Documentation
¶
Overview ¶
Package v1alpha1 contains API Schema definitions for the extensions v1alpha1 API group +kubebuilder:object:generate=true +groupName=dashboard.gardener.cloud
Index ¶
- Constants
- Variables
- func EqualServiceAccountRefs(ref1, ref2 *corev1.ObjectReference) bool
- func EqualShootRefs(ref1, ref2 *ShootRef) bool
- type APIServer
- type Authorization
- type BindingKind
- type ClusterCredentials
- type Container
- type ControllerManagerConfiguration
- type ControllerManagerControllerConfiguration
- type ControllerManagerWebhookConfiguration
- type Duration
- type ErrorCode
- type HostCluster
- type LastError
- type LastOperation
- type LastOperationState
- type LastOperationType
- type Pod
- type ProjectMembership
- type RoleBinding
- type Server
- type ServerConfiguration
- type ServiceAccountControllerConfiguration
- type ShootRef
- type TargetCluster
- type Terminal
- type TerminalControllerConfiguration
- type TerminalHeartbeatControllerConfiguration
- type TerminalList
- type TerminalSpec
- type TerminalStatus
- type TerminalValidatingWebhookConfiguration
Constants ¶
const ( // TerminalName is the value in a Terminal resource's `.metadata.finalizers[]` array on which the Terminal controller will react // when performing a delete request on a resource. TerminalName = "terminal" // ExternalTerminalName is the value in a Kubernetes core resources `.metadata.finalizers[]` array on which the // Terminal will react when performing a delete request on a resource. ExternalTerminalName = "gardener.cloud/terminal" // Component is the label key for the component Component = "component" // TerminalComponent is the component name of the terminal controller manager. All resources created by the terminal controller will have this label TerminalComponent = "terminal-controller-manager" // GardenCreatedBy is the key for an annotation of a terminal resource whose value contains the username // of the user that created the resource. GardenCreatedBy = "gardener.cloud/created-by" // TerminalLastHeartbeat is the key for an annotation of a terminal resource whose value contains the username // of the user that created the resource. TerminalLastHeartbeat = "dashboard.gardener.cloud/last-heartbeat-at" // TerminalOperation is a constant for an annotation on a Terminal indicating that an operation shall be performed. TerminalOperation = "dashboard.gardener.cloud/operation" // TerminalReference is a label used to identify service accounts which are referred by a target or host .credential.serviceAccountRef of a Terminal (necessarily in the same namespace). // and for which cleanupProjectMembership is set to true TerminalReference = "reference.dashboard.gardener.cloud/terminal" // Description is the key for an annotation whose value contains the description for this resource // of the user that created the resource. Description = "dashboard.gardener.cloud/description" // TerminalOperationKeepalive is a constant for an annotation on a Terminal indicating that the Terminal should be kept alive for a certain period of time. TerminalOperationKeepalive = "keepalive" // EventReconciling indicates that a Reconcile operation started. EventReconciling = "Reconciling" // EventReconciled indicates that a Reconcile operation was successful. EventReconciled = "Reconciled" // EventReconcileError indicates that a Reconcile operation failed. EventReconcileError = "ReconcileError" // EventDeleting indicates that a Delete operation started. EventDeleting = "Deleting" // EventDeleted indicates that a Delete operation was successful. EventDeleted = "Deleted" // EventDeleteError indicates that a Delete operation failed. EventDeleteError = "DeleteError" // BindingKindClusterRoleBinding will result in a ClusterRoleBinding BindingKindClusterRoleBinding BindingKind = "ClusterRoleBinding" // BindingKindRoleBinding will result in a RoleBinding BindingKindRoleBinding BindingKind = "RoleBinding" // KubeconfigSecretResourceNamePrefix is a name prefix for the kubeconfig secret used within the terminal pod. KubeconfigSecretResourceNamePrefix = "term-kubeconfig-" // #nosec G101 -- No credential. // TokenSecretResourceNamePrefix is a name prefix