
"type": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "The K8s API server URL. Required.",
Type: []string{"string"}, Type: []string{"string"},
Format: "", Format: "",
}, },
}, },
"certificateAuthorityData": { "status": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "The K8s API server CA bundle. Required.",
Type: []string{"string"}, Type: []string{"string"},
Format: "", Format: "",
}, },
}, },
"reason": {
SchemaProps: spec.SchemaProps{
Type: []string{"string"},
Format: "",
},
},
"message": {
SchemaProps: spec.SchemaProps{
Type: []string{"string"},
Format: "",
},
},
"lastUpdateTime": {
SchemaProps: spec.SchemaProps{
Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
}, },
}, },
}, },
Required: []string{"lastUpdateTime"},
},
},
Dependencies: []string{
"k8s.io/apimachinery/pkg/apis/meta/v1.Time"},
} }
} }

View File

@ -33,8 +33,8 @@ func init() {
// Adds the list of known types to the given scheme. // Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error { func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion, scheme.AddKnownTypes(SchemeGroupVersion,
&PinnipedDiscoveryInfo{}, &CredentialIssuerConfig{},
&PinnipedDiscoveryInfoList{}, &CredentialIssuerConfigList{},
) )
metav1.AddToGroupVersion(scheme, SchemeGroupVersion) metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil return nil

View File

@ -7,7 +7,28 @@ package v1alpha1
import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
type PinnipedDiscoveryInfoSpec struct { type StrategyType string
type StrategyStatus string
type StrategyReason string
const (
KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate")
SuccessStrategyStatus = StrategyStatus("Success")
ErrorStrategyStatus = StrategyStatus("Error")
CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey")
FetchedKeyStrategyReason = StrategyReason("FetchedKey")
)
type CredentialIssuerConfigStatus struct {
Strategies []CredentialIssuerConfigStrategy `json:"strategies"`
// +optional
KubeConfigInfo *CredentialIssuerConfigKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
}
type CredentialIssuerConfigKubeConfigInfo struct {
// The K8s API server URL. Required. // The K8s API server URL. Required.
Server string `json:"server,omitempty"` Server string `json:"server,omitempty"`
@ -15,21 +36,29 @@ type PinnipedDiscoveryInfoSpec struct {
CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"`
} }
type CredentialIssuerConfigStrategy struct {
Type StrategyType `json:"type,omitempty"`
Status StrategyStatus `json:"status,omitempty"`
Reason StrategyReason `json:"reason,omitempty"`
Message string `json:"message,omitempty"`
LastUpdateTime metav1.Time `json:"lastUpdateTime"`
}
// +genclient // +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type PinnipedDiscoveryInfo struct { type CredentialIssuerConfig struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"` metav1.ObjectMeta `json:"metadata,omitempty"`
Spec PinnipedDiscoveryInfoSpec `json:"spec"` Status CredentialIssuerConfigStatus `json:"status"`
} }
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type PinnipedDiscoveryInfoList struct { type CredentialIssuerConfigList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"` metav1.ListMeta `json:"metadata,omitempty"`
Items []PinnipedDiscoveryInfo `json:"items"` Items []CredentialIssuerConfig `json:"items"`
} }

View File

@ -14,26 +14,26 @@ import (
) )
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PinnipedDiscoveryInfo) DeepCopyInto(out *PinnipedDiscoveryInfo) { func (in *CredentialIssuerConfig) DeepCopyInto(out *CredentialIssuerConfig) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
out.Spec = in.Spec in.Status.DeepCopyInto(&out.Status)
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnipedDiscoveryInfo. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfig.
func (in *PinnipedDiscoveryInfo) DeepCopy() *PinnipedDiscoveryInfo { func (in *CredentialIssuerConfig) DeepCopy() *CredentialIssuerConfig {
if in == nil { if in == nil {
return nil return nil
} }
out := new(PinnipedDiscoveryInfo) out := new(CredentialIssuerConfig)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *PinnipedDiscoveryInfo) DeepCopyObject() runtime.Object { func (in *CredentialIssuerConfig) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -41,13 +41,29 @@ func (in *PinnipedDiscoveryInfo) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PinnipedDiscoveryInfoList) DeepCopyInto(out *PinnipedDiscoveryInfoList) { func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopyInto(out *CredentialIssuerConfigKubeConfigInfo) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigKubeConfigInfo.
func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopy() *CredentialIssuerConfigKubeConfigInfo {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigKubeConfigInfo)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigList) DeepCopyInto(out *CredentialIssuerConfigList) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta) in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil { if in.Items != nil {
in, out := &in.Items, &out.Items in, out := &in.Items, &out.Items
*out = make([]PinnipedDiscoveryInfo, len(*in)) *out = make([]CredentialIssuerConfig, len(*in))
for i := range *in { for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i]) (*in)[i].DeepCopyInto(&(*out)[i])
} }
@ -55,18 +71,18 @@ func (in *PinnipedDiscoveryInfoList) DeepCopyInto(out *PinnipedDiscoveryInfoList
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnipedDiscoveryInfoList. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigList.
func (in *PinnipedDiscoveryInfoList) DeepCopy() *PinnipedDiscoveryInfoList { func (in *CredentialIssuerConfigList) DeepCopy() *CredentialIssuerConfigList {
if in == nil { if in == nil {
return nil return nil
} }
out := new(PinnipedDiscoveryInfoList) out := new(CredentialIssuerConfigList)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *PinnipedDiscoveryInfoList) DeepCopyObject() runtime.Object { func (in *CredentialIssuerConfigList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -74,17 +90,46 @@ func (in *PinnipedDiscoveryInfoList) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PinnipedDiscoveryInfoSpec) DeepCopyInto(out *PinnipedDiscoveryInfoSpec) { func (in *CredentialIssuerConfigStatus) DeepCopyInto(out *CredentialIssuerConfigStatus) {
*out = *in *out = *in
if in.Strategies != nil {
in, out := &in.Strategies, &out.Strategies
*out = make([]CredentialIssuerConfigStrategy, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
if in.KubeConfigInfo != nil {
in, out := &in.KubeConfigInfo, &out.KubeConfigInfo
*out = new(CredentialIssuerConfigKubeConfigInfo)
**out = **in
}
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnipedDiscoveryInfoSpec. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStatus.
func (in *PinnipedDiscoveryInfoSpec) DeepCopy() *PinnipedDiscoveryInfoSpec { func (in *CredentialIssuerConfigStatus) DeepCopy() *CredentialIssuerConfigStatus {
if in == nil { if in == nil {
return nil return nil
} }
out := new(PinnipedDiscoveryInfoSpec) out := new(CredentialIssuerConfigStatus)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigStrategy) DeepCopyInto(out *CredentialIssuerConfigStrategy) {
*out = *in
in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStrategy.
func (in *CredentialIssuerConfigStrategy) DeepCopy() *CredentialIssuerConfigStrategy {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigStrategy)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }

View File

@ -15,7 +15,7 @@ import (
type CrdV1alpha1Interface interface { type CrdV1alpha1Interface interface {
RESTClient() rest.Interface RESTClient() rest.Interface
PinnipedDiscoveryInfosGetter CredentialIssuerConfigsGetter
} }
// CrdV1alpha1Client is used to interact with features provided by the crd.pinniped.dev group. // CrdV1alpha1Client is used to interact with features provided by the crd.pinniped.dev group.
@ -23,8 +23,8 @@ type CrdV1alpha1Client struct {
restClient rest.Interface restClient rest.Interface
} }
func (c *CrdV1alpha1Client) PinnipedDiscoveryInfos(namespace string) PinnipedDiscoveryInfoInterface { func (c *CrdV1alpha1Client) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface {
return newPinnipedDiscoveryInfos(c, namespace) return newCredentialIssuerConfigs(c, namespace)
} }
// NewForConfig creates a new CrdV1alpha1Client for the given config. // NewForConfig creates a new CrdV1alpha1Client for the given config.

View File

@ -0,0 +1,184 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1"
scheme "github.com/suzerain-io/pinniped/generated/1.18/client/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// CredentialIssuerConfigsGetter has a method to return a CredentialIssuerConfigInterface.
// A group's client should implement this interface.
type CredentialIssuerConfigsGetter interface {
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface
}
// CredentialIssuerConfigInterface has methods to work with CredentialIssuerConfig resources.
type CredentialIssuerConfigInterface interface {
Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (*v1alpha1.CredentialIssuerConfig, error)
Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error)
UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuerConfig, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerConfigList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error)
CredentialIssuerConfigExpansion
}
// credentialIssuerConfigs implements CredentialIssuerConfigInterface
type credentialIssuerConfigs struct {
client rest.Interface
ns string
}
// newCredentialIssuerConfigs returns a CredentialIssuerConfigs
func newCredentialIssuerConfigs(c *CrdV1alpha1Client, namespace string) *credentialIssuerConfigs {
return &credentialIssuerConfigs{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *credentialIssuerConfigs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *credentialIssuerConfigs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.CredentialIssuerConfigList{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *credentialIssuerConfigs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Post().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *credentialIssuerConfigs) UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *credentialIssuerConfigs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *credentialIssuerConfigs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *credentialIssuerConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

View File

@ -17,8 +17,8 @@ type FakeCrdV1alpha1 struct {
*testing.Fake *testing.Fake
} }
func (c *FakeCrdV1alpha1) PinnipedDiscoveryInfos(namespace string) v1alpha1.PinnipedDiscoveryInfoInterface { func (c *FakeCrdV1alpha1) CredentialIssuerConfigs(namespace string) v1alpha1.CredentialIssuerConfigInterface {
return &FakePinnipedDiscoveryInfos{c, namespace} return &FakeCredentialIssuerConfigs{c, namespace}
} }
// RESTClient returns a RESTClient that is used to communicate // RESTClient returns a RESTClient that is used to communicate

View File

@ -0,0 +1,131 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeCredentialIssuerConfigs implements CredentialIssuerConfigInterface
type FakeCredentialIssuerConfigs struct {
Fake *FakeCrdV1alpha1
ns string
}
var credentialissuerconfigsResource = schema.GroupVersionResource{Group: "crd.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuerconfigs"}
var credentialissuerconfigsKind = schema.GroupVersionKind{Group: "crd.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuerConfig"}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *FakeCredentialIssuerConfigs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *FakeCredentialIssuerConfigs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(credentialissuerconfigsResource, credentialissuerconfigsKind, c.ns, opts), &v1alpha1.CredentialIssuerConfigList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.CredentialIssuerConfigList{ListMeta: obj.(*v1alpha1.CredentialIssuerConfigList).ListMeta}
for _, item := range obj.(*v1alpha1.CredentialIssuerConfigList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *FakeCredentialIssuerConfigs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(credentialissuerconfigsResource, c.ns, opts))
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeCredentialIssuerConfigs) UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(credentialissuerconfigsResource, "status", c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *FakeCredentialIssuerConfigs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeCredentialIssuerConfigs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(credentialissuerconfigsResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerConfigList{})
return err
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *FakeCredentialIssuerConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(credentialissuerconfigsResource, c.ns, name, pt, data, subresources...), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}

View File

@ -1,119 +0,0 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakePinnipedDiscoveryInfos implements PinnipedDiscoveryInfoInterface
type FakePinnipedDiscoveryInfos struct {
Fake *FakeCrdV1alpha1
ns string
}
var pinnipeddiscoveryinfosResource = schema.GroupVersionResource{Group: "crd.pinniped.dev", Version: "v1alpha1", Resource: "pinnipeddiscoveryinfos"}
var pinnipeddiscoveryinfosKind = schema.GroupVersionKind{Group: "crd.pinniped.dev", Version: "v1alpha1", Kind: "PinnipedDiscoveryInfo"}
// Get takes name of the pinnipedDiscoveryInfo, and returns the corresponding pinnipedDiscoveryInfo object, and an error if there is any.
func (c *FakePinnipedDiscoveryInfos) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(pinnipeddiscoveryinfosResource, c.ns, name), &v1alpha1.PinnipedDiscoveryInfo{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.PinnipedDiscoveryInfo), err
}
// List takes label and field selectors, and returns the list of PinnipedDiscoveryInfos that match those selectors.
func (c *FakePinnipedDiscoveryInfos) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.PinnipedDiscoveryInfoList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(pinnipeddiscoveryinfosResource, pinnipeddiscoveryinfosKind, c.ns, opts), &v1alpha1.PinnipedDiscoveryInfoList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.PinnipedDiscoveryInfoList{ListMeta: obj.(*v1alpha1.PinnipedDiscoveryInfoList).ListMeta}
for _, item := range obj.(*v1alpha1.PinnipedDiscoveryInfoList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested pinnipedDiscoveryInfos.
func (c *FakePinnipedDiscoveryInfos) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(pinnipeddiscoveryinfosResource, c.ns, opts))
}
// Create takes the representation of a pinnipedDiscoveryInfo and creates it. Returns the server's representation of the pinnipedDiscoveryInfo, and an error, if there is any.
func (c *FakePinnipedDiscoveryInfos) Create(ctx context.Context, pinnipedDiscoveryInfo *v1alpha1.PinnipedDiscoveryInfo, opts v1.CreateOptions) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(pinnipeddiscoveryinfosResource, c.ns, pinnipedDiscoveryInfo), &v1alpha1.PinnipedDiscoveryInfo{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.PinnipedDiscoveryInfo), err
}
// Update takes the representation of a pinnipedDiscoveryInfo and updates it. Returns the server's representation of the pinnipedDiscoveryInfo, and an error, if there is any.
func (c *FakePinnipedDiscoveryInfos) Update(ctx context.Context, pinnipedDiscoveryInfo *v1alpha1.PinnipedDiscoveryInfo, opts v1.UpdateOptions) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(pinnipeddiscoveryinfosResource, c.ns, pinnipedDiscoveryInfo), &v1alpha1.PinnipedDiscoveryInfo{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.PinnipedDiscoveryInfo), err
}
// Delete takes name of the pinnipedDiscoveryInfo and deletes it. Returns an error if one occurs.
func (c *FakePinnipedDiscoveryInfos) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(pinnipeddiscoveryinfosResource, c.ns, name), &v1alpha1.PinnipedDiscoveryInfo{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakePinnipedDiscoveryInfos) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(pinnipeddiscoveryinfosResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.PinnipedDiscoveryInfoList{})
return err
}
// Patch applies the patch and returns the patched pinnipedDiscoveryInfo.
func (c *FakePinnipedDiscoveryInfos) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(pinnipeddiscoveryinfosResource, c.ns, name, pt, data, subresources...), &v1alpha1.PinnipedDiscoveryInfo{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.PinnipedDiscoveryInfo), err
}

View File

@ -7,4 +7,4 @@ SPDX-License-Identifier: Apache-2.0
package v1alpha1 package v1alpha1
type PinnipedDiscoveryInfoExpansion interface{} type CredentialIssuerConfigExpansion interface{}

View File

@ -1,167 +0,0 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1"
scheme "github.com/suzerain-io/pinniped/generated/1.18/client/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// PinnipedDiscoveryInfosGetter has a method to return a PinnipedDiscoveryInfoInterface.
// A group's client should implement this interface.
type PinnipedDiscoveryInfosGetter interface {
PinnipedDiscoveryInfos(namespace string) PinnipedDiscoveryInfoInterface
}
// PinnipedDiscoveryInfoInterface has methods to work with PinnipedDiscoveryInfo resources.
type PinnipedDiscoveryInfoInterface interface {
Create(ctx context.Context, pinnipedDiscoveryInfo *v1alpha1.PinnipedDiscoveryInfo, opts v1.CreateOptions) (*v1alpha1.PinnipedDiscoveryInfo, error)
Update(ctx context.Context, pinnipedDiscoveryInfo *v1alpha1.PinnipedDiscoveryInfo, opts v1.UpdateOptions) (*v1alpha1.PinnipedDiscoveryInfo, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.PinnipedDiscoveryInfo, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.PinnipedDiscoveryInfoList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.PinnipedDiscoveryInfo, err error)
PinnipedDiscoveryInfoExpansion
}
// pinnipedDiscoveryInfos implements PinnipedDiscoveryInfoInterface
type pinnipedDiscoveryInfos struct {
client rest.Interface
ns string
}
// newPinnipedDiscoveryInfos returns a PinnipedDiscoveryInfos
func newPinnipedDiscoveryInfos(c *CrdV1alpha1Client, namespace string) *pinnipedDiscoveryInfos {
return &pinnipedDiscoveryInfos{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the pinnipedDiscoveryInfo, and returns the corresponding pinnipedDiscoveryInfo object, and an error if there is any.
func (c *pinnipedDiscoveryInfos) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
result = &v1alpha1.PinnipedDiscoveryInfo{}
err = c.client.Get().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of PinnipedDiscoveryInfos that match those selectors.
func (c *pinnipedDiscoveryInfos) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.PinnipedDiscoveryInfoList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.PinnipedDiscoveryInfoList{}
err = c.client.Get().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested pinnipedDiscoveryInfos.
func (c *pinnipedDiscoveryInfos) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a pinnipedDiscoveryInfo and creates it. Returns the server's representation of the pinnipedDiscoveryInfo, and an error, if there is any.
func (c *pinnipedDiscoveryInfos) Create(ctx context.Context, pinnipedDiscoveryInfo *v1alpha1.PinnipedDiscoveryInfo, opts v1.CreateOptions) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
result = &v1alpha1.PinnipedDiscoveryInfo{}
err = c.client.Post().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
VersionedParams(&opts, scheme.ParameterCodec).
Body(pinnipedDiscoveryInfo).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a pinnipedDiscoveryInfo and updates it. Returns the server's representation of the pinnipedDiscoveryInfo, and an error, if there is any.
func (c *pinnipedDiscoveryInfos) Update(ctx context.Context, pinnipedDiscoveryInfo *v1alpha1.PinnipedDiscoveryInfo, opts v1.UpdateOptions) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
result = &v1alpha1.PinnipedDiscoveryInfo{}
err = c.client.Put().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
Name(pinnipedDiscoveryInfo.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(pinnipedDiscoveryInfo).
Do(ctx).
Into(result)
return
}
// Delete takes name of the pinnipedDiscoveryInfo and deletes it. Returns an error if one occurs.
func (c *pinnipedDiscoveryInfos) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *pinnipedDiscoveryInfos) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched pinnipedDiscoveryInfo.
func (c *pinnipedDiscoveryInfos) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
result = &v1alpha1.PinnipedDiscoveryInfo{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

View File

@ -0,0 +1,79 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
crdpinnipedv1alpha1 "github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1"
versioned "github.com/suzerain-io/pinniped/generated/1.18/client/clientset/versioned"
internalinterfaces "github.com/suzerain-io/pinniped/generated/1.18/client/informers/externalversions/internalinterfaces"
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.18/client/listers/crdpinniped/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigInformer provides access to a shared informer and lister for
// CredentialIssuerConfigs.
type CredentialIssuerConfigInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.CredentialIssuerConfigLister
}
type credentialIssuerConfigInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.CrdV1alpha1().CredentialIssuerConfigs(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.CrdV1alpha1().CredentialIssuerConfigs(namespace).Watch(context.TODO(), options)
},
},
&crdpinnipedv1alpha1.CredentialIssuerConfig{},
resyncPeriod,
indexers,
)
}
func (f *credentialIssuerConfigInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *credentialIssuerConfigInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&crdpinnipedv1alpha1.CredentialIssuerConfig{}, f.defaultInformer)
}
func (f *credentialIssuerConfigInformer) Lister() v1alpha1.CredentialIssuerConfigLister {
return v1alpha1.NewCredentialIssuerConfigLister(f.Informer().GetIndexer())
}