for the token secret that is mounted to the terminal pod. TokenSecretResourceNamePrefix = "term-token-" // TerminalAttachResourceNamePrefix is a name prefix for resources related to attach to the terminal pod. TerminalAttachResourceNamePrefix = "term-attach-" // TerminalAccessResourceNamePrefix is a name prefix for resources related to accessing the target cluster. TerminalAccessResourceNamePrefix = "term-access-" // TerminalPodResourceNamePrefix is a name prefix for the terminal pod TerminalPodResourceNamePrefix = "term-" // TerminalAttachRoleResourceNamePrefix is a name prefix for the role allowing to attach to the terminal pod TerminalAttachRoleResourceNamePrefix = "dashboard.gardener.cloud:term-attach-" )
Variables ¶
var ( // GroupVersion is group version used to register these objects GroupVersion = schema.GroupVersion{Group: "dashboard.gardener.cloud", Version: "v1alpha1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
Functions ¶
func EqualServiceAccountRefs ¶ added in v0.34.0
func EqualServiceAccountRefs(ref1, ref2 *corev1.ObjectReference) bool
EqualServiceAccountRefs checks if two ServiceAccountRef objects are equal
func EqualShootRefs ¶ added in v0.34.0
EqualShootRefs checks if two ShootRef objects are equal
Types ¶
type APIServer ¶ added in v0.14.0
type APIServer struct {
// ServiceRef is a reference to the kube-apiserver service on the host cluster that points to the kube-apiserver of the target cluster. If no namespace is set on the object reference, it is defaulted to Spec.Host.Namespace.
// +optional
ServiceRef *corev1.ObjectReference `json:"serviceRef,omitempty"`
// Server is the address of the target kubernetes cluster (https://hostname:port). The address should be accessible from the terminal pod within the host cluster.
// +optional
Server string `json:"server,omitempty"`
// CAData holds PEM-encoded bytes (typically read from a root certificates bundle).
// +optional
// +nullable
CAData []byte `json:"caData"`
}
APIServer references the kube-apiserver.
func (*APIServer) DeepCopy ¶ added in v0.14.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServer.
func (*APIServer) DeepCopyInto ¶ added in v0.14.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Authorization ¶ added in v0.14.0
type Authorization struct {
// RoleBindings defines the desired (temporary) rbac role bindings the "access" service account should be assigned to
// +optional
RoleBindings []RoleBinding `json:"roleBindings,omitempty"`
// ProjectMemberships defines the (temporary) project memberships of the "access" service account. Each project is updated by using the target.credential, hence the target has to be the (virtual) garden cluster.
// +optional
ProjectMemberships []ProjectMembership `json:"projectMemberships,omitempty"`
}
Authorization the desired (temporary) privileges the "access" service account should receive. Either rbac role bindings can be defined, or the service account can be added as member to a gardener project with specific roles. In the latter case, gardener manages the rbac.
func (*Authorization) DeepCopy ¶ added in v0.14.0
func (in *Authorization) DeepCopy() *Authorization
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Authorization.
func (*Authorization) DeepCopyInto ¶ added in v0.14.0
func (in *Authorization) DeepCopyInto(out *Authorization)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type BindingKind ¶
type BindingKind string
BindingKind describes the desired role binding +kubebuilder:validation:Enum=ClusterRoleBinding;RoleBinding;""
func (BindingKind) String ¶ added in v0.14.0
func (c BindingKind) String() string
type ClusterCredentials ¶
type ClusterCredentials struct {
// ServiceAccountRef is a reference to a service account that should be used, usually to manage resources on the same cluster as the service account is residing in
// Either ShootRef or ServiceAccountRef must be set, but not both.
// +optional
ServiceAccountRef *corev1.ObjectReference `json:"serviceAccountRef,omitempty"`
// ShootRef references the shoot cluster. The admin kubeconfig retrieved from the shoots/adminkubeconfig endpoint is used
// Either ShootRef or ServiceAccountRef must be set, but not both.