View File

@ -13,8 +13,8 @@ import (
// Interface provides access to all the informers in this group version. // Interface provides access to all the informers in this group version.
type Interface interface { type Interface interface {
// PinnipedDiscoveryInfos returns a PinnipedDiscoveryInfoInformer. // CredentialIssuerConfigs returns a CredentialIssuerConfigInformer.
PinnipedDiscoveryInfos() PinnipedDiscoveryInfoInformer CredentialIssuerConfigs() CredentialIssuerConfigInformer
} }
type version struct { type version struct {
@ -28,7 +28,7 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
} }
// PinnipedDiscoveryInfos returns a PinnipedDiscoveryInfoInformer. // CredentialIssuerConfigs returns a CredentialIssuerConfigInformer.
func (v *version) PinnipedDiscoveryInfos() PinnipedDiscoveryInfoInformer { func (v *version) CredentialIssuerConfigs() CredentialIssuerConfigInformer {
return &pinnipedDiscoveryInfoInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} return &credentialIssuerConfigInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
} }

View File

@ -1,79 +0,0 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
crdpinnipedv1alpha1 "github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1"
versioned "github.com/suzerain-io/pinniped/generated/1.18/client/clientset/versioned"
internalinterfaces "github.com/suzerain-io/pinniped/generated/1.18/client/informers/externalversions/internalinterfaces"
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.18/client/listers/crdpinniped/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// PinnipedDiscoveryInfoInformer provides access to a shared informer and lister for
// PinnipedDiscoveryInfos.
type PinnipedDiscoveryInfoInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.PinnipedDiscoveryInfoLister
}
type pinnipedDiscoveryInfoInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewPinnipedDiscoveryInfoInformer constructs a new informer for PinnipedDiscoveryInfo type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewPinnipedDiscoveryInfoInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredPinnipedDiscoveryInfoInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredPinnipedDiscoveryInfoInformer constructs a new informer for PinnipedDiscoveryInfo type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredPinnipedDiscoveryInfoInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.CrdV1alpha1().PinnipedDiscoveryInfos(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.CrdV1alpha1().PinnipedDiscoveryInfos(namespace).Watch(context.TODO(), options)
},
},
&crdpinnipedv1alpha1.PinnipedDiscoveryInfo{},
resyncPeriod,
indexers,
)
}
func (f *pinnipedDiscoveryInfoInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredPinnipedDiscoveryInfoInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *pinnipedDiscoveryInfoInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&crdpinnipedv1alpha1.PinnipedDiscoveryInfo{}, f.defaultInformer)
}
func (f *pinnipedDiscoveryInfoInformer) Lister() v1alpha1.PinnipedDiscoveryInfoLister {
return v1alpha1.NewPinnipedDiscoveryInfoLister(f.Informer().GetIndexer())
}

View File

@ -43,8 +43,8 @@ func (f *genericInformer) Lister() cache.GenericLister {
func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) {
switch resource { switch resource {
// Group=crd.pinniped.dev, Version=v1alpha1 // Group=crd.pinniped.dev, Version=v1alpha1
case v1alpha1.SchemeGroupVersion.WithResource("pinnipeddiscoveryinfos"): case v1alpha1.SchemeGroupVersion.WithResource("credentialissuerconfigs"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1alpha1().PinnipedDiscoveryInfos().Informer()}, nil return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1alpha1().CredentialIssuerConfigs().Informer()}, nil
// Group=pinniped.dev, Version=v1alpha1 // Group=pinniped.dev, Version=v1alpha1
case pinnipedv1alpha1.SchemeGroupVersion.WithResource("credentialrequests"): case pinnipedv1alpha1.SchemeGroupVersion.WithResource("credentialrequests"):

View File

@ -0,0 +1,83 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigLister helps list CredentialIssuerConfigs.
type CredentialIssuerConfigLister interface {
// List lists all CredentialIssuerConfigs in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister
CredentialIssuerConfigListerExpansion
}
// credentialIssuerConfigLister implements the CredentialIssuerConfigLister interface.
type credentialIssuerConfigLister struct {
indexer cache.Indexer
}
// NewCredentialIssuerConfigLister returns a new CredentialIssuerConfigLister.
func NewCredentialIssuerConfigLister(indexer cache.Indexer) CredentialIssuerConfigLister {
return &credentialIssuerConfigLister{indexer: indexer}
}
// List lists all CredentialIssuerConfigs in the indexer.
func (s *credentialIssuerConfigLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
func (s *credentialIssuerConfigLister) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister {
return credentialIssuerConfigNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// CredentialIssuerConfigNamespaceLister helps list and get CredentialIssuerConfigs.
type CredentialIssuerConfigNamespaceLister interface {
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.CredentialIssuerConfig, error)
CredentialIssuerConfigNamespaceListerExpansion
}
// credentialIssuerConfigNamespaceLister implements the CredentialIssuerConfigNamespaceLister
// interface.
type credentialIssuerConfigNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
func (s credentialIssuerConfigNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
func (s credentialIssuerConfigNamespaceLister) Get(name string) (*v1alpha1.CredentialIssuerConfig, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuerconfig"), name)
}
return obj.(*v1alpha1.CredentialIssuerConfig), nil
}

View File

@ -7,10 +7,10 @@ SPDX-License-Identifier: Apache-2.0
package v1alpha1 package v1alpha1
// PinnipedDiscoveryInfoListerExpansion allows custom methods to be added to // CredentialIssuerConfigListerExpansion allows custom methods to be added to
// PinnipedDiscoveryInfoLister. // CredentialIssuerConfigLister.
type PinnipedDiscoveryInfoListerExpansion interface{} type CredentialIssuerConfigListerExpansion interface{}
// PinnipedDiscoveryInfoNamespaceListerExpansion allows custom methods to be added to // CredentialIssuerConfigNamespaceListerExpansion allows custom methods to be added to
// PinnipedDiscoveryInfoNamespaceLister. // CredentialIssuerConfigNamespaceLister.
type PinnipedDiscoveryInfoNamespaceListerExpansion interface{} type CredentialIssuerConfigNamespaceListerExpansion interface{}

View File

@ -1,83 +0,0 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// PinnipedDiscoveryInfoLister helps list PinnipedDiscoveryInfos.
type PinnipedDiscoveryInfoLister interface {
// List lists all PinnipedDiscoveryInfos in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.PinnipedDiscoveryInfo, err error)
// PinnipedDiscoveryInfos returns an object that can list and get PinnipedDiscoveryInfos.
PinnipedDiscoveryInfos(namespace string) PinnipedDiscoveryInfoNamespaceLister
PinnipedDiscoveryInfoListerExpansion
}
// pinnipedDiscoveryInfoLister implements the PinnipedDiscoveryInfoLister interface.
type pinnipedDiscoveryInfoLister struct {
indexer cache.Indexer
}
// NewPinnipedDiscoveryInfoLister returns a new PinnipedDiscoveryInfoLister.
func NewPinnipedDiscoveryInfoLister(indexer cache.Indexer) PinnipedDiscoveryInfoLister {
return &pinnipedDiscoveryInfoLister{indexer: indexer}
}
// List lists all PinnipedDiscoveryInfos in the indexer.
func (s *pinnipedDiscoveryInfoLister) List(selector labels.Selector) (ret []*v1alpha1.PinnipedDiscoveryInfo, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.PinnipedDiscoveryInfo))
})
return ret, err
}
// PinnipedDiscoveryInfos returns an object that can list and get PinnipedDiscoveryInfos.
func (s *pinnipedDiscoveryInfoLister) PinnipedDiscoveryInfos(namespace string) PinnipedDiscoveryInfoNamespaceLister {
return pinnipedDiscoveryInfoNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// PinnipedDiscoveryInfoNamespaceLister helps list and get PinnipedDiscoveryInfos.
type PinnipedDiscoveryInfoNamespaceLister interface {
// List lists all PinnipedDiscoveryInfos in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.PinnipedDiscoveryInfo, err error)
// Get retrieves the PinnipedDiscoveryInfo from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.PinnipedDiscoveryInfo, error)
PinnipedDiscoveryInfoNamespaceListerExpansion
}
// pinnipedDiscoveryInfoNamespaceLister implements the PinnipedDiscoveryInfoNamespaceLister
// interface.
type pinnipedDiscoveryInfoNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all PinnipedDiscoveryInfos in the indexer for a given namespace.
func (s pinnipedDiscoveryInfoNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.PinnipedDiscoveryInfo, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.PinnipedDiscoveryInfo))
})
return ret, err
}
// Get retrieves the PinnipedDiscoveryInfo from the indexer for a given namespace and name.
func (s pinnipedDiscoveryInfoNamespaceLister) Get(name string) (*v1alpha1.PinnipedDiscoveryInfo, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("pinnipeddiscoveryinfo"), name)
}
return obj.(*v1alpha1.PinnipedDiscoveryInfo), nil
}

View File

@ -19,9 +19,11 @@ import (
func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition {
return map[string]common.OpenAPIDefinition{ return map[string]common.OpenAPIDefinition{
"github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfo": schema_118_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfo(ref), "github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.CredentialIssuerConfig": schema_118_apis_crdpinniped_v1alpha1_CredentialIssuerConfig(ref),
"github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfoList": schema_118_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoList(ref), "github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.CredentialIssuerConfigKubeConfigInfo": schema_118_apis_crdpinniped_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref),
"github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfoSpec": schema_118_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoSpec(ref), "github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.CredentialIssuerConfigList": schema_118_apis_crdpinniped_v1alpha1_CredentialIssuerConfigList(ref),
"github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStatus": schema_118_apis_crdpinniped_v1alpha1_CredentialIssuerConfigStatus(ref),
"github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStrategy": schema_118_apis_crdpinniped_v1alpha1_CredentialIssuerConfigStrategy(ref),
"github.com/suzerain-io/pinniped/generated/1.18/apis/pinniped/v1alpha1.CredentialRequest": schema_118_apis_pinniped_v1alpha1_CredentialRequest(ref), "github.com/suzerain-io/pinniped/generated/1.18/apis/pinniped/v1alpha1.CredentialRequest": schema_118_apis_pinniped_v1alpha1_CredentialRequest(ref),
"github.com/suzerain-io/pinniped/generated/1.18/apis/pinniped/v1alpha1.CredentialRequestCredential": schema_118_apis_pinniped_v1alpha1_CredentialRequestCredential(ref), "github.com/suzerain-io/pinniped/generated/1.18/apis/pinniped/v1alpha1.CredentialRequestCredential": schema_118_apis_pinniped_v1alpha1_CredentialRequestCredential(ref),
"github.com/suzerain-io/pinniped/generated/1.18/apis/pinniped/v1alpha1.CredentialRequestList": schema_118_apis_pinniped_v1alpha1_CredentialRequestList(ref), "github.com/suzerain-io/pinniped/generated/1.18/apis/pinniped/v1alpha1.CredentialRequestList": schema_118_apis_pinniped_v1alpha1_CredentialRequestList(ref),
@ -82,7 +84,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
} }
} }
func schema_118_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_118_apis_crdpinniped_v1alpha1_CredentialIssuerConfig(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -107,21 +109,47 @@ func schema_118_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfo(ref common.Refer
Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
}, },
}, },
"spec": { "status": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Ref: ref("github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfoSpec"), Ref: ref("github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStatus"),
}, },
}, },
}, },
Required: []string{"spec"}, Required: []string{"status"},
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfoSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, "github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
} }
} }
func schema_118_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoList(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_118_apis_crdpinniped_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
Type: []string{"object"},
Properties: map[string]spec.Schema{
"server": {
SchemaProps: spec.SchemaProps{
Description: "The K8s API server URL. Required.",
Type: []string{"string"},
Format: "",
},
},
"certificateAuthorityData": {
SchemaProps: spec.SchemaProps{
Description: "The K8s API server CA bundle. Required.",
Type: []string{"string"},
Format: "",
},
},
},
},
},
}
}
func schema_118_apis_crdpinniped_v1alpha1_CredentialIssuerConfigList(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -152,7 +180,7 @@ func schema_118_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoList(ref common.R
Items: &spec.SchemaOrArray{ Items: &spec.SchemaOrArray{
Schema: &spec.Schema{ Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Ref: ref("github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfo"), Ref: ref("github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.CredentialIssuerConfig"),
}, },
}, },
}, },
@ -163,33 +191,83 @@ func schema_118_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoList(ref common.R
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfo", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, "github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.CredentialIssuerConfig", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
} }
} }
func schema_118_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_118_apis_crdpinniped_v1alpha1_CredentialIssuerConfigStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"server": { "strategies": {
SchemaProps: spec.SchemaProps{
Type: []string{"array"},
Items: &spec.SchemaOrArray{
Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{
Ref: ref("github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStrategy"),
},
},
},
},
},
"kubeConfigInfo": {
SchemaProps: spec.SchemaProps{
Ref: ref("github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.CredentialIssuerConfigKubeConfigInfo"),
},
},
},
Required: []string{"strategies"},
},
},
Dependencies: []string{
"github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.CredentialIssuerConfigKubeConfigInfo", "github.com/suzerain-io/pinniped/generated/1.18/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStrategy"},
}
}
func schema_118_apis_crdpinniped_v1alpha1_CredentialIssuerConfigStrategy(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
Type: []string{"object"},
Properties: map[string]spec.Schema{
"type": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "The K8s API server URL. Required.",
Type: []string{"string"}, Type: []string{"string"},
Format: "", Format: "",
}, },
}, },
"certificateAuthorityData": { "status": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "The K8s API server CA bundle. Required.",
Type: []string{"string"}, Type: []string{"string"},
Format: "", Format: "",
}, },
}, },
"reason": {
SchemaProps: spec.SchemaProps{
Type: []string{"string"},
Format: "",
},
},
"message": {
SchemaProps: spec.SchemaProps{
Type: []string{"string"},
Format: "",
},
},
"lastUpdateTime": {
SchemaProps: spec.SchemaProps{
Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
}, },
}, },
}, },
Required: []string{"lastUpdateTime"},
},
},
Dependencies: []string{
"k8s.io/apimachinery/pkg/apis/meta/v1.Time"},
} }
} }

View File

@ -33,8 +33,8 @@ func init() {
// Adds the list of known types to the given scheme. // Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error { func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion, scheme.AddKnownTypes(SchemeGroupVersion,
&PinnipedDiscoveryInfo{}, &CredentialIssuerConfig{},
&PinnipedDiscoveryInfoList{}, &CredentialIssuerConfigList{},
) )
metav1.AddToGroupVersion(scheme, SchemeGroupVersion) metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil return nil

View File

@ -7,7 +7,28 @@ package v1alpha1
import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
type PinnipedDiscoveryInfoSpec struct { type StrategyType string
type StrategyStatus string
type StrategyReason string
const (
KubeClusterSigningCertificateStrategyType = StrategyType("KubeClusterSigningCertificate")
SuccessStrategyStatus = StrategyStatus("Success")
ErrorStrategyStatus = StrategyStatus("Error")
CouldNotFetchKeyStrategyReason = StrategyReason("CouldNotFetchKey")
FetchedKeyStrategyReason = StrategyReason("FetchedKey")
)
type CredentialIssuerConfigStatus struct {
Strategies []CredentialIssuerConfigStrategy `json:"strategies"`
// +optional
KubeConfigInfo *CredentialIssuerConfigKubeConfigInfo `json:"kubeConfigInfo,omitempty"`
}
type CredentialIssuerConfigKubeConfigInfo struct {
// The K8s API server URL. Required. // The K8s API server URL. Required.
Server string `json:"server,omitempty"` Server string `json:"server,omitempty"`
@ -15,21 +36,29 @@ type PinnipedDiscoveryInfoSpec struct {
CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"` CertificateAuthorityData string `json:"certificateAuthorityData,omitempty"`
} }
type CredentialIssuerConfigStrategy struct {
Type StrategyType `json:"type,omitempty"`
Status StrategyStatus `json:"status,omitempty"`
Reason StrategyReason `json:"reason,omitempty"`
Message string `json:"message,omitempty"`
LastUpdateTime metav1.Time `json:"lastUpdateTime"`
}
// +genclient // +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type PinnipedDiscoveryInfo struct { type CredentialIssuerConfig struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"` metav1.ObjectMeta `json:"metadata,omitempty"`
Spec PinnipedDiscoveryInfoSpec `json:"spec"` Status CredentialIssuerConfigStatus `json:"status"`
} }
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type PinnipedDiscoveryInfoList struct { type CredentialIssuerConfigList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"` metav1.ListMeta `json:"metadata,omitempty"`
Items []PinnipedDiscoveryInfo `json:"items"` Items []CredentialIssuerConfig `json:"items"`
} }

View File

@ -14,26 +14,26 @@ import (
) )
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PinnipedDiscoveryInfo) DeepCopyInto(out *PinnipedDiscoveryInfo) { func (in *CredentialIssuerConfig) DeepCopyInto(out *CredentialIssuerConfig) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
out.Spec = in.Spec in.Status.DeepCopyInto(&out.Status)
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnipedDiscoveryInfo. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfig.
func (in *PinnipedDiscoveryInfo) DeepCopy() *PinnipedDiscoveryInfo { func (in *CredentialIssuerConfig) DeepCopy() *CredentialIssuerConfig {
if in == nil { if in == nil {
return nil return nil
} }
out := new(PinnipedDiscoveryInfo) out := new(CredentialIssuerConfig)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *PinnipedDiscoveryInfo) DeepCopyObject() runtime.Object { func (in *CredentialIssuerConfig) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -41,13 +41,29 @@ func (in *PinnipedDiscoveryInfo) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PinnipedDiscoveryInfoList) DeepCopyInto(out *PinnipedDiscoveryInfoList) { func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopyInto(out *CredentialIssuerConfigKubeConfigInfo) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigKubeConfigInfo.
func (in *CredentialIssuerConfigKubeConfigInfo) DeepCopy() *CredentialIssuerConfigKubeConfigInfo {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigKubeConfigInfo)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigList) DeepCopyInto(out *CredentialIssuerConfigList) {
*out = *in *out = *in
out.TypeMeta = in.TypeMeta out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta) in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil { if in.Items != nil {
in, out := &in.Items, &out.Items in, out := &in.Items, &out.Items
*out = make([]PinnipedDiscoveryInfo, len(*in)) *out = make([]CredentialIssuerConfig, len(*in))
for i := range *in { for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i]) (*in)[i].DeepCopyInto(&(*out)[i])
} }
@ -55,18 +71,18 @@ func (in *PinnipedDiscoveryInfoList) DeepCopyInto(out *PinnipedDiscoveryInfoList
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnipedDiscoveryInfoList. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigList.
func (in *PinnipedDiscoveryInfoList) DeepCopy() *PinnipedDiscoveryInfoList { func (in *CredentialIssuerConfigList) DeepCopy() *CredentialIssuerConfigList {
if in == nil { if in == nil {
return nil return nil
} }
out := new(PinnipedDiscoveryInfoList) out := new(CredentialIssuerConfigList)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *PinnipedDiscoveryInfoList) DeepCopyObject() runtime.Object { func (in *CredentialIssuerConfigList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil { if c := in.DeepCopy(); c != nil {
return c return c
} }
@ -74,17 +90,46 @@ func (in *PinnipedDiscoveryInfoList) DeepCopyObject() runtime.Object {
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PinnipedDiscoveryInfoSpec) DeepCopyInto(out *PinnipedDiscoveryInfoSpec) { func (in *CredentialIssuerConfigStatus) DeepCopyInto(out *CredentialIssuerConfigStatus) {
*out = *in *out = *in
if in.Strategies != nil {
in, out := &in.Strategies, &out.Strategies
*out = make([]CredentialIssuerConfigStrategy, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
if in.KubeConfigInfo != nil {
in, out := &in.KubeConfigInfo, &out.KubeConfigInfo
*out = new(CredentialIssuerConfigKubeConfigInfo)
**out = **in
}
return return
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PinnipedDiscoveryInfoSpec. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStatus.
func (in *PinnipedDiscoveryInfoSpec) DeepCopy() *PinnipedDiscoveryInfoSpec { func (in *CredentialIssuerConfigStatus) DeepCopy() *CredentialIssuerConfigStatus {
if in == nil { if in == nil {
return nil return nil
} }
out := new(PinnipedDiscoveryInfoSpec) out := new(CredentialIssuerConfigStatus)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *CredentialIssuerConfigStrategy) DeepCopyInto(out *CredentialIssuerConfigStrategy) {
*out = *in
in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialIssuerConfigStrategy.
func (in *CredentialIssuerConfigStrategy) DeepCopy() *CredentialIssuerConfigStrategy {
if in == nil {
return nil
}
out := new(CredentialIssuerConfigStrategy)
in.DeepCopyInto(out) in.DeepCopyInto(out)
return out return out
} }

View File

@ -15,7 +15,7 @@ import (
type CrdV1alpha1Interface interface { type CrdV1alpha1Interface interface {
RESTClient() rest.Interface RESTClient() rest.Interface
PinnipedDiscoveryInfosGetter CredentialIssuerConfigsGetter
} }
// CrdV1alpha1Client is used to interact with features provided by the crd.pinniped.dev group. // CrdV1alpha1Client is used to interact with features provided by the crd.pinniped.dev group.
@ -23,8 +23,8 @@ type CrdV1alpha1Client struct {
restClient rest.Interface restClient rest.Interface
} }
func (c *CrdV1alpha1Client) PinnipedDiscoveryInfos(namespace string) PinnipedDiscoveryInfoInterface { func (c *CrdV1alpha1Client) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface {
return newPinnipedDiscoveryInfos(c, namespace) return newCredentialIssuerConfigs(c, namespace)
} }
// NewForConfig creates a new CrdV1alpha1Client for the given config. // NewForConfig creates a new CrdV1alpha1Client for the given config.