// +optional
ShootRef *ShootRef `json:"shootRef,omitempty"`
}
ClusterCredentials define the credentials for a kubernetes cluster
func (*ClusterCredentials) DeepCopy ¶
func (in *ClusterCredentials) DeepCopy() *ClusterCredentials
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCredentials.
func (*ClusterCredentials) DeepCopyInto ¶
func (in *ClusterCredentials) DeepCopyInto(out *ClusterCredentials)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Container ¶
type Container struct {
// Image defines the image used for the container.
// As this image is also used for the "setup" init container, the `/bin/cp` binary has to be part of the image
Image string `json:"image"`
// Entrypoint array. Not executed within a shell.
// The docker image's ENTRYPOINT is used if this is not provided.
// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
// cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax
// can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
// regardless of whether the variable exists or not.
// Cannot be updated.
// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
// +optional
Command []string `json:"command,omitempty"`
// Arguments to the entrypoint.
// The docker image's CMD is used if this is not provided.
// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
// cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax
// can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
// regardless of whether the variable exists or not.
// Cannot be updated.
// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
// +optional
Args []string `json:"args,omitempty"`
// Compute Resources required by this container.
// Cannot be updated.
// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
// +optional
Resources corev1.ResourceRequirements `json:"resources,omitempty"`
// Run container in privileged mode.
// Processes in privileged containers are essentially equivalent to root on the host.
// Defaults to false.
// +optional
Privileged bool `json:"privileged,omitempty"`
}
A single application container that you want to run within a pod.
func (*Container) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Container.
func (*Container) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ControllerManagerConfiguration ¶
type ControllerManagerConfiguration struct {
// +optional
Kind string `json:"kind"`
// +optional
APIVersion string `json:"apiVersion"`
// Server defines the configuration of the HTTP server.
Server ServerConfiguration `json:"server"`
// Controllers defines the configuration of the controllers.
Controllers ControllerManagerControllerConfiguration `json:"controllers"`
// Webhooks defines the configuration of the admission webhooks.
Webhooks ControllerManagerWebhookConfiguration `json:"webhooks"`
// HonourServiceAccountRefHostCluster defines if `host.credentials.serviceAccountRef` property should be honoured.
// It is recommended to be set to false for multi-cluster setups, in case pods are refused on the (virtual) garden cluster where the terminal resources are stored.
// Defaults to true.
// +optional
HonourServiceAccountRefHostCluster *bool `json:"honourServiceAccountRefHostCluster,omitempty"`
// HonourServiceAccountRefTargetCluster defines if `target.credentials.serviceAccountRef` property should be honoured.
// Defaults to true.
// +optional
HonourServiceAccountRefTargetCluster *bool `json:"honourServiceAccountRefTargetCluster,omitempty"`
// HonourProjectMemberships defines if `target.authorization.projectMemberships` property should be honoured.
// It is recommended to be set to false in case no gardener API server extension is registered for the (virtual) garden cluster where the terminal resources are stored.
// Defaults to true.
// +optional
HonourProjectMemberships *bool `json:"honourProjectMemberships,omitempty"`
// HonourCleanupProjectMembership defines if `target.credential.serviceAccountRef.cleanupProjectMembership` property should be honoured.
// It is recommended to be set to false in case no gardener API server extension is registered for the (virtual) garden cluster where the terminal resources are stored.
// Defaults to false.
// +optional
HonourCleanupProjectMembership *bool `json:"honourCleanupProjectMembership,omitempty"`
// LeaderElection defines the configuration of leader election client.