View File

@ -0,0 +1,184 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1"
scheme "github.com/suzerain-io/pinniped/generated/1.19/client/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// CredentialIssuerConfigsGetter has a method to return a CredentialIssuerConfigInterface.
// A group's client should implement this interface.
type CredentialIssuerConfigsGetter interface {
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigInterface
}
// CredentialIssuerConfigInterface has methods to work with CredentialIssuerConfig resources.
type CredentialIssuerConfigInterface interface {
Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (*v1alpha1.CredentialIssuerConfig, error)
Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error)
UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.CredentialIssuerConfig, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.CredentialIssuerConfigList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error)
CredentialIssuerConfigExpansion
}
// credentialIssuerConfigs implements CredentialIssuerConfigInterface
type credentialIssuerConfigs struct {
client rest.Interface
ns string
}
// newCredentialIssuerConfigs returns a CredentialIssuerConfigs
func newCredentialIssuerConfigs(c *CrdV1alpha1Client, namespace string) *credentialIssuerConfigs {
return &credentialIssuerConfigs{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *credentialIssuerConfigs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *credentialIssuerConfigs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.CredentialIssuerConfigList{}
err = c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *credentialIssuerConfigs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Post().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *credentialIssuerConfigs) Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *credentialIssuerConfigs) UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Put().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(credentialIssuerConfig.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(credentialIssuerConfig).
Do(ctx).
Into(result)
return
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *credentialIssuerConfigs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *credentialIssuerConfigs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("credentialissuerconfigs").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *credentialIssuerConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
result = &v1alpha1.CredentialIssuerConfig{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("credentialissuerconfigs").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

View File

@ -17,8 +17,8 @@ type FakeCrdV1alpha1 struct {
*testing.Fake *testing.Fake
} }
func (c *FakeCrdV1alpha1) PinnipedDiscoveryInfos(namespace string) v1alpha1.PinnipedDiscoveryInfoInterface { func (c *FakeCrdV1alpha1) CredentialIssuerConfigs(namespace string) v1alpha1.CredentialIssuerConfigInterface {
return &FakePinnipedDiscoveryInfos{c, namespace} return &FakeCredentialIssuerConfigs{c, namespace}
} }
// RESTClient returns a RESTClient that is used to communicate // RESTClient returns a RESTClient that is used to communicate

View File

@ -0,0 +1,131 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeCredentialIssuerConfigs implements CredentialIssuerConfigInterface
type FakeCredentialIssuerConfigs struct {
Fake *FakeCrdV1alpha1
ns string
}
var credentialissuerconfigsResource = schema.GroupVersionResource{Group: "crd.pinniped.dev", Version: "v1alpha1", Resource: "credentialissuerconfigs"}
var credentialissuerconfigsKind = schema.GroupVersionKind{Group: "crd.pinniped.dev", Version: "v1alpha1", Kind: "CredentialIssuerConfig"}
// Get takes name of the credentialIssuerConfig, and returns the corresponding credentialIssuerConfig object, and an error if there is any.
func (c *FakeCredentialIssuerConfigs) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// List takes label and field selectors, and returns the list of CredentialIssuerConfigs that match those selectors.
func (c *FakeCredentialIssuerConfigs) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.CredentialIssuerConfigList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(credentialissuerconfigsResource, credentialissuerconfigsKind, c.ns, opts), &v1alpha1.CredentialIssuerConfigList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.CredentialIssuerConfigList{ListMeta: obj.(*v1alpha1.CredentialIssuerConfigList).ListMeta}
for _, item := range obj.(*v1alpha1.CredentialIssuerConfigList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested credentialIssuerConfigs.
func (c *FakeCredentialIssuerConfigs) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(credentialissuerconfigsResource, c.ns, opts))
}
// Create takes the representation of a credentialIssuerConfig and creates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Create(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.CreateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Update takes the representation of a credentialIssuerConfig and updates it. Returns the server's representation of the credentialIssuerConfig, and an error, if there is any.
func (c *FakeCredentialIssuerConfigs) Update(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(credentialissuerconfigsResource, c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeCredentialIssuerConfigs) UpdateStatus(ctx context.Context, credentialIssuerConfig *v1alpha1.CredentialIssuerConfig, opts v1.UpdateOptions) (*v1alpha1.CredentialIssuerConfig, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(credentialissuerconfigsResource, "status", c.ns, credentialIssuerConfig), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}
// Delete takes name of the credentialIssuerConfig and deletes it. Returns an error if one occurs.
func (c *FakeCredentialIssuerConfigs) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(credentialissuerconfigsResource, c.ns, name), &v1alpha1.CredentialIssuerConfig{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeCredentialIssuerConfigs) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(credentialissuerconfigsResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.CredentialIssuerConfigList{})
return err
}
// Patch applies the patch and returns the patched credentialIssuerConfig.
func (c *FakeCredentialIssuerConfigs) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.CredentialIssuerConfig, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(credentialissuerconfigsResource, c.ns, name, pt, data, subresources...), &v1alpha1.CredentialIssuerConfig{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.CredentialIssuerConfig), err
}

View File

@ -1,119 +0,0 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakePinnipedDiscoveryInfos implements PinnipedDiscoveryInfoInterface
type FakePinnipedDiscoveryInfos struct {
Fake *FakeCrdV1alpha1
ns string
}
var pinnipeddiscoveryinfosResource = schema.GroupVersionResource{Group: "crd.pinniped.dev", Version: "v1alpha1", Resource: "pinnipeddiscoveryinfos"}
var pinnipeddiscoveryinfosKind = schema.GroupVersionKind{Group: "crd.pinniped.dev", Version: "v1alpha1", Kind: "PinnipedDiscoveryInfo"}
// Get takes name of the pinnipedDiscoveryInfo, and returns the corresponding pinnipedDiscoveryInfo object, and an error if there is any.
func (c *FakePinnipedDiscoveryInfos) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(pinnipeddiscoveryinfosResource, c.ns, name), &v1alpha1.PinnipedDiscoveryInfo{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.PinnipedDiscoveryInfo), err
}
// List takes label and field selectors, and returns the list of PinnipedDiscoveryInfos that match those selectors.
func (c *FakePinnipedDiscoveryInfos) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.PinnipedDiscoveryInfoList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(pinnipeddiscoveryinfosResource, pinnipeddiscoveryinfosKind, c.ns, opts), &v1alpha1.PinnipedDiscoveryInfoList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.PinnipedDiscoveryInfoList{ListMeta: obj.(*v1alpha1.PinnipedDiscoveryInfoList).ListMeta}
for _, item := range obj.(*v1alpha1.PinnipedDiscoveryInfoList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested pinnipedDiscoveryInfos.
func (c *FakePinnipedDiscoveryInfos) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(pinnipeddiscoveryinfosResource, c.ns, opts))
}
// Create takes the representation of a pinnipedDiscoveryInfo and creates it. Returns the server's representation of the pinnipedDiscoveryInfo, and an error, if there is any.
func (c *FakePinnipedDiscoveryInfos) Create(ctx context.Context, pinnipedDiscoveryInfo *v1alpha1.PinnipedDiscoveryInfo, opts v1.CreateOptions) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(pinnipeddiscoveryinfosResource, c.ns, pinnipedDiscoveryInfo), &v1alpha1.PinnipedDiscoveryInfo{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.PinnipedDiscoveryInfo), err
}
// Update takes the representation of a pinnipedDiscoveryInfo and updates it. Returns the server's representation of the pinnipedDiscoveryInfo, and an error, if there is any.
func (c *FakePinnipedDiscoveryInfos) Update(ctx context.Context, pinnipedDiscoveryInfo *v1alpha1.PinnipedDiscoveryInfo, opts v1.UpdateOptions) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(pinnipeddiscoveryinfosResource, c.ns, pinnipedDiscoveryInfo), &v1alpha1.PinnipedDiscoveryInfo{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.PinnipedDiscoveryInfo), err
}
// Delete takes name of the pinnipedDiscoveryInfo and deletes it. Returns an error if one occurs.
func (c *FakePinnipedDiscoveryInfos) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(pinnipeddiscoveryinfosResource, c.ns, name), &v1alpha1.PinnipedDiscoveryInfo{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakePinnipedDiscoveryInfos) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(pinnipeddiscoveryinfosResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.PinnipedDiscoveryInfoList{})
return err
}
// Patch applies the patch and returns the patched pinnipedDiscoveryInfo.
func (c *FakePinnipedDiscoveryInfos) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(pinnipeddiscoveryinfosResource, c.ns, name, pt, data, subresources...), &v1alpha1.PinnipedDiscoveryInfo{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.PinnipedDiscoveryInfo), err
}

View File

@ -7,4 +7,4 @@ SPDX-License-Identifier: Apache-2.0
package v1alpha1 package v1alpha1
type PinnipedDiscoveryInfoExpansion interface{} type CredentialIssuerConfigExpansion interface{}

View File

@ -1,167 +0,0 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1"
scheme "github.com/suzerain-io/pinniped/generated/1.19/client/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// PinnipedDiscoveryInfosGetter has a method to return a PinnipedDiscoveryInfoInterface.
// A group's client should implement this interface.
type PinnipedDiscoveryInfosGetter interface {
PinnipedDiscoveryInfos(namespace string) PinnipedDiscoveryInfoInterface
}
// PinnipedDiscoveryInfoInterface has methods to work with PinnipedDiscoveryInfo resources.
type PinnipedDiscoveryInfoInterface interface {
Create(ctx context.Context, pinnipedDiscoveryInfo *v1alpha1.PinnipedDiscoveryInfo, opts v1.CreateOptions) (*v1alpha1.PinnipedDiscoveryInfo, error)
Update(ctx context.Context, pinnipedDiscoveryInfo *v1alpha1.PinnipedDiscoveryInfo, opts v1.UpdateOptions) (*v1alpha1.PinnipedDiscoveryInfo, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.PinnipedDiscoveryInfo, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.PinnipedDiscoveryInfoList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.PinnipedDiscoveryInfo, err error)
PinnipedDiscoveryInfoExpansion
}
// pinnipedDiscoveryInfos implements PinnipedDiscoveryInfoInterface
type pinnipedDiscoveryInfos struct {
client rest.Interface
ns string
}
// newPinnipedDiscoveryInfos returns a PinnipedDiscoveryInfos
func newPinnipedDiscoveryInfos(c *CrdV1alpha1Client, namespace string) *pinnipedDiscoveryInfos {
return &pinnipedDiscoveryInfos{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the pinnipedDiscoveryInfo, and returns the corresponding pinnipedDiscoveryInfo object, and an error if there is any.
func (c *pinnipedDiscoveryInfos) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
result = &v1alpha1.PinnipedDiscoveryInfo{}
err = c.client.Get().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of PinnipedDiscoveryInfos that match those selectors.
func (c *pinnipedDiscoveryInfos) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.PinnipedDiscoveryInfoList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.PinnipedDiscoveryInfoList{}
err = c.client.Get().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested pinnipedDiscoveryInfos.
func (c *pinnipedDiscoveryInfos) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a pinnipedDiscoveryInfo and creates it. Returns the server's representation of the pinnipedDiscoveryInfo, and an error, if there is any.
func (c *pinnipedDiscoveryInfos) Create(ctx context.Context, pinnipedDiscoveryInfo *v1alpha1.PinnipedDiscoveryInfo, opts v1.CreateOptions) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
result = &v1alpha1.PinnipedDiscoveryInfo{}
err = c.client.Post().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
VersionedParams(&opts, scheme.ParameterCodec).
Body(pinnipedDiscoveryInfo).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a pinnipedDiscoveryInfo and updates it. Returns the server's representation of the pinnipedDiscoveryInfo, and an error, if there is any.
func (c *pinnipedDiscoveryInfos) Update(ctx context.Context, pinnipedDiscoveryInfo *v1alpha1.PinnipedDiscoveryInfo, opts v1.UpdateOptions) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
result = &v1alpha1.PinnipedDiscoveryInfo{}
err = c.client.Put().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
Name(pinnipedDiscoveryInfo.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(pinnipedDiscoveryInfo).
Do(ctx).
Into(result)
return
}
// Delete takes name of the pinnipedDiscoveryInfo and deletes it. Returns an error if one occurs.
func (c *pinnipedDiscoveryInfos) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *pinnipedDiscoveryInfos) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched pinnipedDiscoveryInfo.
func (c *pinnipedDiscoveryInfos) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.PinnipedDiscoveryInfo, err error) {
result = &v1alpha1.PinnipedDiscoveryInfo{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("pinnipeddiscoveryinfos").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

View File

@ -0,0 +1,79 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
crdpinnipedv1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1"
versioned "github.com/suzerain-io/pinniped/generated/1.19/client/clientset/versioned"
internalinterfaces "github.com/suzerain-io/pinniped/generated/1.19/client/informers/externalversions/internalinterfaces"
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/client/listers/crdpinniped/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigInformer provides access to a shared informer and lister for
// CredentialIssuerConfigs.
type CredentialIssuerConfigInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.CredentialIssuerConfigLister
}
type credentialIssuerConfigInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredCredentialIssuerConfigInformer constructs a new informer for CredentialIssuerConfig type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredCredentialIssuerConfigInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.CrdV1alpha1().CredentialIssuerConfigs(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.CrdV1alpha1().CredentialIssuerConfigs(namespace).Watch(context.TODO(), options)
},
},
&crdpinnipedv1alpha1.CredentialIssuerConfig{},
resyncPeriod,
indexers,
)
}
func (f *credentialIssuerConfigInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredCredentialIssuerConfigInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *credentialIssuerConfigInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&crdpinnipedv1alpha1.CredentialIssuerConfig{}, f.defaultInformer)
}
func (f *credentialIssuerConfigInformer) Lister() v1alpha1.CredentialIssuerConfigLister {
return v1alpha1.NewCredentialIssuerConfigLister(f.Informer().GetIndexer())
}

View File

@ -13,8 +13,8 @@ import (
// Interface provides access to all the informers in this group version. // Interface provides access to all the informers in this group version.
type Interface interface { type Interface interface {
// PinnipedDiscoveryInfos returns a PinnipedDiscoveryInfoInformer. // CredentialIssuerConfigs returns a CredentialIssuerConfigInformer.
PinnipedDiscoveryInfos() PinnipedDiscoveryInfoInformer CredentialIssuerConfigs() CredentialIssuerConfigInformer
} }
type version struct { type version struct {
@ -28,7 +28,7 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
} }
// PinnipedDiscoveryInfos returns a PinnipedDiscoveryInfoInformer. // CredentialIssuerConfigs returns a CredentialIssuerConfigInformer.
func (v *version) PinnipedDiscoveryInfos() PinnipedDiscoveryInfoInformer { func (v *version) CredentialIssuerConfigs() CredentialIssuerConfigInformer {
return &pinnipedDiscoveryInfoInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} return &credentialIssuerConfigInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
} }

View File

@ -1,79 +0,0 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
crdpinnipedv1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1"
versioned "github.com/suzerain-io/pinniped/generated/1.19/client/clientset/versioned"
internalinterfaces "github.com/suzerain-io/pinniped/generated/1.19/client/informers/externalversions/internalinterfaces"
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/client/listers/crdpinniped/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// PinnipedDiscoveryInfoInformer provides access to a shared informer and lister for
// PinnipedDiscoveryInfos.
type PinnipedDiscoveryInfoInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.PinnipedDiscoveryInfoLister
}
type pinnipedDiscoveryInfoInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewPinnipedDiscoveryInfoInformer constructs a new informer for PinnipedDiscoveryInfo type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewPinnipedDiscoveryInfoInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredPinnipedDiscoveryInfoInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredPinnipedDiscoveryInfoInformer constructs a new informer for PinnipedDiscoveryInfo type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredPinnipedDiscoveryInfoInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.CrdV1alpha1().PinnipedDiscoveryInfos(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.CrdV1alpha1().PinnipedDiscoveryInfos(namespace).Watch(context.TODO(), options)
},
},
&crdpinnipedv1alpha1.PinnipedDiscoveryInfo{},
resyncPeriod,
indexers,
)
}
func (f *pinnipedDiscoveryInfoInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredPinnipedDiscoveryInfoInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *pinnipedDiscoveryInfoInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&crdpinnipedv1alpha1.PinnipedDiscoveryInfo{}, f.defaultInformer)
}
func (f *pinnipedDiscoveryInfoInformer) Lister() v1alpha1.PinnipedDiscoveryInfoLister {
return v1alpha1.NewPinnipedDiscoveryInfoLister(f.Informer().GetIndexer())
}

View File

@ -43,8 +43,8 @@ func (f *genericInformer) Lister() cache.GenericLister {
func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) {
switch resource { switch resource {
// Group=crd.pinniped.dev, Version=v1alpha1 // Group=crd.pinniped.dev, Version=v1alpha1
case v1alpha1.SchemeGroupVersion.WithResource("pinnipeddiscoveryinfos"): case v1alpha1.SchemeGroupVersion.WithResource("credentialissuerconfigs"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1alpha1().PinnipedDiscoveryInfos().Informer()}, nil return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1alpha1().CredentialIssuerConfigs().Informer()}, nil
// Group=pinniped.dev, Version=v1alpha1 // Group=pinniped.dev, Version=v1alpha1
case pinnipedv1alpha1.SchemeGroupVersion.WithResource("credentialrequests"): case pinnipedv1alpha1.SchemeGroupVersion.WithResource("credentialrequests"):

View File

@ -0,0 +1,88 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// CredentialIssuerConfigLister helps list CredentialIssuerConfigs.
// All objects returned here must be treated as read-only.
type CredentialIssuerConfigLister interface {
// List lists all CredentialIssuerConfigs in the indexer.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister
CredentialIssuerConfigListerExpansion
}
// credentialIssuerConfigLister implements the CredentialIssuerConfigLister interface.
type credentialIssuerConfigLister struct {
indexer cache.Indexer
}
// NewCredentialIssuerConfigLister returns a new CredentialIssuerConfigLister.
func NewCredentialIssuerConfigLister(indexer cache.Indexer) CredentialIssuerConfigLister {
return &credentialIssuerConfigLister{indexer: indexer}
}
// List lists all CredentialIssuerConfigs in the indexer.
func (s *credentialIssuerConfigLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// CredentialIssuerConfigs returns an object that can list and get CredentialIssuerConfigs.
func (s *credentialIssuerConfigLister) CredentialIssuerConfigs(namespace string) CredentialIssuerConfigNamespaceLister {
return credentialIssuerConfigNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// CredentialIssuerConfigNamespaceLister helps list and get CredentialIssuerConfigs.
// All objects returned here must be treated as read-only.
type CredentialIssuerConfigNamespaceLister interface {
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error)
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
// Objects returned here must be treated as read-only.
Get(name string) (*v1alpha1.CredentialIssuerConfig, error)
CredentialIssuerConfigNamespaceListerExpansion
}
// credentialIssuerConfigNamespaceLister implements the CredentialIssuerConfigNamespaceLister
// interface.
type credentialIssuerConfigNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all CredentialIssuerConfigs in the indexer for a given namespace.
func (s credentialIssuerConfigNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.CredentialIssuerConfig, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.CredentialIssuerConfig))
})
return ret, err
}
// Get retrieves the CredentialIssuerConfig from the indexer for a given namespace and name.
func (s credentialIssuerConfigNamespaceLister) Get(name string) (*v1alpha1.CredentialIssuerConfig, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("credentialissuerconfig"), name)
}
return obj.(*v1alpha1.CredentialIssuerConfig), nil
}

View File

@ -7,10 +7,10 @@ SPDX-License-Identifier: Apache-2.0
package v1alpha1 package v1alpha1
// PinnipedDiscoveryInfoListerExpansion allows custom methods to be added to // CredentialIssuerConfigListerExpansion allows custom methods to be added to
// PinnipedDiscoveryInfoLister. // CredentialIssuerConfigLister.
type PinnipedDiscoveryInfoListerExpansion interface{} type CredentialIssuerConfigListerExpansion interface{}
// PinnipedDiscoveryInfoNamespaceListerExpansion allows custom methods to be added to // CredentialIssuerConfigNamespaceListerExpansion allows custom methods to be added to
// PinnipedDiscoveryInfoNamespaceLister. // CredentialIssuerConfigNamespaceLister.
type PinnipedDiscoveryInfoNamespaceListerExpansion interface{} type CredentialIssuerConfigNamespaceListerExpansion interface{}

View File

@ -1,88 +0,0 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
)
// PinnipedDiscoveryInfoLister helps list PinnipedDiscoveryInfos.
// All objects returned here must be treated as read-only.
type PinnipedDiscoveryInfoLister interface {
// List lists all PinnipedDiscoveryInfos in the indexer.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v1alpha1.PinnipedDiscoveryInfo, err error)
// PinnipedDiscoveryInfos returns an object that can list and get PinnipedDiscoveryInfos.
PinnipedDiscoveryInfos(namespace string) PinnipedDiscoveryInfoNamespaceLister
PinnipedDiscoveryInfoListerExpansion
}
// pinnipedDiscoveryInfoLister implements the PinnipedDiscoveryInfoLister interface.
type pinnipedDiscoveryInfoLister struct {
indexer cache.Indexer
}
// NewPinnipedDiscoveryInfoLister returns a new PinnipedDiscoveryInfoLister.
func NewPinnipedDiscoveryInfoLister(indexer cache.Indexer) PinnipedDiscoveryInfoLister {
return &pinnipedDiscoveryInfoLister{indexer: indexer}
}
// List lists all PinnipedDiscoveryInfos in the indexer.
func (s *pinnipedDiscoveryInfoLister) List(selector labels.Selector) (ret []*v1alpha1.PinnipedDiscoveryInfo, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.PinnipedDiscoveryInfo))
})
return ret, err
}
// PinnipedDiscoveryInfos returns an object that can list and get PinnipedDiscoveryInfos.
func (s *pinnipedDiscoveryInfoLister) PinnipedDiscoveryInfos(namespace string) PinnipedDiscoveryInfoNamespaceLister {
return pinnipedDiscoveryInfoNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// PinnipedDiscoveryInfoNamespaceLister helps list and get PinnipedDiscoveryInfos.
// All objects returned here must be treated as read-only.
type PinnipedDiscoveryInfoNamespaceLister interface {
// List lists all PinnipedDiscoveryInfos in the indexer for a given namespace.
// Objects returned here must be treated as read-only.
List(selector labels.Selector) (ret []*v1alpha1.PinnipedDiscoveryInfo, err error)
// Get retrieves the PinnipedDiscoveryInfo from the indexer for a given namespace and name.
// Objects returned here must be treated as read-only.
Get(name string) (*v1alpha1.PinnipedDiscoveryInfo, error)
PinnipedDiscoveryInfoNamespaceListerExpansion
}
// pinnipedDiscoveryInfoNamespaceLister implements the PinnipedDiscoveryInfoNamespaceLister
// interface.
type pinnipedDiscoveryInfoNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all PinnipedDiscoveryInfos in the indexer for a given namespace.
func (s pinnipedDiscoveryInfoNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.PinnipedDiscoveryInfo, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.PinnipedDiscoveryInfo))
})
return ret, err
}
// Get retrieves the PinnipedDiscoveryInfo from the indexer for a given namespace and name.
func (s pinnipedDiscoveryInfoNamespaceLister) Get(name string) (*v1alpha1.PinnipedDiscoveryInfo, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("pinnipeddiscoveryinfo"), name)
}
return obj.(*v1alpha1.PinnipedDiscoveryInfo), nil
}

View File

@ -19,9 +19,11 @@ import (
func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition {
return map[string]common.OpenAPIDefinition{ return map[string]common.OpenAPIDefinition{
"github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfo": schema_119_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfo(ref), "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.CredentialIssuerConfig": schema_119_apis_crdpinniped_v1alpha1_CredentialIssuerConfig(ref),
"github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfoList": schema_119_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoList(ref), "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.CredentialIssuerConfigKubeConfigInfo": schema_119_apis_crdpinniped_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref),
"github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfoSpec": schema_119_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoSpec(ref), "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.CredentialIssuerConfigList": schema_119_apis_crdpinniped_v1alpha1_CredentialIssuerConfigList(ref),
"github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStatus": schema_119_apis_crdpinniped_v1alpha1_CredentialIssuerConfigStatus(ref),
"github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStrategy": schema_119_apis_crdpinniped_v1alpha1_CredentialIssuerConfigStrategy(ref),
"github.com/suzerain-io/pinniped/generated/1.19/apis/pinniped/v1alpha1.CredentialRequest": schema_119_apis_pinniped_v1alpha1_CredentialRequest(ref), "github.com/suzerain-io/pinniped/generated/1.19/apis/pinniped/v1alpha1.CredentialRequest": schema_119_apis_pinniped_v1alpha1_CredentialRequest(ref),
"github.com/suzerain-io/pinniped/generated/1.19/apis/pinniped/v1alpha1.CredentialRequestCredential": schema_119_apis_pinniped_v1alpha1_CredentialRequestCredential(ref), "github.com/suzerain-io/pinniped/generated/1.19/apis/pinniped/v1alpha1.CredentialRequestCredential": schema_119_apis_pinniped_v1alpha1_CredentialRequestCredential(ref),
"github.com/suzerain-io/pinniped/generated/1.19/apis/pinniped/v1alpha1.CredentialRequestList": schema_119_apis_pinniped_v1alpha1_CredentialRequestList(ref), "github.com/suzerain-io/pinniped/generated/1.19/apis/pinniped/v1alpha1.CredentialRequestList": schema_119_apis_pinniped_v1alpha1_CredentialRequestList(ref),
@ -83,7 +85,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
} }
} }
func schema_119_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_119_apis_crdpinniped_v1alpha1_CredentialIssuerConfig(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -108,21 +110,47 @@ func schema_119_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfo(ref common.Refer
Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"),
}, },
}, },
"spec": { "status": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Ref: ref("github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfoSpec"), Ref: ref("github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStatus"),
}, },
}, },
}, },
Required: []string{"spec"}, Required: []string{"status"},
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfoSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"},
} }
} }
func schema_119_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoList(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_119_apis_crdpinniped_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
Type: []string{"object"},
Properties: map[string]spec.Schema{
"server": {
SchemaProps: spec.SchemaProps{
Description: "The K8s API server URL. Required.",
Type: []string{"string"},
Format: "",
},
},
"certificateAuthorityData": {
SchemaProps: spec.SchemaProps{
Description: "The K8s API server CA bundle. Required.",
Type: []string{"string"},
Format: "",
},
},
},
},
},
}
}
func schema_119_apis_crdpinniped_v1alpha1_CredentialIssuerConfigList(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
@ -153,7 +181,7 @@ func schema_119_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoList(ref common.R
Items: &spec.SchemaOrArray{ Items: &spec.SchemaOrArray{
Schema: &spec.Schema{ Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Ref: ref("github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfo"), Ref: ref("github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.CredentialIssuerConfig"),
}, },
}, },
}, },
@ -164,33 +192,83 @@ func schema_119_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoList(ref common.R
}, },
}, },
Dependencies: []string{ Dependencies: []string{
"github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.PinnipedDiscoveryInfo", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.CredentialIssuerConfig", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"},
} }
} }
func schema_119_apis_crdpinniped_v1alpha1_PinnipedDiscoveryInfoSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { func schema_119_apis_crdpinniped_v1alpha1_CredentialIssuerConfigStatus(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{ return common.OpenAPIDefinition{
Schema: spec.Schema{ Schema: spec.Schema{
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Type: []string{"object"}, Type: []string{"object"},
Properties: map[string]spec.Schema{ Properties: map[string]spec.Schema{
"server": { "strategies": {
SchemaProps: spec.SchemaProps{
Type: []string{"array"},
Items: &spec.SchemaOrArray{
Schema: &spec.Schema{
SchemaProps: spec.SchemaProps{
Ref: ref("github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStrategy"),
},
},
},
},
},
"kubeConfigInfo": {
SchemaProps: spec.SchemaProps{
Ref: ref("github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.CredentialIssuerConfigKubeConfigInfo"),
},
},
},
Required: []string{"strategies"},
},
},
Dependencies: []string{
"github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.CredentialIssuerConfigKubeConfigInfo", "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1.CredentialIssuerConfigStrategy"},
}
}
func schema_119_apis_crdpinniped_v1alpha1_CredentialIssuerConfigStrategy(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
SchemaProps: spec.SchemaProps{
Type: []string{"object"},
Properties: map[string]spec.Schema{
"type": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "The K8s API server URL. Required.",
Type: []string{"string"}, Type: []string{"string"},
Format: "", Format: "",
}, },
}, },
"certificateAuthorityData": { "status": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "The K8s API server CA bundle. Required.",
Type: []string{"string"}, Type: []string{"string"},
Format: "", Format: "",
}, },
}, },
"reason": {
SchemaProps: spec.SchemaProps{
Type: []string{"string"},
Format: "",
},
},
"message": {
SchemaProps: spec.SchemaProps{
Type: []string{"string"},
Format: "",
},
},
"lastUpdateTime": {
SchemaProps: spec.SchemaProps{
Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"),
}, },
}, },
}, },
Required: []string{"lastUpdateTime"},
},
},
Dependencies: []string{
"k8s.io/apimachinery/pkg/apis/meta/v1.Time"},
} }
} }

View File

@ -1,5 +1,10 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# Copyright 2020 VMware, Inc.
# SPDX-License-Identifier: Apache-2.0
set -euo pipefail set -euo pipefail
ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." && pwd )" ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." && pwd )"
KUBE_ROOT="${ROOT}" # required by `hack/lib/version.sh` KUBE_ROOT="${ROOT}" # required by `hack/lib/version.sh`

View File

@ -1,5 +1,8 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# Copyright 2020 VMware, Inc.
# SPDX-License-Identifier: Apache-2.0
set -euo pipefail set -euo pipefail
ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"

View File

@ -2,7 +2,9 @@
# Copyright 2020 VMware, Inc. # Copyright 2020 VMware, Inc.
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
set -euo pipefail set -euo pipefail
ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." && pwd )" ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." && pwd )"
"$ROOT/hack/module.sh" unittest "$ROOT/hack/module.sh" unittest

View File

@ -2,7 +2,9 @@
# Copyright 2020 VMware, Inc. # Copyright 2020 VMware, Inc.
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
set -euo pipefail set -euo pipefail
ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." && pwd )" ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." && pwd )"
xargs "$ROOT/hack/lib/update-codegen.sh" < "${ROOT}/hack/lib/kube-versions.txt" xargs "$ROOT/hack/lib/update-codegen.sh" < "${ROOT}/hack/lib/kube-versions.txt"

View File

@ -2,7 +2,9 @@
# Copyright 2020 VMware, Inc. # Copyright 2020 VMware, Inc.
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
set -euo pipefail set -euo pipefail
ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." && pwd )" ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." && pwd )"
xargs "$ROOT/hack/lib/verify-codegen.sh" < "${ROOT}/hack/lib/kube-versions.txt" xargs "$ROOT/hack/lib/verify-codegen.sh" < "${ROOT}/hack/lib/kube-versions.txt"

View File

@ -30,6 +30,7 @@ import (
// ErrNoKubeControllerManagerPod is returned when no kube-controller-manager pod is found on the cluster. // ErrNoKubeControllerManagerPod is returned when no kube-controller-manager pod is found on the cluster.
const ErrNoKubeControllerManagerPod = constable.Error("did not find kube-controller-manager pod") const ErrNoKubeControllerManagerPod = constable.Error("did not find kube-controller-manager pod")
const ErrIncapableOfIssuingCertificates = constable.Error("this cluster is not currently capable of issuing certificates")
const k8sAPIServerCACertPEMDefaultPath = "/etc/kubernetes/ca/ca.pem" const k8sAPIServerCACertPEMDefaultPath = "/etc/kubernetes/ca/ca.pem"
const k8sAPIServerCAKeyPEMDefaultPath = "/etc/kubernetes/ca/ca.key" const k8sAPIServerCAKeyPEMDefaultPath = "/etc/kubernetes/ca/ca.key"
@ -86,31 +87,50 @@ type CA struct {
shutdown, done chan struct{} shutdown, done chan struct{}
onSuccessfulRefresh SuccessCallback
onFailedRefresh FailureCallback
lock sync.RWMutex lock sync.RWMutex
activeSigner signer activeSigner signer
} }
type ShutdownFunc func() type ShutdownFunc func()
type SuccessCallback func()
type FailureCallback func(error)
// New creates a new instance of a CA which is has loaded the kube API server's private key // New creates a new instance of a CA. It tries to load the kube API server's private key
// and is ready to issue certs, or an error. When successful, it also starts a goroutine // immediately. If that succeeds then it calls the success callback and it is ready to issue certs.
// to periodically reload the kube API server's private key in case it changed, and returns // When it fails to get the kube API server's private key, then it calls the failure callback and
// a function that can be used to shut down that goroutine. // it will try again on the next tick. It starts a goroutine to periodically reload the kube
func New(kubeClient kubernetes.Interface, podCommandExecutor PodCommandExecutor, tick <-chan time.Time) (*CA, ShutdownFunc, error) { // API server's private key in case it failed previously or case the key has changed. It returns
// a function that can be used to shut down that goroutine. Future attempts made by that goroutine
// to get the key will also result in success or failure callbacks.
func New(
kubeClient kubernetes.Interface,
podCommandExecutor PodCommandExecutor,
tick <-chan time.Time,
onSuccessfulRefresh SuccessCallback,
onFailedRefresh FailureCallback,
) (*CA, ShutdownFunc) {
signer, err := createSignerWithAPIServerSecret(kubeClient, podCommandExecutor) signer, err := createSignerWithAPIServerSecret(kubeClient, podCommandExecutor)
if err != nil { if err != nil {
// The initial load failed, so give up klog.Errorf("could not initially fetch the API server's signing key: %s", err)
return nil, nil, err signer = nil
onFailedRefresh(err)
} else {
onSuccessfulRefresh()
} }
result := &CA{ result := &CA{
kubeClient: kubeClient, kubeClient: kubeClient,
podCommandExecutor: podCommandExecutor, podCommandExecutor: podCommandExecutor,
activeSigner: signer,
shutdown: make(chan struct{}), shutdown: make(chan struct{}),
done: make(chan struct{}), done: make(chan struct{}),
onSuccessfulRefresh: onSuccessfulRefresh,
onFailedRefresh: onFailedRefresh,
activeSigner: signer,
} }
go result.refreshLoop(tick) go result.refreshLoop(tick)
return result, result.shutdownRefresh, nil return result, result.shutdownRefresh
} }
func createSignerWithAPIServerSecret(kubeClient kubernetes.Interface, podCommandExecutor PodCommandExecutor) (signer, error) { func createSignerWithAPIServerSecret(kubeClient kubernetes.Interface, podCommandExecutor PodCommandExecutor) (signer, error) {
@ -152,11 +172,13 @@ func (c *CA) updateSigner() {
newSigner, err := createSignerWithAPIServerSecret(c.kubeClient, c.podCommandExecutor) newSigner, err := createSignerWithAPIServerSecret(c.kubeClient, c.podCommandExecutor)
if err != nil { if err != nil {
klog.Errorf("could not create signer with API server secret: %s", err) klog.Errorf("could not create signer with API server secret: %s", err)
c.onFailedRefresh(err)
return return
} }
c.lock.Lock() c.lock.Lock()
c.activeSigner = newSigner c.activeSigner = newSigner
c.lock.Unlock() c.lock.Unlock()
c.onSuccessfulRefresh()
} }
func (c *CA) shutdownRefresh() { func (c *CA) shutdownRefresh() {
@ -171,6 +193,10 @@ func (c *CA) IssuePEM(subject pkix.Name, dnsNames []string, ttl time.Duration) (
signer := c.activeSigner signer := c.activeSigner
c.lock.RUnlock() c.lock.RUnlock()
if signer == nil {
return nil, nil, ErrIncapableOfIssuingCertificates
}
return signer.IssuePEM(subject, dnsNames, ttl) return signer.IssuePEM(subject, dnsNames, ttl)
} }