// +optional
LeaderElection *componentbaseconfigv1alpha1.LeaderElectionConfiguration `json:"leaderElection,omitempty"`
}
ControllerManagerConfiguration defines the configuration for the Gardener controller manager.
func (*ControllerManagerConfiguration) DeepCopy ¶
func (in *ControllerManagerConfiguration) DeepCopy() *ControllerManagerConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerManagerConfiguration.
func (*ControllerManagerConfiguration) DeepCopyInto ¶
func (in *ControllerManagerConfiguration) DeepCopyInto(out *ControllerManagerConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ControllerManagerControllerConfiguration ¶
type ControllerManagerControllerConfiguration struct {
// Terminal defines the configuration of the Terminal controller.
Terminal TerminalControllerConfiguration `json:"terminal"`
// TerminalHeartbeat defines the configuration of the TerminalHeartbeat controller.
TerminalHeartbeat TerminalHeartbeatControllerConfiguration `json:"terminalHeartbeat"`
// ServiceAccount defines the configuration of the ServiceAccount controller.
ServiceAccount ServiceAccountControllerConfiguration `json:"serviceAccount"`
}
ControllerManagerControllerConfiguration defines the configuration of the controllers.
func (*ControllerManagerControllerConfiguration) DeepCopy ¶
func (in *ControllerManagerControllerConfiguration) DeepCopy() *ControllerManagerControllerConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerManagerControllerConfiguration.
func (*ControllerManagerControllerConfiguration) DeepCopyInto ¶
func (in *ControllerManagerControllerConfiguration) DeepCopyInto(out *ControllerManagerControllerConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ControllerManagerWebhookConfiguration ¶
type ControllerManagerWebhookConfiguration struct {
// TerminalValidation defines the configuration of the validating webhook.
TerminalValidation TerminalValidatingWebhookConfiguration `json:"terminalValidation"`
}
ControllerManagerWebhookConfiguration defines the configuration of the admission webhooks.
func (*ControllerManagerWebhookConfiguration) DeepCopy ¶
func (in *ControllerManagerWebhookConfiguration) DeepCopy() *ControllerManagerWebhookConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerManagerWebhookConfiguration.
func (*ControllerManagerWebhookConfiguration) DeepCopyInto ¶
func (in *ControllerManagerWebhookConfiguration) DeepCopyInto(out *ControllerManagerWebhookConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Duration ¶
Duration is a wrapper around time.Duration which supports correct marshaling to YAML. In particular, it marshals into strings, which can be used as map keys in json.
func (*Duration) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Duration.
func (*Duration) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Duration) UnmarshalJSON ¶ added in v0.32.0
UnmarshalJSON implements the json.Unmarshaler interface.
func (*Duration) UnmarshalYAML ¶
UnmarshalYAML implements the yaml.Unmarshaller interface.
type HostCluster ¶
type HostCluster struct {
// ClusterCredentials define the credentials to the host cluster
Credentials ClusterCredentials `json:"credentials"`
// Namespace is the namespace where the pod resides in
// This field should not be set if TemporaryNamespace is set to true but must be set in case TemporaryNamespace is set to false.
// +optional
Namespace *string `json:"namespace,omitempty"`
// TemporaryNamespace is a flag to indicate if the namespace should be ephemeral. If true, the namespace will be created and when the terminal is deleted, the namespace is also deleted.
// If true, the mutating webhook makes sure that a temporary namespace is set; in this case you cannot choose the namespace
// This field should be false if Namespace is set. You cannot define the name of the temporary namespace.
// +optional
TemporaryNamespace *bool `json:"temporaryNamespace,omitempty"`
Pod Pod `json:"pod"`
}
HostCluster defines the desired state of the resources related to the host cluster
func (*HostCluster) DeepCopy ¶
func (in *HostCluster) DeepCopy() *HostCluster
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostCluster.
func (*HostCluster) DeepCopyInto ¶
func (in *HostCluster) DeepCopyInto(out *HostCluster)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type LastError ¶
type LastError struct {
// Description is a human-readable message indicating details about the last error.
Description string `json:"description"`
// Last time the error was reported
// +optional
LastUpdateTime metav1.Time `json:"lastUpdateTime,omitempty"`
}
LastError indicates the last occurred error for an operation on a resource.
func (*LastError) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LastError.
func (*LastError) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type LastOperation ¶ added in v0.32.0
type LastOperation struct {
// A human-readable message indicating details about the last operation.
Description string `json:"description"`
// Last time the operation state transitioned from one to another.
LastUpdateTime metav1.Time `json:"lastUpdateTime"`
// Status of the last operation, one of Processing, Succeeded, Error.
State LastOperationState `json:"state"`
// Type of the last operation, one of Reconcile, Delete.
Type LastOperationType `json:"type"`
}
LastOperation indicates the type and the state of the last operation, along with a description message.
func (*LastOperation) DeepCopy ¶ added in v0.32.0
func (in *LastOperation) DeepCopy() *LastOperation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LastOperation.
func (*LastOperation) DeepCopyInto ¶ added in v0.32.0
func (in *LastOperation) DeepCopyInto(out *LastOperation)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type LastOperationState ¶ added in v0.32.0
type LastOperationState string
const ( // LastOperationStateProcessing indicates that an operation is ongoing. LastOperationStateProcessing LastOperationState = "Processing" // LastOperationStateSucceeded indicates that an operation has completed successfully. LastOperationStateSucceeded LastOperationState = "Succeeded" // LastOperationStateError indicates that an operation is completed with errors and will be retried. LastOperationStateError LastOperationState = "Error" )
LastOperationState is a string alias.
type LastOperationType ¶ added in v0.32.0
type LastOperationType string
LastOperationType is a string alias.
const ( // LastOperationTypeReconcile indicates a 'reconcile' operation. LastOperationTypeReconcile LastOperationType = "Reconcile" // LastOperationTypeDelete indicates a 'delete' operation. LastOperationTypeDelete LastOperationType = "Delete" )
type Pod ¶
type Pod struct {
// Map of string keys and values that can be used to organize and categorize
// (scope and select) objects. Will be set as labels of the pod
// +optional
Labels map[string]string `json:"labels,omitempty"`
// Container belonging to the pod.
// Cannot be updated.
// +optional if ContainerImage is set
Container *Container `json:"container,omitempty"`
// ContainerImage defines the image used for the container.
// ContainerImage is ignored if Container is set.
// +optional
// Deprecated: Use `Container.Image` instead.
ContainerImage string `json:"containerImage,omitempty"`
// Run container in privileged mode.
// Privileged is ignored if Container is set.
// Processes in privileged containers are essentially equivalent to root on the host.
// Defaults to false.
// +optional
// Deprecated: Use `Container.Privileged` instead.
Privileged bool `json:"privileged,omitempty"`
// Host networking requested for this pod. Use the host's network namespace.
// Default to false.
// +optional
HostNetwork bool `json:"hostNetwork,omitempty"`
// Use the host's pid namespace.
// Default to false.
// +optional
HostPID bool `json:"hostPID,omitempty"`
// NodeSelector is a selector which must be true for the pod to fit on a node.
// Selector which must match a node's labels for the pod to be scheduled on that node.
// +optional
NodeSelector map[string]string `json:"nodeSelector,omitempty"`
}
Pod defines the desired state of the pod
func (*Pod) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Pod.
func (*Pod) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ProjectMembership ¶ added in v0.14.0
type ProjectMembership struct {
// ProjectName is the name of the project, the "access" service account should be member of
ProjectName string `json:"projectName"`
// Roles defines the gardener roles the "access" service account should receive, e.g. admin, viewer, uam.