View File

@ -9,9 +9,9 @@ import (
"crypto/x509" "crypto/x509"
"crypto/x509/pkix" "crypto/x509/pkix"
"encoding/pem" "encoding/pem"
"errors"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
"sync"
"testing" "testing"
"time" "time"
@ -53,6 +53,46 @@ func (s *fakePodExecutor) Exec(podNamespace string, podName string, commandAndAr
return result, nil return result, nil
} }
type callbackRecorder struct {
numberOfTimesSuccessCalled int
numberOfTimesFailureCalled int
failureErrors []error
mutex sync.Mutex
}
func (c *callbackRecorder) OnSuccess() {
c.mutex.Lock()
defer c.mutex.Unlock()
c.numberOfTimesSuccessCalled++
}
func (c *callbackRecorder) OnFailure(err error) {
c.mutex.Lock()
defer c.mutex.Unlock()
c.numberOfTimesFailureCalled++
c.failureErrors = append(c.failureErrors, err)
}
func (c *callbackRecorder) NumberOfTimesSuccessCalled() int {
c.mutex.Lock()
defer c.mutex.Unlock()
return c.numberOfTimesSuccessCalled
}
func (c *callbackRecorder) NumberOfTimesFailureCalled() int {
c.mutex.Lock()
defer c.mutex.Unlock()
return c.numberOfTimesFailureCalled
}
func (c *callbackRecorder) FailureErrors() []error {
c.mutex.Lock()
defer c.mutex.Unlock()
var errs = make([]error, len(c.failureErrors))
copy(errs, c.failureErrors)
return errs
}
func TestCA(t *testing.T) { func TestCA(t *testing.T) {
spec.Run(t, "CA", func(t *testing.T, when spec.G, it spec.S) { spec.Run(t, "CA", func(t *testing.T, when spec.G, it spec.S) {
var r *require.Assertions var r *require.Assertions
@ -62,9 +102,29 @@ func TestCA(t *testing.T) {
var kubeAPIClient *kubernetesfake.Clientset var kubeAPIClient *kubernetesfake.Clientset
var fakeExecutor *fakePodExecutor var fakeExecutor *fakePodExecutor
var neverTicker <-chan time.Time var neverTicker <-chan time.Time
var callbacks *callbackRecorder
var logger *testutil.TranscriptLogger var logger *testutil.TranscriptLogger
var requireInitialFailureLogMessage = func(specificErrorMessage string) {
r.Len(logger.Transcript(), 1)
r.Equal(
fmt.Sprintf("could not initially fetch the API server's signing key: %s\n", specificErrorMessage),
logger.Transcript()[0].Message,
)
r.Equal(logger.Transcript()[0].Level, "error")
}
var requireNotCapableOfIssuingCerts = func(subject *CA) {
certPEM, keyPEM, err := subject.IssuePEM(
pkix.Name{CommonName: "Test Server"},
[]string{"example.com"},
10*time.Minute,
)
r.Nil(certPEM)
r.Nil(keyPEM)
r.EqualError(err, "this cluster is not currently capable of issuing certificates")
}
it.Before(func() { it.Before(func() {
r = require.New(t) r = require.New(t)
@ -104,6 +164,8 @@ func TestCA(t *testing.T) {
}, },
} }
callbacks = &callbackRecorder{}
logger = testutil.NewTranscriptLogger(t) logger = testutil.NewTranscriptLogger(t)
klog.SetLogger(logger) // this is unfortunately a global logger, so can't run these tests in parallel :( klog.SetLogger(logger) // this is unfortunately a global logger, so can't run these tests in parallel :(
}) })
@ -122,9 +184,7 @@ func TestCA(t *testing.T) {
it("finds the API server's signing key and uses it to issue certificates", func() { it("finds the API server's signing key and uses it to issue certificates", func() {
fakeTicker := make(chan time.Time) fakeTicker := make(chan time.Time)
subject, shutdownFunc, err := New(kubeAPIClient, fakeExecutor, fakeTicker) subject, shutdownFunc := New(kubeAPIClient, fakeExecutor, fakeTicker, callbacks.OnSuccess, callbacks.OnFailure)
r.NoError(err)
r.NotNil(shutdownFunc)
defer shutdownFunc() defer shutdownFunc()
r.Equal(2, fakeExecutor.callCount) r.Equal(2, fakeExecutor.callCount)
@ -137,6 +197,9 @@ func TestCA(t *testing.T) {
r.Equal("fake-pod", fakeExecutor.calledWithPodName[1]) r.Equal("fake-pod", fakeExecutor.calledWithPodName[1])
r.Equal([]string{"cat", "/etc/kubernetes/ca/ca.key"}, fakeExecutor.calledWithCommandAndArgs[1]) r.Equal([]string{"cat", "/etc/kubernetes/ca/ca.key"}, fakeExecutor.calledWithCommandAndArgs[1])
r.Equal(1, callbacks.NumberOfTimesSuccessCalled())
r.Equal(0, callbacks.NumberOfTimesFailureCalled())
// Validate that we can issue a certificate signed by the original API server CA. // Validate that we can issue a certificate signed by the original API server CA.
certPEM, keyPEM, err := subject.IssuePEM( certPEM, keyPEM, err := subject.IssuePEM(
pkix.Name{CommonName: "Test Server"}, pkix.Name{CommonName: "Test Server"},
@ -152,6 +215,10 @@ func TestCA(t *testing.T) {
// Tick the timer and wait for another refresh loop to complete. // Tick the timer and wait for another refresh loop to complete.
fakeTicker <- time.Now() fakeTicker <- time.Now()
r.Equal(1, callbacks.NumberOfTimesSuccessCalled())
r.Equal(0, callbacks.NumberOfTimesFailureCalled())
// Eventually it starts issuing certs using the new signing key.
var secondCertPEM, secondKeyPEM string var secondCertPEM, secondKeyPEM string
r.Eventually(func() bool { r.Eventually(func() bool {
certPEM, keyPEM, err := subject.IssuePEM( certPEM, keyPEM, err := subject.IssuePEM(
@ -191,11 +258,11 @@ func TestCA(t *testing.T) {
it("logs an error message", func() { it("logs an error message", func() {
fakeTicker := make(chan time.Time) fakeTicker := make(chan time.Time)
subject, shutdownFunc, err := New(kubeAPIClient, fakeExecutor, fakeTicker) subject, shutdownFunc := New(kubeAPIClient, fakeExecutor, fakeTicker, callbacks.OnSuccess, callbacks.OnFailure)
r.NoError(err)
r.NotNil(shutdownFunc)
defer shutdownFunc() defer shutdownFunc()
r.Equal(2, fakeExecutor.callCount) r.Equal(2, fakeExecutor.callCount)
r.Equal(1, callbacks.NumberOfTimesSuccessCalled())
r.Equal(0, callbacks.NumberOfTimesFailureCalled())
// Tick the timer and wait for another refresh loop to complete. // Tick the timer and wait for another refresh loop to complete.
fakeTicker <- time.Now() fakeTicker <- time.Now()
@ -205,6 +272,10 @@ func TestCA(t *testing.T) {
r.Contains(logger.Transcript()[0].Message, "could not create signer with API server secret: some exec error") r.Contains(logger.Transcript()[0].Message, "could not create signer with API server secret: some exec error")
r.Equal(logger.Transcript()[0].Level, "error") r.Equal(logger.Transcript()[0].Level, "error")
r.Equal(1, callbacks.NumberOfTimesSuccessCalled())
r.Equal(1, callbacks.NumberOfTimesFailureCalled())
r.EqualError(callbacks.FailureErrors()[0], "some exec error")
// Validate that we can still issue a certificate signed by the original API server CA. // Validate that we can still issue a certificate signed by the original API server CA.
certPEM, _, err := subject.IssuePEM( certPEM, _, err := subject.IssuePEM(
pkix.Name{CommonName: "Test Server"}, pkix.Name{CommonName: "Test Server"},
@ -216,16 +287,62 @@ func TestCA(t *testing.T) {
}) })
}) })
when("the exec commands fail the first time but subsequently returns the API server's keypair", func() {
it.Before(func() {
fakeExecutor.errorsToReturn = []error{fmt.Errorf("some exec error"), nil, nil}
fakeExecutor.resultsToReturn = []string{"", fakeCertPEM, fakeKeyPEM}
})
it("logs an error message and fails to issue certs until it can get the API server's keypair", func() {
fakeTicker := make(chan time.Time)
subject, shutdownFunc := New(kubeAPIClient, fakeExecutor, fakeTicker, callbacks.OnSuccess, callbacks.OnFailure)
defer shutdownFunc()
r.Equal(1, fakeExecutor.callCount)
r.Equal(0, callbacks.NumberOfTimesSuccessCalled())
r.Equal(1, callbacks.NumberOfTimesFailureCalled())
r.EqualError(callbacks.FailureErrors()[0], "some exec error")
requireInitialFailureLogMessage("some exec error")
requireNotCapableOfIssuingCerts(subject)
// Tick the timer and wait for another refresh loop to complete.
fakeTicker <- time.Now()
// Wait until it can start to issue certs, and then validate the issued cert.
var certPEM, keyPEM []byte
r.Eventually(func() bool {
var err error
certPEM, keyPEM, err = subject.IssuePEM(
pkix.Name{CommonName: "Test Server"},
[]string{"example.com"},
10*time.Minute,
)
return err == nil
}, 5*time.Second, 10*time.Millisecond)
validCert := testutil.ValidateCertificate(t, fakeCertPEM, string(certPEM))
validCert.RequireDNSName("example.com")
validCert.RequireLifetime(time.Now().Add(-5*time.Minute), time.Now().Add(10*time.Minute), 1*time.Minute)
validCert.RequireMatchesPrivateKey(string(keyPEM))
r.Equal(1, callbacks.NumberOfTimesSuccessCalled())
r.Equal(1, callbacks.NumberOfTimesFailureCalled())
})
})
when("the exec commands succeed but return garbage", func() { when("the exec commands succeed but return garbage", func() {
it.Before(func() { it.Before(func() {
fakeExecutor.resultsToReturn = []string{"not a cert", "not a private key"} fakeExecutor.resultsToReturn = []string{"not a cert", "not a private key"}
}) })
it("returns an error", func() { it("returns a CA who cannot issue certs", func() {
subject, shutdownFunc, err := New(kubeAPIClient, fakeExecutor, neverTicker) subject, shutdownFunc := New(kubeAPIClient, fakeExecutor, neverTicker, callbacks.OnSuccess, callbacks.OnFailure)
r.Nil(subject) defer shutdownFunc()
r.Nil(shutdownFunc) requireInitialFailureLogMessage("could not load CA: tls: failed to find any PEM data in certificate input")
r.EqualError(err, "could not load CA: tls: failed to find any PEM data in certificate input") requireNotCapableOfIssuingCerts(subject)
r.Equal(0, callbacks.NumberOfTimesSuccessCalled())
r.Equal(1, callbacks.NumberOfTimesFailureCalled())
r.EqualError(callbacks.FailureErrors()[0], "could not load CA: tls: failed to find any PEM data in certificate input")
}) })
}) })
@ -234,11 +351,14 @@ func TestCA(t *testing.T) {
fakeExecutor.errorsToReturn = []error{fmt.Errorf("some error"), nil} fakeExecutor.errorsToReturn = []error{fmt.Errorf("some error"), nil}
}) })
it("returns an error", func() { it("returns a CA who cannot issue certs", func() {
subject, shutdownFunc, err := New(kubeAPIClient, fakeExecutor, neverTicker) subject, shutdownFunc := New(kubeAPIClient, fakeExecutor, neverTicker, callbacks.OnSuccess, callbacks.OnFailure)
r.Nil(subject) defer shutdownFunc()
r.Nil(shutdownFunc) requireInitialFailureLogMessage("some error")
r.EqualError(err, "some error") requireNotCapableOfIssuingCerts(subject)
r.Equal(0, callbacks.NumberOfTimesSuccessCalled())
r.Equal(1, callbacks.NumberOfTimesFailureCalled())
r.EqualError(callbacks.FailureErrors()[0], "some error")
}) })
}) })
@ -247,11 +367,14 @@ func TestCA(t *testing.T) {
fakeExecutor.errorsToReturn = []error{nil, fmt.Errorf("some error")} fakeExecutor.errorsToReturn = []error{nil, fmt.Errorf("some error")}
}) })
it("returns an error", func() { it("returns a CA who cannot issue certs", func() {
subject, shutdownFunc, err := New(kubeAPIClient, fakeExecutor, neverTicker) subject, shutdownFunc := New(kubeAPIClient, fakeExecutor, neverTicker, callbacks.OnSuccess, callbacks.OnFailure)
r.Nil(subject) defer shutdownFunc()
r.Nil(shutdownFunc) requireInitialFailureLogMessage("some error")
r.EqualError(err, "some error") requireNotCapableOfIssuingCerts(subject)
r.Equal(0, callbacks.NumberOfTimesSuccessCalled())
r.Equal(1, callbacks.NumberOfTimesFailureCalled())
r.EqualError(callbacks.FailureErrors()[0], "some error")
}) })
}) })
}) })
@ -270,9 +393,7 @@ func TestCA(t *testing.T) {
}) })
it("finds the API server's signing key and uses it to issue certificates", func() { it("finds the API server's signing key and uses it to issue certificates", func() {
_, shutdownFunc, err := New(kubeAPIClient, fakeExecutor, neverTicker) _, shutdownFunc := New(kubeAPIClient, fakeExecutor, neverTicker, callbacks.OnSuccess, callbacks.OnFailure)
r.NoError(err)
r.NotNil(shutdownFunc)
defer shutdownFunc() defer shutdownFunc()
r.Equal(2, fakeExecutor.callCount) r.Equal(2, fakeExecutor.callCount)
@ -300,9 +421,7 @@ func TestCA(t *testing.T) {
}) })
it("finds the API server's signing key and uses it to issue certificates", func() { it("finds the API server's signing key and uses it to issue certificates", func() {
_, shutdownFunc, err := New(kubeAPIClient, fakeExecutor, neverTicker) _, shutdownFunc := New(kubeAPIClient, fakeExecutor, neverTicker, callbacks.OnSuccess, callbacks.OnFailure)
r.NoError(err)
r.NotNil(shutdownFunc)
defer shutdownFunc() defer shutdownFunc()
r.Equal(2, fakeExecutor.callCount) r.Equal(2, fakeExecutor.callCount)
@ -319,11 +438,14 @@ func TestCA(t *testing.T) {
when("the kube-controller-manager pod is not found", func() { when("the kube-controller-manager pod is not found", func() {
it("returns an error", func() { it("returns an error", func() {
subject, shutdownFunc, err := New(kubeAPIClient, fakeExecutor, neverTicker) subject, shutdownFunc := New(kubeAPIClient, fakeExecutor, neverTicker, callbacks.OnSuccess, callbacks.OnFailure)
r.Nil(subject) defer shutdownFunc()
r.Nil(shutdownFunc) requireInitialFailureLogMessage("did not find kube-controller-manager pod")
r.True(errors.Is(err, ErrNoKubeControllerManagerPod)) requireNotCapableOfIssuingCerts(subject)
r.Equal(0, callbacks.NumberOfTimesSuccessCalled())
r.Equal(1, callbacks.NumberOfTimesFailureCalled())
r.EqualError(callbacks.FailureErrors()[0], "did not find kube-controller-manager pod")
}) })
}) })
}, spec.Report(report.Terminal{})) }, spec.Sequential(), spec.Report(report.Terminal{}))
} }

View File

@ -1,7 +0,0 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Package discovery contains controller(s) for reconciling PinnipedDiscoveryInfo's.
package discovery

View File

@ -0,0 +1,100 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
package issuerconfig
import (
"context"
"fmt"
"reflect"
k8serrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
crdpinnipedv1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1"
pinnipedclientset "github.com/suzerain-io/pinniped/generated/1.19/client/clientset/versioned"
)
func CreateOrUpdateCredentialIssuerConfig(
ctx context.Context,
credentialIssuerConfigNamespace string,
pinnipedClient pinnipedclientset.Interface,
applyUpdatesToCredentialIssuerConfigFunc func(configToUpdate *crdpinnipedv1alpha1.CredentialIssuerConfig),
) error {
credentialIssuerConfigName := configName
existingCredentialIssuerConfig, err := pinnipedClient.
CrdV1alpha1().
CredentialIssuerConfigs(credentialIssuerConfigNamespace).
Get(ctx, credentialIssuerConfigName, metav1.GetOptions{})
notFound := k8serrors.IsNotFound(err)
if err != nil && !notFound {
return fmt.Errorf("could not get credentialissuerconfig: %w", err)
}
return createOrUpdateCredentialIssuerConfig(
ctx,
existingCredentialIssuerConfig,
notFound,
credentialIssuerConfigName,
credentialIssuerConfigNamespace,
pinnipedClient,
applyUpdatesToCredentialIssuerConfigFunc)
}
func createOrUpdateCredentialIssuerConfig(
ctx context.Context,
existingCredentialIssuerConfig *crdpinnipedv1alpha1.CredentialIssuerConfig,
notFound bool,
credentialIssuerConfigName string,
credentialIssuerConfigNamespace string,
pinnipedClient pinnipedclientset.Interface,
applyUpdatesToCredentialIssuerConfigFunc func(configToUpdate *crdpinnipedv1alpha1.CredentialIssuerConfig),
) error {
credentialIssuerConfigsClient := pinnipedClient.CrdV1alpha1().CredentialIssuerConfigs(credentialIssuerConfigNamespace)
if notFound {
// Create it
credentialIssuerConfig := minimalValidCredentialIssuerConfig(credentialIssuerConfigName, credentialIssuerConfigNamespace)
applyUpdatesToCredentialIssuerConfigFunc(credentialIssuerConfig)
if _, err := credentialIssuerConfigsClient.Create(ctx, credentialIssuerConfig, metav1.CreateOptions{}); err != nil {
return fmt.Errorf("could not create credentialissuerconfig: %w", err)
}
} else {
// Already exists, so check to see if we need to update it
credentialIssuerConfig := existingCredentialIssuerConfig.DeepCopy()
applyUpdatesToCredentialIssuerConfigFunc(credentialIssuerConfig)
if reflect.DeepEqual(existingCredentialIssuerConfig.Status, credentialIssuerConfig.Status) {
// Nothing interesting would change as a result of this update, so skip it
return nil
}
if _, err := credentialIssuerConfigsClient.Update(ctx, credentialIssuerConfig, metav1.UpdateOptions{}); err != nil {
return fmt.Errorf("could not update credentialissuerconfig: %w", err)
}
}
return nil
}
func minimalValidCredentialIssuerConfig(
credentialIssuerConfigName string,
credentialIssuerConfigNamespace string,
) *crdpinnipedv1alpha1.CredentialIssuerConfig {
return &crdpinnipedv1alpha1.CredentialIssuerConfig{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerConfigName,
Namespace: credentialIssuerConfigNamespace,
},
Status: crdpinnipedv1alpha1.CredentialIssuerConfigStatus{
Strategies: []crdpinnipedv1alpha1.CredentialIssuerConfigStrategy{},
KubeConfigInfo: nil,
},
}
}

View File

@ -0,0 +1,7 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
// Package discovery contains controller(s) for reconciling CredentialIssuerConfig's.
package issuerconfig