Roles []string `json:"roles"`
}
ProjectMembership defines the (temporary) project membership of the "access" service account. The project is updated by using the target.credential, hence the target has the be the (virtual) garden cluster.
func (*ProjectMembership) DeepCopy ¶ added in v0.14.0
func (in *ProjectMembership) DeepCopy() *ProjectMembership
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectMembership.
func (*ProjectMembership) DeepCopyInto ¶ added in v0.14.0
func (in *ProjectMembership) DeepCopyInto(out *ProjectMembership)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RoleBinding ¶ added in v0.14.0
type RoleBinding struct {
// NameSuffix is the name suffix of the temporary (Cluster)RoleBinding that will be created. NameSuffix should be unique
NameSuffix string `json:"nameSuffix"`
// RoleRef references the Role or ClusterRole to bind to. For RoleBinding, it can reference a Role in the same namespace or a ClusterRole. For ClusterRoleBinding, it can only reference a ClusterRole.
RoleRef rbacv1.RoleRef `json:"roleRef"`
// BindingKind defines the desired role binding. ClusterRoleBinding will result in a ClusterRoleBinding. RoleBinding will result in a RoleBinding.
BindingKind BindingKind `json:"bindingKind"`
}
func (*RoleBinding) DeepCopy ¶ added in v0.14.0
func (in *RoleBinding) DeepCopy() *RoleBinding
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleBinding.
func (*RoleBinding) DeepCopyInto ¶ added in v0.14.0
func (in *RoleBinding) DeepCopyInto(out *RoleBinding)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Server ¶ added in v0.31.0
type Server struct {
// BindAddress is the IP address on which to listen for the specified port.
BindAddress string `json:"bindAddress"`
// Port is the port on which to serve requests.
Port int `json:"port"`
}
Server contains information for HTTP(S) server configuration.
func (*Server) DeepCopy ¶ added in v0.31.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Server.
func (*Server) DeepCopyInto ¶ added in v0.31.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ServerConfiguration ¶ added in v0.31.0
type ServerConfiguration struct {
// HealthProbes is the configuration for serving the healthz and readyz endpoints.
HealthProbes *Server `json:"healthProbes"`
// Metrics is the configuration for serving the metrics endpoint.
Metrics *Server `json:"metrics"`
}
ServerConfiguration contains details for the HTTP(S) servers.
func (*ServerConfiguration) DeepCopy ¶ added in v0.31.0
func (in *ServerConfiguration) DeepCopy() *ServerConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServerConfiguration.
func (*ServerConfiguration) DeepCopyInto ¶ added in v0.31.0
func (in *ServerConfiguration) DeepCopyInto(out *ServerConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ServiceAccountControllerConfiguration ¶ added in v0.31.0
type ServiceAccountControllerConfiguration struct {
// MaxConcurrentReconciles is the maximum number of concurrent Reconciles which can be run. Defaults to 1.
MaxConcurrentReconciles int `json:"maxConcurrentReconciles"`
// AllowedServiceAccountNames is a list of service account names that are allowed to be cleaned up as project members.
// If the list is empty all names are considered as allowed
AllowedServiceAccountNames []string `json:"allowedServiceAccountNames"`
}
ServiceAccountControllerConfiguration defines the configuration of the ServiceAccount controller.
func (*ServiceAccountControllerConfiguration) DeepCopy ¶ added in v0.31.0
func (in *ServiceAccountControllerConfiguration) DeepCopy() *ServiceAccountControllerConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceAccountControllerConfiguration.
func (*ServiceAccountControllerConfiguration) DeepCopyInto ¶ added in v0.31.0
func (in *ServiceAccountControllerConfiguration) DeepCopyInto(out *ServiceAccountControllerConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ShootRef ¶ added in v0.31.0
type ShootRef struct {
// Namespace is the namespace of the shoot cluster
Namespace string `json:"namespace"`
// Name is the name of the shoot cluster
Name string `json:"name"`
}
ShootRef references the shoot cluster by namespace and name
func (*ShootRef) DeepCopy ¶ added in v0.31.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ShootRef.
func (*ShootRef) DeepCopyInto ¶ added in v0.31.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TargetCluster ¶
type TargetCluster struct {
// ClusterCredentials define the credentials to the target cluster
Credentials ClusterCredentials `json:"credentials"`
// CleanupProjectMembership indicates if the service account referenced by credentials.serviceAccountRef should be removed as project member if not referenced anymore by a Terminal resource.
// If true, the credentials.serviceAccountRef.namespace must be the same as the Terminal resource.
// +optional
CleanupProjectMembership *bool `json:"cleanupProjectMembership,omitempty"`
// Namespace is a reference to the namespace within the target cluster in which the resources should be placed.
// This field should not be set if TemporaryNamespace is set to true
// +optional
Namespace *string `json:"namespace,omitempty"`
// TemporaryNamespace is a flag to indicate if the namespace should be ephemeral. If true, the namespace will be created and when the terminal is deleted, the namespace is also deleted.
// If true, the mutating webhook makes sure that a temporary namespace is set; in this case you cannot choose the namespace
// This field should be false if Namespace is set. You cannot define the name of the temporary namespace.
// +optional
TemporaryNamespace *bool `json:"temporaryNamespace,omitempty"`
// KubeconfigContextNamespace is a reference to the namespace within the host cluster that should be used as default in the kubeconfig context
KubeconfigContextNamespace string `json:"kubeconfigContextNamespace"`
// APIServerServiceRef is a reference to the kube-apiserver service on the host cluster that points to the kube-apiserver of the target cluster. If no namespace is set on the object reference, it is defaulted to Spec.Host.Namespace.
// +optional
// Deprecated: use APIServer.ServiceRef instead
APIServerServiceRef *corev1.ObjectReference `json:"apiServerServiceRef,omitempty"`
// APIServer references the kube-apiserver of the target cluster.
// +optional
APIServer *APIServer `json:"apiServer,omitempty"`
// RoleName is the name of the ClusterRole the "access" service account is bound to.
// +optional
// Deprecated: use Authorization.RoleBindings[].RoleRef.NameSuffix instead
RoleName string `json:"roleName,omitempty"`
// BindingKind defines the desired role binding. ClusterRoleBinding will result in a ClusterRoleBinding. RoleBinding will result in a RoleBinding.
// +optional
// Deprecated: use Authorization.RoleBindings[].BindingKind instead
BindingKind BindingKind `json:"bindingKind,omitempty"`
Authorization *Authorization `json:"authorization,omitempty"`
}
TargetCluster defines the desired state of the resources related to the target cluster
func (*TargetCluster) DeepCopy ¶
func (in *TargetCluster) DeepCopy() *TargetCluster
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetCluster.
func (*TargetCluster) DeepCopyInto ¶
func (in *TargetCluster) DeepCopyInto(out *TargetCluster)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Terminal ¶
type Terminal struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec TerminalSpec `json:"spec,omitempty"`
Status TerminalStatus `json:"status,omitempty"`
}
Terminal is the Schema for the terminals API
func (*Terminal) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Terminal.
func (*Terminal) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Terminal) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type TerminalControllerConfiguration ¶
type TerminalControllerConfiguration struct {
// MaxConcurrentReconciles is the maximum number of concurrent Reconciles which can be run. Defaults to 15.
MaxConcurrentReconciles int `json:"maxConcurrentReconciles"`
// MaxConcurrentReconciles is the maximum number of concurrent Reconciles which can be run per Namespace (independent of the user who created the Terminal resource). Defaults to 3.
MaxConcurrentReconcilesPerNamespace int `json:"maxConcurrentReconcilesPerNamespace"`
// TokenRequestExpirationSeconds is the requested duration of validity of the access token request.
// The token issuer may return a token with a different validity duration.