View File

@ -3,15 +3,13 @@ Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0 SPDX-License-Identifier: Apache-2.0
*/ */
package discovery package issuerconfig
import ( import (
"context"
"encoding/base64" "encoding/base64"
"fmt" "fmt"
k8serrors "k8s.io/apimachinery/pkg/api/errors" k8serrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
corev1informers "k8s.io/client-go/informers/core/v1" corev1informers "k8s.io/client-go/informers/core/v1"
"k8s.io/client-go/tools/clientcmd" "k8s.io/client-go/tools/clientcmd"
"k8s.io/klog/v2" "k8s.io/klog/v2"
@ -37,7 +35,7 @@ type publisherController struct {
serverOverride *string serverOverride *string
pinnipedClient pinnipedclientset.Interface pinnipedClient pinnipedclientset.Interface
configMapInformer corev1informers.ConfigMapInformer configMapInformer corev1informers.ConfigMapInformer
pinnipedDiscoveryInfoInformer crdpinnipedv1alpha1informers.PinnipedDiscoveryInfoInformer credentialIssuerConfigInformer crdpinnipedv1alpha1informers.CredentialIssuerConfigInformer
} }
func NewPublisherController( func NewPublisherController(
@ -45,7 +43,7 @@ func NewPublisherController(
serverOverride *string, serverOverride *string,
pinnipedClient pinnipedclientset.Interface, pinnipedClient pinnipedclientset.Interface,
configMapInformer corev1informers.ConfigMapInformer, configMapInformer corev1informers.ConfigMapInformer,
pinnipedDiscoveryInfoInformer crdpinnipedv1alpha1informers.PinnipedDiscoveryInfoInformer, credentialIssuerConfigInformer crdpinnipedv1alpha1informers.CredentialIssuerConfigInformer,
withInformer pinnipedcontroller.WithInformerOptionFunc, withInformer pinnipedcontroller.WithInformerOptionFunc,
) controller.Controller { ) controller.Controller {
return controller.New( return controller.New(
@ -56,7 +54,7 @@ func NewPublisherController(
serverOverride: serverOverride, serverOverride: serverOverride,
pinnipedClient: pinnipedClient, pinnipedClient: pinnipedClient,
configMapInformer: configMapInformer, configMapInformer: configMapInformer,
pinnipedDiscoveryInfoInformer: pinnipedDiscoveryInfoInformer, credentialIssuerConfigInformer: credentialIssuerConfigInformer,
}, },
}, },
withInformer( withInformer(
@ -65,7 +63,7 @@ func NewPublisherController(
controller.InformerOption{}, controller.InformerOption{},
), ),
withInformer( withInformer(
pinnipedDiscoveryInfoInformer, credentialIssuerConfigInformer,
pinnipedcontroller.NameAndNamespaceExactMatchFilterFactory(configName, namespace), pinnipedcontroller.NameAndNamespaceExactMatchFilterFactory(configName, namespace),
controller.InformerOption{}, controller.InformerOption{},
), ),
@ -109,66 +107,28 @@ func (c *publisherController) Sync(ctx controller.Context) error {
server = *c.serverOverride server = *c.serverOverride
} }
discoveryInfo := crdpinnipedv1alpha1.PinnipedDiscoveryInfo{ existingCredentialIssuerConfigFromInformerCache, err := c.credentialIssuerConfigInformer.
TypeMeta: metav1.TypeMeta{}, Lister().
ObjectMeta: metav1.ObjectMeta{ CredentialIssuerConfigs(c.namespace).
Name: configName, Get(configName)
Namespace: c.namespace, notFound = k8serrors.IsNotFound(err)
}, if err != nil && !notFound {
Spec: crdpinnipedv1alpha1.PinnipedDiscoveryInfoSpec{ return fmt.Errorf("could not get credentialissuerconfig: %w", err)
}
updateServerAndCAFunc := func(c *crdpinnipedv1alpha1.CredentialIssuerConfig) {
c.Status.KubeConfigInfo = &crdpinnipedv1alpha1.CredentialIssuerConfigKubeConfigInfo{
Server: server, Server: server,
CertificateAuthorityData: certificateAuthorityData, CertificateAuthorityData: certificateAuthorityData,
},
} }
if err := c.createOrUpdatePinnipedDiscoveryInfo(ctx.Context, &discoveryInfo); err != nil { }
err = createOrUpdateCredentialIssuerConfig(
ctx.Context,
existingCredentialIssuerConfigFromInformerCache,
notFound,
configName,
c.namespace,
c.pinnipedClient,
updateServerAndCAFunc)
return err return err
}
return nil
}
func (c *publisherController) createOrUpdatePinnipedDiscoveryInfo(
ctx context.Context,
discoveryInfo *crdpinnipedv1alpha1.PinnipedDiscoveryInfo,
) error {
existingDiscoveryInfo, err := c.pinnipedDiscoveryInfoInformer.
Lister().
PinnipedDiscoveryInfos(c.namespace).
Get(discoveryInfo.Name)
notFound := k8serrors.IsNotFound(err)
if err != nil && !notFound {
return fmt.Errorf("could not get pinnipeddiscoveryinfo: %w", err)
}
pinnipedDiscoveryInfos := c.pinnipedClient.
CrdV1alpha1().
PinnipedDiscoveryInfos(c.namespace)
if notFound {
if _, err := pinnipedDiscoveryInfos.Create(
ctx,
discoveryInfo,
metav1.CreateOptions{},
); err != nil {
return fmt.Errorf("could not create pinnipeddiscoveryinfo: %w", err)
}
} else if !equal(existingDiscoveryInfo, discoveryInfo) {
// Update just the fields we care about.
existingDiscoveryInfo.Spec.Server = discoveryInfo.Spec.Server
existingDiscoveryInfo.Spec.CertificateAuthorityData = discoveryInfo.Spec.CertificateAuthorityData
if _, err := pinnipedDiscoveryInfos.Update(
ctx,
existingDiscoveryInfo,
metav1.UpdateOptions{},
); err != nil {
return fmt.Errorf("could not update pinnipeddiscoveryinfo: %w", err)
}
}
return nil
}
func equal(a, b *crdpinnipedv1alpha1.PinnipedDiscoveryInfo) bool {
return a.Spec.Server == b.Spec.Server &&
a.Spec.CertificateAuthorityData == b.Spec.CertificateAuthorityData
} }

View File

@ -3,7 +3,7 @@ Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0 SPDX-License-Identifier: Apache-2.0
*/ */
package discovery package issuerconfig
import ( import (
"context" "context"
@ -37,23 +37,23 @@ func TestInformerFilters(t *testing.T) {
var r *require.Assertions var r *require.Assertions
var observableWithInformerOption *testutil.ObservableWithInformerOption var observableWithInformerOption *testutil.ObservableWithInformerOption
var configMapInformerFilter controller.Filter var configMapInformerFilter controller.Filter
var pinnipedDiscoveryInfoInformerFilter controller.Filter var credentialIssuerConfigInformerFilter controller.Filter
it.Before(func() { it.Before(func() {
r = require.New(t) r = require.New(t)
observableWithInformerOption = testutil.NewObservableWithInformerOption() observableWithInformerOption = testutil.NewObservableWithInformerOption()
configMapInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().ConfigMaps() configMapInformer := kubeinformers.NewSharedInformerFactory(nil, 0).Core().V1().ConfigMaps()
pinnipedDiscoveryInfoInformer := pinnipedinformers.NewSharedInformerFactory(nil, 0).Crd().V1alpha1().PinnipedDiscoveryInfos() credentialIssuerConfigInformer := pinnipedinformers.NewSharedInformerFactory(nil, 0).Crd().V1alpha1().CredentialIssuerConfigs()
_ = NewPublisherController( _ = NewPublisherController(
installedInNamespace, installedInNamespace,
nil, nil,
nil, nil,
configMapInformer, configMapInformer,
pinnipedDiscoveryInfoInformer, credentialIssuerConfigInformer,
observableWithInformerOption.WithInformer, // make it possible to observe the behavior of the Filters observableWithInformerOption.WithInformer, // make it possible to observe the behavior of the Filters
) )
configMapInformerFilter = observableWithInformerOption.GetFilterForInformer(configMapInformer) configMapInformerFilter = observableWithInformerOption.GetFilterForInformer(configMapInformer)
pinnipedDiscoveryInfoInformerFilter = observableWithInformerOption.GetFilterForInformer(pinnipedDiscoveryInfoInformer) credentialIssuerConfigInformerFilter = observableWithInformerOption.GetFilterForInformer(credentialIssuerConfigInformer)
}) })
when("watching ConfigMap objects", func() { when("watching ConfigMap objects", func() {
@ -104,27 +104,27 @@ func TestInformerFilters(t *testing.T) {
}) })
}) })
when("watching PinnipedDiscoveryInfo objects", func() { when("watching CredentialIssuerConfig objects", func() {
var subject controller.Filter var subject controller.Filter
var target, wrongNamespace, wrongName, unrelated *crdpinnipedv1alpha1.PinnipedDiscoveryInfo var target, wrongNamespace, wrongName, unrelated *crdpinnipedv1alpha1.CredentialIssuerConfig
it.Before(func() { it.Before(func() {
subject = pinnipedDiscoveryInfoInformerFilter subject = credentialIssuerConfigInformerFilter
target = &crdpinnipedv1alpha1.PinnipedDiscoveryInfo{ target = &crdpinnipedv1alpha1.CredentialIssuerConfig{
ObjectMeta: metav1.ObjectMeta{Name: "pinniped-config", Namespace: installedInNamespace}, ObjectMeta: metav1.ObjectMeta{Name: "pinniped-config", Namespace: installedInNamespace},
} }
wrongNamespace = &crdpinnipedv1alpha1.PinnipedDiscoveryInfo{ wrongNamespace = &crdpinnipedv1alpha1.CredentialIssuerConfig{
ObjectMeta: metav1.ObjectMeta{Name: "pinniped-config", Namespace: "wrong-namespace"}, ObjectMeta: metav1.ObjectMeta{Name: "pinniped-config", Namespace: "wrong-namespace"},
} }
wrongName = &crdpinnipedv1alpha1.PinnipedDiscoveryInfo{ wrongName = &crdpinnipedv1alpha1.CredentialIssuerConfig{
ObjectMeta: metav1.ObjectMeta{Name: "wrong-name", Namespace: installedInNamespace}, ObjectMeta: metav1.ObjectMeta{Name: "wrong-name", Namespace: installedInNamespace},
} }
unrelated = &crdpinnipedv1alpha1.PinnipedDiscoveryInfo{ unrelated = &crdpinnipedv1alpha1.CredentialIssuerConfig{
ObjectMeta: metav1.ObjectMeta{Name: "wrong-name", Namespace: "wrong-namespace"}, ObjectMeta: metav1.ObjectMeta{Name: "wrong-name", Namespace: "wrong-namespace"},
} }
}) })
when("the target PinnipedDiscoveryInfo changes", func() { when("the target CredentialIssuerConfig changes", func() {
it("returns true to trigger the sync method", func() { it("returns true to trigger the sync method", func() {
r.True(subject.Add(target)) r.True(subject.Add(target))
r.True(subject.Update(target, unrelated)) r.True(subject.Update(target, unrelated))
@ -133,7 +133,7 @@ func TestInformerFilters(t *testing.T) {
}) })
}) })
when("a PinnipedDiscoveryInfo from another namespace changes", func() { when("a CredentialIssuerConfig from another namespace changes", func() {
it("returns false to avoid triggering the sync method", func() { it("returns false to avoid triggering the sync method", func() {
r.False(subject.Add(wrongNamespace)) r.False(subject.Add(wrongNamespace))
r.False(subject.Update(wrongNamespace, unrelated)) r.False(subject.Update(wrongNamespace, unrelated))
@ -142,7 +142,7 @@ func TestInformerFilters(t *testing.T) {
}) })
}) })
when("a PinnipedDiscoveryInfo with a different name changes", func() { when("a CredentialIssuerConfig with a different name changes", func() {
it("returns false to avoid triggering the sync method", func() { it("returns false to avoid triggering the sync method", func() {
r.False(subject.Add(wrongName)) r.False(subject.Add(wrongName))
r.False(subject.Update(wrongName, unrelated)) r.False(subject.Update(wrongName, unrelated))
@ -151,7 +151,7 @@ func TestInformerFilters(t *testing.T) {
}) })
}) })
when("a PinnipedDiscoveryInfo with a different name and a different namespace changes", func() { when("a CredentialIssuerConfig with a different name and a different namespace changes", func() {
it("returns false to avoid triggering the sync method", func() { it("returns false to avoid triggering the sync method", func() {
r.False(subject.Add(unrelated)) r.False(subject.Add(unrelated))
r.False(subject.Update(unrelated, unrelated)) r.False(subject.Update(unrelated, unrelated))
@ -179,23 +179,26 @@ func TestSync(t *testing.T) {
var timeoutContextCancel context.CancelFunc var timeoutContextCancel context.CancelFunc
var syncContext *controller.Context var syncContext *controller.Context
var expectedPinnipedDiscoveryInfo = func(expectedNamespace, expectedServerURL, expectedCAData string) (schema.GroupVersionResource, *crdpinnipedv1alpha1.PinnipedDiscoveryInfo) { var expectedCredentialIssuerConfig = func(expectedNamespace, expectedServerURL, expectedCAData string) (schema.GroupVersionResource, *crdpinnipedv1alpha1.CredentialIssuerConfig) {
expectedPinnipedDiscoveryInfoGVR := schema.GroupVersionResource{ expectedCredentialIssuerConfigGVR := schema.GroupVersionResource{
Group: crdpinnipedv1alpha1.GroupName, Group: crdpinnipedv1alpha1.GroupName,
Version: "v1alpha1", Version: "v1alpha1",
Resource: "pinnipeddiscoveryinfos", Resource: "credentialissuerconfigs",
} }
expectedPinnipedDiscoveryInfo := &crdpinnipedv1alpha1.PinnipedDiscoveryInfo{ expectedCredentialIssuerConfig := &crdpinnipedv1alpha1.CredentialIssuerConfig{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: "pinniped-config", Name: "pinniped-config",
Namespace: expectedNamespace, Namespace: expectedNamespace,
}, },
Spec: crdpinnipedv1alpha1.PinnipedDiscoveryInfoSpec{ Status: crdpinnipedv1alpha1.CredentialIssuerConfigStatus{
Strategies: []crdpinnipedv1alpha1.CredentialIssuerConfigStrategy{},
KubeConfigInfo: &crdpinnipedv1alpha1.CredentialIssuerConfigKubeConfigInfo{
Server: expectedServerURL, Server: expectedServerURL,
CertificateAuthorityData: expectedCAData, CertificateAuthorityData: expectedCAData,
}, },
},
} }
return expectedPinnipedDiscoveryInfoGVR, expectedPinnipedDiscoveryInfo return expectedCredentialIssuerConfigGVR, expectedCredentialIssuerConfig
} }
// Defer starting the informers until the last possible moment so that the // Defer starting the informers until the last possible moment so that the
@ -207,7 +210,7 @@ func TestSync(t *testing.T) {
serverOverride, serverOverride,
pinnipedAPIClient, pinnipedAPIClient,
kubeInformers.Core().V1().ConfigMaps(), kubeInformers.Core().V1().ConfigMaps(),
pinnipedInformers.Crd().V1alpha1().PinnipedDiscoveryInfos(), pinnipedInformers.Crd().V1alpha1().CredentialIssuerConfigs(),
controller.WithInformer, controller.WithInformer,
) )
@ -268,13 +271,13 @@ func TestSync(t *testing.T) {
r.NoError(err) r.NoError(err)
}) })
when("the PinnipedDiscoveryInfo does not already exist", func() { when("the CredentialIssuerConfig does not already exist", func() {
it("creates a PinnipedDiscoveryInfo", func() { it("creates a CredentialIssuerConfig", func() {
startInformersAndController() startInformersAndController()
err := controller.TestSync(t, subject, *syncContext) err := controller.TestSync(t, subject, *syncContext)
r.NoError(err) r.NoError(err)
expectedPinnipedDiscoveryInfoGVR, expectedPinnipedDiscoveryInfo := expectedPinnipedDiscoveryInfo( expectedCredentialIssuerConfigGVR, expectedCredentialIssuerConfig := expectedCredentialIssuerConfig(
installedInNamespace, installedInNamespace,
kubeServerURL, kubeServerURL,
caData, caData,
@ -283,20 +286,20 @@ func TestSync(t *testing.T) {
r.Equal( r.Equal(
[]coretesting.Action{ []coretesting.Action{
coretesting.NewCreateAction( coretesting.NewCreateAction(
expectedPinnipedDiscoveryInfoGVR, expectedCredentialIssuerConfigGVR,
installedInNamespace, installedInNamespace,
expectedPinnipedDiscoveryInfo, expectedCredentialIssuerConfig,
), ),
}, },
pinnipedAPIClient.Actions(), pinnipedAPIClient.Actions(),
) )
}) })
when("creating the PinnipedDiscoveryInfo fails", func() { when("creating the CredentialIssuerConfig fails", func() {
it.Before(func() { it.Before(func() {
pinnipedAPIClient.PrependReactor( pinnipedAPIClient.PrependReactor(
"create", "create",
"pinnipeddiscoveryinfos", "credentialissuerconfigs",
func(_ coretesting.Action) (bool, runtime.Object, error) { func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("create failed") return true, nil, errors.New("create failed")
}, },
@ -306,7 +309,7 @@ func TestSync(t *testing.T) {
it("returns the create error", func() { it("returns the create error", func() {
startInformersAndController() startInformersAndController()
err := controller.TestSync(t, subject, *syncContext) err := controller.TestSync(t, subject, *syncContext)
r.EqualError(err, "could not create pinnipeddiscoveryinfo: create failed") r.EqualError(err, "could not create credentialissuerconfig: create failed")
}) })
}) })
@ -319,19 +322,19 @@ func TestSync(t *testing.T) {
err := controller.TestSync(t, subject, *syncContext) err := controller.TestSync(t, subject, *syncContext)
r.NoError(err) r.NoError(err)
expectedPinnipedDiscoveryInfoGVR, expectedPinnipedDiscoveryInfo := expectedPinnipedDiscoveryInfo( expectedCredentialIssuerConfigGVR, expectedCredentialIssuerConfig := expectedCredentialIssuerConfig(
installedInNamespace, installedInNamespace,
kubeServerURL, kubeServerURL,
caData, caData,
) )
expectedPinnipedDiscoveryInfo.Spec.Server = "https://some-server-override" expectedCredentialIssuerConfig.Status.KubeConfigInfo.Server = "https://some-server-override"
r.Equal( r.Equal(
[]coretesting.Action{ []coretesting.Action{
coretesting.NewCreateAction( coretesting.NewCreateAction(
expectedPinnipedDiscoveryInfoGVR, expectedCredentialIssuerConfigGVR,
installedInNamespace, installedInNamespace,
expectedPinnipedDiscoveryInfo, expectedCredentialIssuerConfig,
), ),
}, },
pinnipedAPIClient.Actions(), pinnipedAPIClient.Actions(),
@ -340,19 +343,19 @@ func TestSync(t *testing.T) {
}) })
}) })
when("the PinnipedDiscoveryInfo already exists", func() { when("the CredentialIssuerConfig already exists", func() {
when("the PinnipedDiscoveryInfo is already up to date according to the data in the ConfigMap", func() { when("the CredentialIssuerConfig is already up to date according to the data in the ConfigMap", func() {
it.Before(func() { it.Before(func() {
_, expectedPinnipedDiscoveryInfo := expectedPinnipedDiscoveryInfo( _, expectedCredentialIssuerConfig := expectedCredentialIssuerConfig(
installedInNamespace, installedInNamespace,
kubeServerURL, kubeServerURL,
caData, caData,
) )
err := pinnipedInformerClient.Tracker().Add(expectedPinnipedDiscoveryInfo) err := pinnipedInformerClient.Tracker().Add(expectedCredentialIssuerConfig)
r.NoError(err) r.NoError(err)
}) })
it("does not update the PinnipedDiscoveryInfo to avoid unnecessary etcd writes/api calls", func() { it("does not update the CredentialIssuerConfig to avoid unnecessary etcd writes/api calls", func() {
startInformersAndController() startInformersAndController()
err := controller.TestSync(t, subject, *syncContext) err := controller.TestSync(t, subject, *syncContext)
r.NoError(err) r.NoError(err)
@ -361,43 +364,43 @@ func TestSync(t *testing.T) {
}) })
}) })
when("the PinnipedDiscoveryInfo is stale compared to the data in the ConfigMap", func() { when("the CredentialIssuerConfig is stale compared to the data in the ConfigMap", func() {
it.Before(func() { it.Before(func() {
_, expectedPinnipedDiscoveryInfo := expectedPinnipedDiscoveryInfo( _, expectedCredentialIssuerConfig := expectedCredentialIssuerConfig(
installedInNamespace, installedInNamespace,
kubeServerURL, kubeServerURL,
caData, caData,
) )
expectedPinnipedDiscoveryInfo.Spec.Server = "https://some-other-server" expectedCredentialIssuerConfig.Status.KubeConfigInfo.Server = "https://some-other-server"
r.NoError(pinnipedInformerClient.Tracker().Add(expectedPinnipedDiscoveryInfo)) r.NoError(pinnipedInformerClient.Tracker().Add(expectedCredentialIssuerConfig))
r.NoError(pinnipedAPIClient.Tracker().Add(expectedPinnipedDiscoveryInfo)) r.NoError(pinnipedAPIClient.Tracker().Add(expectedCredentialIssuerConfig))
}) })
it("updates the existing PinnipedDiscoveryInfo", func() { it("updates the existing CredentialIssuerConfig", func() {
startInformersAndController() startInformersAndController()
err := controller.TestSync(t, subject, *syncContext) err := controller.TestSync(t, subject, *syncContext)
r.NoError(err) r.NoError(err)
expectedPinnipedDiscoveryInfoGVR, expectedPinnipedDiscoveryInfo := expectedPinnipedDiscoveryInfo( expectedCredentialIssuerConfigGVR, expectedCredentialIssuerConfig := expectedCredentialIssuerConfig(
installedInNamespace, installedInNamespace,
kubeServerURL, kubeServerURL,
caData, caData,
) )
expectedActions := []coretesting.Action{ expectedActions := []coretesting.Action{
coretesting.NewUpdateAction( coretesting.NewUpdateAction(
expectedPinnipedDiscoveryInfoGVR, expectedCredentialIssuerConfigGVR,
installedInNamespace, installedInNamespace,
expectedPinnipedDiscoveryInfo, expectedCredentialIssuerConfig,
), ),
} }
r.Equal(expectedActions, pinnipedAPIClient.Actions()) r.Equal(expectedActions, pinnipedAPIClient.Actions())
}) })
when("updating the PinnipedDiscoveryInfo fails", func() { when("updating the CredentialIssuerConfig fails", func() {
it.Before(func() { it.Before(func() {
pinnipedAPIClient.PrependReactor( pinnipedAPIClient.PrependReactor(
"update", "update",
"pinnipeddiscoveryinfos", "credentialissuerconfigs",
func(_ coretesting.Action) (bool, runtime.Object, error) { func(_ coretesting.Action) (bool, runtime.Object, error) {
return true, nil, errors.New("update failed") return true, nil, errors.New("update failed")
}, },
@ -407,7 +410,7 @@ func TestSync(t *testing.T) {
it("returns the update error", func() { it("returns the update error", func() {
startInformersAndController() startInformersAndController()
err := controller.TestSync(t, subject, *syncContext) err := controller.TestSync(t, subject, *syncContext)
r.EqualError(err, "could not update pinnipeddiscoveryinfo: update failed") r.EqualError(err, "could not update credentialissuerconfig: update failed")
}) })
}) })
}) })