TokenRequestExpirationSeconds *int64 `json:"tokenRequestExpirationSeconds"`
}
TerminalControllerConfiguration defines the configuration of the Terminal controller.
func (*TerminalControllerConfiguration) DeepCopy ¶
func (in *TerminalControllerConfiguration) DeepCopy() *TerminalControllerConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TerminalControllerConfiguration.
func (*TerminalControllerConfiguration) DeepCopyInto ¶
func (in *TerminalControllerConfiguration) DeepCopyInto(out *TerminalControllerConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TerminalHeartbeatControllerConfiguration ¶
type TerminalHeartbeatControllerConfiguration struct {
// MaxConcurrentReconciles is the maximum number of concurrent Reconciles which can be run. Defaults to 1.
MaxConcurrentReconciles int `json:"maxConcurrentReconciles"`
// TimeToLive is the duration a Terminal resource can live without receiving a heartbeat with the "dashboard.gardener.cloud/operation=keepalive" annotation. Defaults to 5m.
TimeToLive Duration `json:"timeToLive"`
}
TerminalHeartbeatControllerConfiguration defines the configuration of the TerminalHeartbeat controller.
func (*TerminalHeartbeatControllerConfiguration) DeepCopy ¶
func (in *TerminalHeartbeatControllerConfiguration) DeepCopy() *TerminalHeartbeatControllerConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TerminalHeartbeatControllerConfiguration.
func (*TerminalHeartbeatControllerConfiguration) DeepCopyInto ¶
func (in *TerminalHeartbeatControllerConfiguration) DeepCopyInto(out *TerminalHeartbeatControllerConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TerminalList ¶
type TerminalList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []Terminal `json:"items"`
}
TerminalList contains a list of Terminal
func (*TerminalList) DeepCopy ¶
func (in *TerminalList) DeepCopy() *TerminalList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TerminalList.
func (*TerminalList) DeepCopyInto ¶
func (in *TerminalList) DeepCopyInto(out *TerminalList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*TerminalList) DeepCopyObject ¶
func (in *TerminalList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type TerminalSpec ¶
type TerminalSpec struct {
Identifier string `json:"identifier"`
Host HostCluster `json:"host"`
Target TargetCluster `json:"target"`
}
TerminalSpec defines the desired state of Terminal
func (*TerminalSpec) DeepCopy ¶
func (in *TerminalSpec) DeepCopy() *TerminalSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TerminalSpec.
func (*TerminalSpec) DeepCopyInto ¶
func (in *TerminalSpec) DeepCopyInto(out *TerminalSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TerminalStatus ¶
type TerminalStatus struct {
// AttachServiceAccountName is the name of service account on the host cluster
// +optional
AttachServiceAccountName *string `json:"attachServiceAccountName,omitempty"`
// PodName is the name of the pod on the host cluster
// +optional
PodName *string `json:"podName,omitempty"`
// LastOperation indicates the type and the state of the last operation, along with a description message.
// +optional
LastOperation *LastOperation `json:"lastOperation,omitempty"`
// LastError contains details about the last error that occurred.
// +optional
LastError *LastError `json:"lastError,omitempty"`
}
TerminalStatus defines the observed state of Terminal
func (*TerminalStatus) DeepCopy ¶
func (in *TerminalStatus) DeepCopy() *TerminalStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TerminalStatus.
func (*TerminalStatus) DeepCopyInto ¶
func (in *TerminalStatus) DeepCopyInto(out *TerminalStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TerminalValidatingWebhookConfiguration ¶
type TerminalValidatingWebhookConfiguration struct {
// MaxObjectSize is the maximum size of a terminal resource in bytes. Defaults to 10240.
MaxObjectSize int `json:"maxObjectSize"`
}
TerminalValidatingWebhookConfiguration defines the configuration of the validating webhook.
func (*TerminalValidatingWebhookConfiguration) DeepCopy ¶
func (in *TerminalValidatingWebhookConfiguration) DeepCopy() *TerminalValidatingWebhookConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TerminalValidatingWebhookConfiguration.
func (*TerminalValidatingWebhookConfiguration) DeepCopyInto ¶
func (in *TerminalValidatingWebhookConfiguration) DeepCopyInto(out *TerminalValidatingWebhookConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files