View File

@ -20,7 +20,7 @@ import (
pinnipedclientset "github.com/suzerain-io/pinniped/generated/1.19/client/clientset/versioned" pinnipedclientset "github.com/suzerain-io/pinniped/generated/1.19/client/clientset/versioned"
pinnipedinformers "github.com/suzerain-io/pinniped/generated/1.19/client/informers/externalversions" pinnipedinformers "github.com/suzerain-io/pinniped/generated/1.19/client/informers/externalversions"
"github.com/suzerain-io/pinniped/internal/controller/apicerts" "github.com/suzerain-io/pinniped/internal/controller/apicerts"
"github.com/suzerain-io/pinniped/internal/controller/discovery" "github.com/suzerain-io/pinniped/internal/controller/issuerconfig"
"github.com/suzerain-io/pinniped/internal/provider" "github.com/suzerain-io/pinniped/internal/provider"
) )
@ -51,12 +51,12 @@ func PrepareControllers(
controllerManager := controller. controllerManager := controller.
NewManager(). NewManager().
WithController( WithController(
discovery.NewPublisherController( issuerconfig.NewPublisherController(
serverInstallationNamespace, serverInstallationNamespace,
discoveryURLOverride, discoveryURLOverride,
pinnipedClient, pinnipedClient,
kubePublicNamespaceK8sInformers.Core().V1().ConfigMaps(), kubePublicNamespaceK8sInformers.Core().V1().ConfigMaps(),
installationNamespacePinnipedInformers.Crd().V1alpha1().PinnipedDiscoveryInfos(), installationNamespacePinnipedInformers.Crd().V1alpha1().CredentialIssuerConfigs(),
controller.WithInformer, controller.WithInformer,
), ),
singletonWorker, singletonWorker,
@ -156,7 +156,7 @@ func createInformers(
kubePublicNamespaceK8sInformers = k8sinformers.NewSharedInformerFactoryWithOptions( kubePublicNamespaceK8sInformers = k8sinformers.NewSharedInformerFactoryWithOptions(
k8sClient, k8sClient,
defaultResyncInterval, defaultResyncInterval,
k8sinformers.WithNamespace(discovery.ClusterInfoNamespace), k8sinformers.WithNamespace(issuerconfig.ClusterInfoNamespace),
) )
installationNamespaceK8sInformers = k8sinformers.NewSharedInformerFactoryWithOptions( installationNamespaceK8sInformers = k8sinformers.NewSharedInformerFactoryWithOptions(
k8sClient, k8sClient,

View File

@ -13,15 +13,20 @@ import (
"time" "time"
"github.com/spf13/cobra" "github.com/spf13/cobra"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
genericapiserver "k8s.io/apiserver/pkg/server" genericapiserver "k8s.io/apiserver/pkg/server"
genericoptions "k8s.io/apiserver/pkg/server/options" genericoptions "k8s.io/apiserver/pkg/server/options"
"k8s.io/apiserver/plugin/pkg/authenticator/token/webhook" "k8s.io/apiserver/plugin/pkg/authenticator/token/webhook"
"k8s.io/client-go/kubernetes" "k8s.io/client-go/kubernetes"
restclient "k8s.io/client-go/rest" restclient "k8s.io/client-go/rest"
"k8s.io/klog/v2"
crdpinnipedv1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1"
pinnipedv1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/apis/pinniped/v1alpha1" pinnipedv1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/apis/pinniped/v1alpha1"
pinnipedclientset "github.com/suzerain-io/pinniped/generated/1.19/client/clientset/versioned"
"github.com/suzerain-io/pinniped/internal/apiserver" "github.com/suzerain-io/pinniped/internal/apiserver"
"github.com/suzerain-io/pinniped/internal/certauthority/kubecertauthority" "github.com/suzerain-io/pinniped/internal/certauthority/kubecertauthority"
"github.com/suzerain-io/pinniped/internal/controller/issuerconfig"
"github.com/suzerain-io/pinniped/internal/controllermanager" "github.com/suzerain-io/pinniped/internal/controllermanager"
"github.com/suzerain-io/pinniped/internal/downward" "github.com/suzerain-io/pinniped/internal/downward"
"github.com/suzerain-io/pinniped/internal/provider" "github.com/suzerain-io/pinniped/internal/provider"
@ -99,8 +104,15 @@ func (a *App) runServer(ctx context.Context) error {
return fmt.Errorf("could not load config: %w", err) return fmt.Errorf("could not load config: %w", err)
} }
// Discover in which namespace we are installed.
podInfo, err := downward.Load(a.downwardAPIPath)
if err != nil {
return fmt.Errorf("could not read pod metadata: %w", err)
}
serverInstallationNamespace := podInfo.Namespace
// Load the Kubernetes cluster signing CA. // Load the Kubernetes cluster signing CA.
k8sClusterCA, shutdownCA, err := getClusterCASigner() k8sClusterCA, shutdownCA, err := getClusterCASigner(ctx, serverInstallationNamespace)
if err != nil { if err != nil {
return err return err
} }
@ -112,13 +124,6 @@ func (a *App) runServer(ctx context.Context) error {
return fmt.Errorf("could not create webhook client: %w", err) return fmt.Errorf("could not create webhook client: %w", err)
} }
// Discover in which namespace we are installed.
podInfo, err := downward.Load(a.downwardAPIPath)
if err != nil {
return fmt.Errorf("could not read pod metadata: %w", err)
}
serverInstallationNamespace := podInfo.Namespace
// This cert provider will provide certs to the API server and will // This cert provider will provide certs to the API server and will
// be mutated by a controller to keep the certs up to date with what // be mutated by a controller to keep the certs up to date with what
// is stored in a k8s Secret. Therefore it also effectively acting as // is stored in a k8s Secret. Therefore it also effectively acting as
@ -160,7 +165,7 @@ func (a *App) runServer(ctx context.Context) error {
return server.GenericAPIServer.PrepareRun().Run(ctx.Done()) return server.GenericAPIServer.PrepareRun().Run(ctx.Done())
} }
func getClusterCASigner() (*kubecertauthority.CA, kubecertauthority.ShutdownFunc, error) { func getClusterCASigner(ctx context.Context, serverInstallationNamespace string) (credentialrequest.CertIssuer, kubecertauthority.ShutdownFunc, error) {
// Load the Kubernetes client configuration. // Load the Kubernetes client configuration.
kubeConfig, err := restclient.InClusterConfig() kubeConfig, err := restclient.InClusterConfig()
if err != nil { if err != nil {
@ -173,19 +178,63 @@ func getClusterCASigner() (*kubecertauthority.CA, kubecertauthority.ShutdownFunc
return nil, nil, fmt.Errorf("could not initialize Kubernetes client: %w", err) return nil, nil, fmt.Errorf("could not initialize Kubernetes client: %w", err)
} }
// Connect to the pinniped API.
pinnipedClient, err := pinnipedclientset.NewForConfig(kubeConfig)
if err != nil {
return nil, nil, fmt.Errorf("could not initialize pinniped client: %w", err)
}
// Make a clock tick that triggers a periodic refresh. // Make a clock tick that triggers a periodic refresh.
ticker := time.NewTicker(5 * time.Minute) ticker := time.NewTicker(5 * time.Minute)
// Make a CA which uses the Kubernetes cluster API server's signing certs. // Make a CA which uses the Kubernetes cluster API server's signing certs.
k8sClusterCA, shutdownCA, err := kubecertauthority.New( k8sClusterCA, shutdownCA := kubecertauthority.New(
kubeClient, kubeClient,
kubecertauthority.NewPodCommandExecutor(kubeConfig, kubeClient), kubecertauthority.NewPodCommandExecutor(kubeConfig, kubeClient),
ticker.C, ticker.C,
func() { // success callback
err = issuerconfig.CreateOrUpdateCredentialIssuerConfig(
ctx,
serverInstallationNamespace,
pinnipedClient,
func(configToUpdate *crdpinnipedv1alpha1.CredentialIssuerConfig) {
configToUpdate.Status.Strategies = []crdpinnipedv1alpha1.CredentialIssuerConfigStrategy{
{
Type: crdpinnipedv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: crdpinnipedv1alpha1.SuccessStrategyStatus,
Reason: crdpinnipedv1alpha1.FetchedKeyStrategyReason,
Message: "Key was fetched successfully",
LastUpdateTime: metav1.Now(),
},
}
},
) )
if err != nil { if err != nil {
ticker.Stop() klog.Errorf("error performing create or update on CredentialIssuerConfig to add strategy success: %s", err.Error())
return nil, nil, fmt.Errorf("could not load cluster signing CA: %w", err)
} }
},
func(err error) { // error callback
if updateErr := issuerconfig.CreateOrUpdateCredentialIssuerConfig(
ctx,
serverInstallationNamespace,
pinnipedClient,
func(configToUpdate *crdpinnipedv1alpha1.CredentialIssuerConfig) {
configToUpdate.Status.Strategies = []crdpinnipedv1alpha1.CredentialIssuerConfigStrategy{
{
Type: crdpinnipedv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: crdpinnipedv1alpha1.ErrorStrategyStatus,
Reason: crdpinnipedv1alpha1.CouldNotFetchKeyStrategyReason,
Message: err.Error(),
LastUpdateTime: metav1.Now(),
},
}
},
); updateErr != nil {
klog.Errorf("error performing create or update on CredentialIssuerConfig to add strategy error: %s", updateErr.Error())
}
},
)
return k8sClusterCA, func() { shutdownCA(); ticker.Stop() }, nil return k8sClusterCA, func() { shutdownCA(); ticker.Stop() }, nil
} }

View File

@ -47,12 +47,12 @@ func (log *TranscriptLogger) Info(msg string, keysAndValues ...interface{}) {
}) })
} }
func (log *TranscriptLogger) Error(err error, msg string, keysAndValues ...interface{}) { func (log *TranscriptLogger) Error(_ error, msg string, _ ...interface{}) {
log.lock.Lock() log.lock.Lock()
defer log.lock.Unlock() defer log.lock.Unlock()
log.transcript = append(log.transcript, TranscriptLogMessage{ log.transcript = append(log.transcript, TranscriptLogMessage{
Level: "error", Level: "error",
Message: fmt.Sprintf("%s: %v -- %v", msg, err, keysAndValues), Message: msg,
}) })
} }

View File

@ -0,0 +1,8 @@
# Copyright 2020 VMware, Inc.
# SPDX-License-Identifier: Apache-2.0
# Describe the capabilities of the cluster against which the integration tests will run.
capabilities:
# Is it possible to borrow the cluster's signing key from the kube API server?
clusterSigningKeyIsAvailable: false

View File

@ -0,0 +1,8 @@
# Copyright 2020 VMware, Inc.
# SPDX-License-Identifier: Apache-2.0
# Describe the capabilities of the cluster against which the integration tests will run.
capabilities:
# Is it possible to borrow the cluster's signing key from the kube API server?
clusterSigningKeyIsAvailable: true

View File

@ -0,0 +1,8 @@
# Copyright 2020 VMware, Inc.
# SPDX-License-Identifier: Apache-2.0
# Describe the capabilities of the cluster against which the integration tests will run.
capabilities:
# Is it possible to borrow the cluster's signing key from the kube API server?
clusterSigningKeyIsAvailable: true

View File

@ -13,6 +13,7 @@ require (
k8s.io/apimachinery v0.19.0-rc.0 k8s.io/apimachinery v0.19.0-rc.0
k8s.io/client-go v0.19.0-rc.0 k8s.io/client-go v0.19.0-rc.0
k8s.io/kube-aggregator v0.19.0-rc.0 k8s.io/kube-aggregator v0.19.0-rc.0
sigs.k8s.io/yaml v1.2.0
) )
replace ( replace (

View File

@ -103,6 +103,7 @@ github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMo
github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4= github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
github.com/go-critic/go-critic v0.5.0 h1:Ic2p5UCl5fX/2WX2w8nroPpPhxRNsNTMlJzsu/uqwnM= github.com/go-critic/go-critic v0.5.0 h1:Ic2p5UCl5fX/2WX2w8nroPpPhxRNsNTMlJzsu/uqwnM=
github.com/go-critic/go-critic v0.5.0/go.mod h1:4jeRh3ZAVnRYhuWdOEvwzVqLUpxMSoAT0xZ74JsTPlo= github.com/go-critic/go-critic v0.5.0/go.mod h1:4jeRh3ZAVnRYhuWdOEvwzVqLUpxMSoAT0xZ74JsTPlo=

View File

@ -60,15 +60,15 @@ func TestGetAPIResourceList(t *testing.T) {
SingularName: "", SingularName: "",
} }
expectedLDCAPIResource := metav1.APIResource{ expectedCredentialIssuerConfigResource := metav1.APIResource{
Name: "pinnipeddiscoveryinfos", Name: "credentialissuerconfigs",
SingularName: "pinnipeddiscoveryinfo", SingularName: "credentialissuerconfig",
Namespaced: true, Namespaced: true,
Kind: "PinnipedDiscoveryInfo", Kind: "CredentialIssuerConfig",
Verbs: metav1.Verbs([]string{ Verbs: metav1.Verbs([]string{
"delete", "deletecollection", "get", "list", "patch", "create", "update", "watch", "delete", "deletecollection", "get", "list", "patch", "create", "update", "watch",
}), }),
ShortNames: []string{"ldc"}, ShortNames: []string{"cic"},
StorageVersionHash: "unknown: to be filled in automatically below", StorageVersionHash: "unknown: to be filled in automatically below",
} }
@ -79,8 +79,8 @@ func TestGetAPIResourceList(t *testing.T) {
actualAPIResource := actualCrdPinnipedResources.APIResources[0] actualAPIResource := actualCrdPinnipedResources.APIResources[0]
// workaround because its hard to predict the storage version hash (e.g. "t/+v41y+3e4=") // workaround because its hard to predict the storage version hash (e.g. "t/+v41y+3e4=")
// so just don't worry about comparing that field // so just don't worry about comparing that field
expectedLDCAPIResource.StorageVersionHash = actualAPIResource.StorageVersionHash expectedCredentialIssuerConfigResource.StorageVersionHash = actualAPIResource.StorageVersionHash
require.Equal(t, expectedLDCAPIResource, actualAPIResource) require.Equal(t, expectedCredentialIssuerConfigResource, actualAPIResource)
} }
func findGroup(name string, groups []*metav1.APIGroup) *metav1.APIGroup { func findGroup(name string, groups []*metav1.APIGroup) *metav1.APIGroup {

View File

@ -74,7 +74,7 @@ func TestAPIServingCertificateAutoCreationAndRotation(t *testing.T) {
for _, test := range tests { for _, test := range tests {
test := test test := test
t.Run(test.name, func(t *testing.T) { t.Run(test.name, func(t *testing.T) {
namespaceName := library.Getenv(t, "PINNIPED_NAMESPACE") namespaceName := library.GetEnv(t, "PINNIPED_NAMESPACE")
kubeClient := library.NewClientset(t) kubeClient := library.NewClientset(t)
aggregatedClient := library.NewAggregatedClientset(t) aggregatedClient := library.NewAggregatedClientset(t)
@ -108,7 +108,7 @@ func TestAPIServingCertificateAutoCreationAndRotation(t *testing.T) {
return err == nil return err == nil
} }
assert.Eventually(t, secretIsRegenerated, 10*time.Second, 250*time.Millisecond) assert.Eventually(t, secretIsRegenerated, 10*time.Second, 250*time.Millisecond)
require.NoError(t, err) // prints out the error in case of failure require.NoError(t, err) // prints out the error and stops the test in case of failure
regeneratedCACert := secret.Data["caCertificate"] regeneratedCACert := secret.Data["caCertificate"]
regeneratedPrivateKey := secret.Data["tlsPrivateKey"] regeneratedPrivateKey := secret.Data["tlsPrivateKey"]
regeneratedCertChain := secret.Data["tlsCertificateChain"] regeneratedCertChain := secret.Data["tlsCertificateChain"]
@ -125,7 +125,7 @@ func TestAPIServingCertificateAutoCreationAndRotation(t *testing.T) {
return err == nil return err == nil
} }
assert.Eventually(t, aggregatedAPIUpdated, 10*time.Second, 250*time.Millisecond) assert.Eventually(t, aggregatedAPIUpdated, 10*time.Second, 250*time.Millisecond)
require.NoError(t, err) // prints out the error in case of failure require.NoError(t, err) // prints out the error and stops the test in case of failure
require.Equal(t, regeneratedCACert, apiService.Spec.CABundle) require.Equal(t, regeneratedCACert, apiService.Spec.CABundle)
// Check that we can still make requests to the aggregated API through the kube API server, // Check that we can still make requests to the aggregated API through the kube API server,
@ -147,7 +147,7 @@ func TestAPIServingCertificateAutoCreationAndRotation(t *testing.T) {
// Unfortunately, although our code changes all the certs immediately, it seems to take ~1 minute for // Unfortunately, although our code changes all the certs immediately, it seems to take ~1 minute for
// the API machinery to notice that we updated our serving cert, causing 1 minute of downtime for our endpoint. // the API machinery to notice that we updated our serving cert, causing 1 minute of downtime for our endpoint.
assert.Eventually(t, aggregatedAPIWorking, 2*time.Minute, 250*time.Millisecond) assert.Eventually(t, aggregatedAPIWorking, 2*time.Minute, 250*time.Millisecond)
require.NoError(t, err) // prints out the error in case of failure require.NoError(t, err) // prints out the error and stops the test in case of failure
}) })
} }
} }

View File

@ -20,8 +20,8 @@ import (
func TestGetDeployment(t *testing.T) { func TestGetDeployment(t *testing.T) {
library.SkipUnlessIntegration(t) library.SkipUnlessIntegration(t)
namespaceName := library.Getenv(t, "PINNIPED_NAMESPACE") namespaceName := library.GetEnv(t, "PINNIPED_NAMESPACE")
deploymentName := library.Getenv(t, "PINNIPED_APP_NAME") deploymentName := library.GetEnv(t, "PINNIPED_APP_NAME")
client := library.NewClientset(t) client := library.NewClientset(t)

View File

@ -56,7 +56,8 @@ var maskKey = func(s string) string { return strings.ReplaceAll(s, "TESTING KEY"
func TestClient(t *testing.T) { func TestClient(t *testing.T) {
library.SkipUnlessIntegration(t) library.SkipUnlessIntegration(t)
tmcClusterToken := library.Getenv(t, "PINNIPED_TMC_CLUSTER_TOKEN") library.SkipUnlessClusterHasCapability(t, library.ClusterSigningKeyIsAvailable)
tmcClusterToken := library.GetEnv(t, "PINNIPED_TMC_CLUSTER_TOKEN")
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second) ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
defer cancel() defer cancel()

View File

@ -0,0 +1,111 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
package integration
import (
"context"
"encoding/base64"
"testing"
"time"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/client-go/rest"
crdpinnipedv1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1"
"github.com/suzerain-io/pinniped/test/library"
)
func TestCredentialIssuerConfig(t *testing.T) {
library.SkipUnlessIntegration(t)
namespaceName := library.GetEnv(t, "PINNIPED_NAMESPACE")
config := library.NewClientConfig(t)
client := library.NewPinnipedClientset(t)
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
t.Run("test successful CredentialIssuerConfig", func(t *testing.T) {
actualConfigList, err := client.
CrdV1alpha1().
CredentialIssuerConfigs(namespaceName).
List(ctx, metav1.ListOptions{})
require.NoError(t, err)
require.Len(t, actualConfigList.Items, 1)
// Verify the published kube config info.
actualStatusKubeConfigInfo := actualConfigList.Items[0].Status.KubeConfigInfo
require.Equal(t, expectedStatusKubeConfigInfo(config), actualStatusKubeConfigInfo)
// Verify the cluster strategy status based on what's expected of the test cluster's ability to share signing keys.
actualStatusStrategies := actualConfigList.Items[0].Status.Strategies
require.Len(t, actualStatusStrategies, 1)
actualStatusStrategy := actualStatusStrategies[0]
require.Equal(t, crdpinnipedv1alpha1.KubeClusterSigningCertificateStrategyType, actualStatusStrategy.Type)
if library.ClusterHasCapability(t, library.ClusterSigningKeyIsAvailable) {
require.Equal(t, crdpinnipedv1alpha1.SuccessStrategyStatus, actualStatusStrategy.Status)
require.Equal(t, crdpinnipedv1alpha1.FetchedKeyStrategyReason, actualStatusStrategy.Reason)
require.Equal(t, "Key was fetched successfully", actualStatusStrategy.Message)
} else {
require.Equal(t, crdpinnipedv1alpha1.ErrorStrategyStatus, actualStatusStrategy.Status)
require.Equal(t, crdpinnipedv1alpha1.CouldNotFetchKeyStrategyReason, actualStatusStrategy.Reason)
require.Contains(t, actualStatusStrategy.Message, "some part of the error message")
}
require.WithinDuration(t, time.Now(), actualStatusStrategy.LastUpdateTime.Local(), 10*time.Minute)
})
t.Run("reconciling CredentialIssuerConfig", func(t *testing.T) {
library.SkipUnlessClusterHasCapability(t, library.ClusterSigningKeyIsAvailable)
existingConfig, err := client.
CrdV1alpha1().
CredentialIssuerConfigs(namespaceName).
Get(ctx, "pinniped-config", metav1.GetOptions{})
require.NoError(t, err)
require.Len(t, existingConfig.Status.Strategies, 1)
initialStrategy := existingConfig.Status.Strategies[0]
// Mutate the existing object. Don't delete it because that would mess up its `Status.Strategies` array,
// since the reconciling controller is not currently responsible for that field.
updatedServerValue := "https://junk"
existingConfig.Status.KubeConfigInfo.Server = updatedServerValue
updatedConfig, err := client.
CrdV1alpha1().
CredentialIssuerConfigs(namespaceName).
Update(ctx, existingConfig, metav1.UpdateOptions{})
require.NoError(t, err)
require.Equal(t, updatedServerValue, updatedConfig.Status.KubeConfigInfo.Server)
// Expect that the object's mutated field is set back to what matches its source of truth by the controller.
var actualCredentialIssuerConfig *crdpinnipedv1alpha1.CredentialIssuerConfig
var configChangesServerField = func() bool {
actualCredentialIssuerConfig, err = client.
CrdV1alpha1().
CredentialIssuerConfigs(namespaceName).
Get(ctx, "pinniped-config", metav1.GetOptions{})
return err == nil && actualCredentialIssuerConfig.Status.KubeConfigInfo.Server != updatedServerValue
}
assert.Eventually(t, configChangesServerField, 10*time.Second, 100*time.Millisecond)
require.NoError(t, err) // prints out the error and stops the test in case of failure
actualStatusKubeConfigInfo := actualCredentialIssuerConfig.Status.KubeConfigInfo
require.Equal(t, expectedStatusKubeConfigInfo(config), actualStatusKubeConfigInfo)
// The strategies should not have changed during reconciliation.
require.Len(t, actualCredentialIssuerConfig.Status.Strategies, 1)
require.Equal(t, initialStrategy, actualCredentialIssuerConfig.Status.Strategies[0])
})
}
func expectedStatusKubeConfigInfo(config *rest.Config) *crdpinnipedv1alpha1.CredentialIssuerConfigKubeConfigInfo {
return &crdpinnipedv1alpha1.CredentialIssuerConfigKubeConfigInfo{
Server: config.Host,
CertificateAuthorityData: base64.StdEncoding.EncodeToString(config.TLSClientConfig.CAData),
}
}

View File

@ -14,9 +14,8 @@ import (
"time" "time"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
v1 "k8s.io/api/core/v1"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
v1 "k8s.io/api/core/v1"
rbacv1 "k8s.io/api/rbac/v1" rbacv1 "k8s.io/api/rbac/v1"
"k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@ -26,50 +25,11 @@ import (
"github.com/suzerain-io/pinniped/test/library" "github.com/suzerain-io/pinniped/test/library"
) )
func makeRequest(t *testing.T, spec v1alpha1.CredentialRequestSpec) (*v1alpha1.CredentialRequest, error) {
t.Helper()
client := library.NewAnonymousPinnipedClientset(t)
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
return client.PinnipedV1alpha1().CredentialRequests().Create(ctx, &v1alpha1.CredentialRequest{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{},
Spec: spec,
}, metav1.CreateOptions{})
}
func addTestClusterRoleBinding(ctx context.Context, t *testing.T, adminClient kubernetes.Interface, binding *rbacv1.ClusterRoleBinding) {
_, err := adminClient.RbacV1().ClusterRoleBindings().Get(ctx, binding.Name, metav1.GetOptions{})
if err != nil {
// "404 not found" errors are acceptable, but others would be unexpected
statusError, isStatus := err.(*errors.StatusError)
require.True(t, isStatus)
require.Equal(t, http.StatusNotFound, int(statusError.Status().Code))
_, err = adminClient.RbacV1().ClusterRoleBindings().Create(ctx, binding, metav1.CreateOptions{})
require.NoError(t, err)
}
t.Cleanup(func() {
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
err = adminClient.RbacV1().ClusterRoleBindings().Delete(ctx, binding.Name, metav1.DeleteOptions{})
require.NoError(t, err, "Test failed to clean up after itself")
})
}
func TestSuccessfulCredentialRequest(t *testing.T) { func TestSuccessfulCredentialRequest(t *testing.T) {
library.SkipUnlessIntegration(t) library.SkipUnlessIntegration(t)
tmcClusterToken := library.Getenv(t, "PINNIPED_TMC_CLUSTER_TOKEN") library.SkipUnlessClusterHasCapability(t, library.ClusterSigningKeyIsAvailable)
response, err := makeRequest(t, v1alpha1.CredentialRequestSpec{
Type: v1alpha1.TokenCredentialType,
Token: &v1alpha1.CredentialRequestTokenCredential{Value: tmcClusterToken},
})
response, err := makeRequest(t, validCredentialRequestSpecWithRealToken(t))
require.NoError(t, err) require.NoError(t, err)
// Note: If this assertion fails then your TMC token might have expired. Get a fresh one and try again. // Note: If this assertion fails then your TMC token might have expired. Get a fresh one and try again.
@ -121,7 +81,7 @@ func TestSuccessfulCredentialRequest(t *testing.T) {
return err == nil return err == nil
} }
assert.Eventually(t, canListNamespaces, 3*time.Second, 250*time.Millisecond) assert.Eventually(t, canListNamespaces, 3*time.Second, 250*time.Millisecond)
require.NoError(t, err) // prints out the error in case of failure require.NoError(t, err) // prints out the error and stops the test in case of failure
require.NotEmpty(t, listNamespaceResponse.Items) require.NotEmpty(t, listNamespaceResponse.Items)
}) })
@ -150,13 +110,15 @@ func TestSuccessfulCredentialRequest(t *testing.T) {
return err == nil return err == nil
} }
assert.Eventually(t, canListNamespaces, 3*time.Second, 250*time.Millisecond) assert.Eventually(t, canListNamespaces, 3*time.Second, 250*time.Millisecond)
require.NoError(t, err) // prints out the error in case of failure require.NoError(t, err) // prints out the error and stops the test in case of failure
require.NotEmpty(t, listNamespaceResponse.Items) require.NotEmpty(t, listNamespaceResponse.Items)
}) })
} }
func TestFailedCredentialRequestWhenTheRequestIsValidButTheTokenDoesNotAuthenticateTheUser(t *testing.T) { func TestFailedCredentialRequestWhenTheRequestIsValidButTheTokenDoesNotAuthenticateTheUser(t *testing.T) {
library.SkipUnlessIntegration(t) library.SkipUnlessIntegration(t)
library.SkipUnlessClusterHasCapability(t, library.ClusterSigningKeyIsAvailable)
response, err := makeRequest(t, v1alpha1.CredentialRequestSpec{ response, err := makeRequest(t, v1alpha1.CredentialRequestSpec{
Type: v1alpha1.TokenCredentialType, Type: v1alpha1.TokenCredentialType,
Token: &v1alpha1.CredentialRequestTokenCredential{Value: "not a good token"}, Token: &v1alpha1.CredentialRequestTokenCredential{Value: "not a good token"},
@ -171,6 +133,8 @@ func TestFailedCredentialRequestWhenTheRequestIsValidButTheTokenDoesNotAuthentic
func TestCredentialRequest_ShouldFailWhenRequestDoesNotIncludeToken(t *testing.T) { func TestCredentialRequest_ShouldFailWhenRequestDoesNotIncludeToken(t *testing.T) {
library.SkipUnlessIntegration(t) library.SkipUnlessIntegration(t)
library.SkipUnlessClusterHasCapability(t, library.ClusterSigningKeyIsAvailable)
response, err := makeRequest(t, v1alpha1.CredentialRequestSpec{ response, err := makeRequest(t, v1alpha1.CredentialRequestSpec{
Type: v1alpha1.TokenCredentialType, Type: v1alpha1.TokenCredentialType,
Token: nil, Token: nil,
@ -190,6 +154,63 @@ func TestCredentialRequest_ShouldFailWhenRequestDoesNotIncludeToken(t *testing.T
require.Nil(t, response.Status.Credential) require.Nil(t, response.Status.Credential)
} }
func TestCredentialRequest_OtherwiseValidRequestWithRealTokenShouldFailWhenTheClusterIsNotCapable(t *testing.T) {
library.SkipUnlessIntegration(t)
library.SkipWhenClusterHasCapability(t, library.ClusterSigningKeyIsAvailable)
response, err := makeRequest(t, validCredentialRequestSpecWithRealToken(t))
require.NoError(t, err)
require.Empty(t, response.Spec)
require.Nil(t, response.Status.Credential)
require.Equal(t, stringPtr("authentication failed"), response.Status.Message)
}
func makeRequest(t *testing.T, spec v1alpha1.CredentialRequestSpec) (*v1alpha1.CredentialRequest, error) {
t.Helper()
client := library.NewAnonymousPinnipedClientset(t)
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
return client.PinnipedV1alpha1().CredentialRequests().Create(ctx, &v1alpha1.CredentialRequest{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{},
Spec: spec,
}, metav1.CreateOptions{})
}
func validCredentialRequestSpecWithRealToken(t *testing.T) v1alpha1.CredentialRequestSpec {
tmcClusterToken := library.GetEnv(t, "PINNIPED_TMC_CLUSTER_TOKEN")
return v1alpha1.CredentialRequestSpec{
Type: v1alpha1.TokenCredentialType,
Token: &v1alpha1.CredentialRequestTokenCredential{Value: tmcClusterToken},
}
}
func addTestClusterRoleBinding(ctx context.Context, t *testing.T, adminClient kubernetes.Interface, binding *rbacv1.ClusterRoleBinding) {
_, err := adminClient.RbacV1().ClusterRoleBindings().Get(ctx, binding.Name, metav1.GetOptions{})
if err != nil {
// "404 not found" errors are acceptable, but others would be unexpected
statusError, isStatus := err.(*errors.StatusError)
require.True(t, isStatus)
require.Equal(t, http.StatusNotFound, int(statusError.Status().Code))
_, err = adminClient.RbacV1().ClusterRoleBindings().Create(ctx, binding, metav1.CreateOptions{})
require.NoError(t, err)
}
t.Cleanup(func() {
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
err = adminClient.RbacV1().ClusterRoleBindings().Delete(ctx, binding.Name, metav1.DeleteOptions{})
require.NoError(t, err, "Test failed to clean up after itself")
})
}
func stringPtr(s string) *string { func stringPtr(s string) *string {
return &s return &s
} }

View File

@ -15,6 +15,7 @@ import (
"github.com/suzerain-io/pinniped/test/library" "github.com/suzerain-io/pinniped/test/library"
) )
// Smoke test to see if the kubeconfig works and the cluster is reachable.
func TestGetNodes(t *testing.T) { func TestGetNodes(t *testing.T) {
library.SkipUnlessIntegration(t) library.SkipUnlessIntegration(t)
cmd := exec.Command("kubectl", "get", "nodes") cmd := exec.Command("kubectl", "get", "nodes")

View File

@ -1,80 +0,0 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
package integration
import (
"context"
"encoding/base64"
"testing"
"time"
"github.com/stretchr/testify/require"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/client-go/rest"
crdpinnipedv1alpha1 "github.com/suzerain-io/pinniped/generated/1.19/apis/crdpinniped/v1alpha1"
"github.com/suzerain-io/pinniped/test/library"
)
func TestSuccessfulPinnipedDiscoveryInfo(t *testing.T) {
library.SkipUnlessIntegration(t)
namespaceName := library.Getenv(t, "PINNIPED_NAMESPACE")
client := library.NewPinnipedClientset(t)
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
config := library.NewClientConfig(t)
expectedLDCSpec := expectedLDCSpec(config)
configList, err := client.
CrdV1alpha1().
PinnipedDiscoveryInfos(namespaceName).
List(ctx, metav1.ListOptions{})
require.NoError(t, err)
require.Len(t, configList.Items, 1)
require.Equal(t, expectedLDCSpec, &configList.Items[0].Spec)
}
func TestReconcilingPinnipedDiscoveryInfo(t *testing.T) {
library.SkipUnlessIntegration(t)
namespaceName := library.Getenv(t, "PINNIPED_NAMESPACE")
client := library.NewPinnipedClientset(t)
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
defer cancel()
err := client.
CrdV1alpha1().
PinnipedDiscoveryInfos(namespaceName).
Delete(ctx, "pinniped-config", metav1.DeleteOptions{})
require.NoError(t, err)
config := library.NewClientConfig(t)
expectedLDCSpec := expectedLDCSpec(config)
var actualLDC *crdpinnipedv1alpha1.PinnipedDiscoveryInfo
for i := 0; i < 10; i++ {
actualLDC, err = client.
CrdV1alpha1().
PinnipedDiscoveryInfos(namespaceName).
Get(ctx, "pinniped-config", metav1.GetOptions{})
if err == nil {
break
}
time.Sleep(time.Millisecond * 750)
}
require.NoError(t, err)
require.Equal(t, expectedLDCSpec, &actualLDC.Spec)
}
func expectedLDCSpec(config *rest.Config) *crdpinnipedv1alpha1.PinnipedDiscoveryInfoSpec {
return &crdpinnipedv1alpha1.PinnipedDiscoveryInfoSpec{
Server: config.Host,
CertificateAuthorityData: base64.StdEncoding.EncodeToString(config.TLSClientConfig.CAData),
}
}

View File

@ -0,0 +1,65 @@
/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/
package library
import (
"io/ioutil"
"os"
"testing"
"github.com/stretchr/testify/require"
"sigs.k8s.io/yaml"
)
type TestClusterCapability string
const (
ClusterSigningKeyIsAvailable = TestClusterCapability("clusterSigningKeyIsAvailable")
)
type capabilitiesConfig struct {
Capabilities map[TestClusterCapability]bool `yaml:"capabilities,omitempty"`
}
func ClusterHasCapability(t *testing.T, capability TestClusterCapability) bool {
t.Helper()
capabilitiesDescriptionYAML := os.Getenv("PINNIPED_CLUSTER_CAPABILITY_YAML")
capabilitiesDescriptionFile := os.Getenv("PINNIPED_CLUSTER_CAPABILITY_FILE")
require.NotEmptyf(t,
capabilitiesDescriptionYAML+capabilitiesDescriptionFile,
"must specify either PINNIPED_CLUSTER_CAPABILITY_YAML or PINNIPED_CLUSTER_CAPABILITY_FILE env var for integration tests",
)
if capabilitiesDescriptionYAML == "" {
bytes, err := ioutil.ReadFile(capabilitiesDescriptionFile)
capabilitiesDescriptionYAML = string(bytes)
require.NoError(t, err)
}
var capabilities capabilitiesConfig
err := yaml.Unmarshal([]byte(capabilitiesDescriptionYAML), &capabilities)
require.NoError(t, err)
isCapable, capabilityWasDescribed := capabilities.Capabilities[capability]
require.True(t, capabilityWasDescribed, `the cluster's "%s" capability was not described`, capability)
return isCapable
}
func SkipUnlessClusterHasCapability(t *testing.T, capability TestClusterCapability) {
t.Helper()
if !ClusterHasCapability(t, capability) {
t.Skipf(`skipping integration test because cluster lacks the "%s" capability`, capability)
}
}
func SkipWhenClusterHasCapability(t *testing.T, capability TestClusterCapability) {
t.Helper()
if ClusterHasCapability(t, capability) {
t.Skipf(`skipping integration test because cluster has the "%s" capability`, capability)
}
}

View File

@ -12,9 +12,9 @@ import (
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
) )
// Getenv gets the environment variable with key and asserts that it is not // GetEnv gets the environment variable with key and asserts that it is not
// empty. It returns the value of the environment variable. // empty. It returns the value of the environment variable.
func Getenv(t *testing.T, key string) string { func GetEnv(t *testing.T, key string) string {
t.Helper() t.Helper()
value := os.Getenv(key) value := os.Getenv(key)
require.NotEmptyf(t, value, "must specify %s env var for integration tests", key) require.NotEmptyf(t, value, "must specify %s env var for integration tests", key)