v1alpha1

package
v0.19.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 22, 2026 License: Apache-2.0 Imports: 13 Imported by: 22

Documentation

Overview

+kubebuilder:object:generate=true +groupName=clusters.openmcp.cloud

Index

Constants

View Source 
const (
	// AccessRequestPending is the phase if the AccessRequest has not been scheduled yet.
	AccessRequestPending = "Pending"
	// AccessRequestGranted is the phase if the AccessRequest has been granted.
	AccessRequestGranted = "Granted"
)
View Source 
const (
	// CLUSTER_PHASE_UNKNOWN represents an unknown status for the cluster.
	CLUSTER_PHASE_UNKNOWN string = "Unknown"
	// CLUSTER_PHASE_READY represents a cluster that is ready.
	CLUSTER_PHASE_READY string = "Ready"
	// CLUSTER_PHASE_NOT_READY represents a cluster that is not ready.
	CLUSTER_PHASE_NOT_READY string = "Not Ready"
	// CLUSTER_PHASE_ERROR represents a cluster that could not be reconciled successfully.
	CLUSTER_PHASE_ERROR string = "Error"
	// CLUSTER_PHASE_DELETING represents a cluster that is being deleted.
	CLUSTER_PHASE_DELETING string = "In Deletion"
	// CLUSTER_PHASE_DELETING_ERROR represents a cluster that could not be reconciled successfully while being in deletion.
	CLUSTER_PHASE_DELETING_ERROR string = "Error In Deletion"
)
View Source 
const (
	// ClusterRequestPending is the phase if the ClusterRequest has not been scheduled yet.
	ClusterRequestPending = "Pending"
	// ClusterRequestScheduled is the phase if the ClusterRequest has been scheduled.
	ClusterRequestScheduled = "Scheduled"
)
View Source 
const (
	// PURPOSE_PLATFORM means platform controllers will run on the cluster.
	PURPOSE_PLATFORM = "platform"
	// PURPOSE_WORKLOAD means workload controllers will run on the cluster.
	PURPOSE_WORKLOAD = "workload"
	// PURPOSE_ONBOARDING means the cluster is used for onboarding resources.
	// Onboarding clusters can be workerless.
	PURPOSE_ONBOARDING = "onboarding"
	// PURPOSE_MCP means the cluster is used as an MCP cluster.
	// MCP clusters can be workerless.
	PURPOSE_MCP = "mcp"
)
View Source 
const (
	// PHASE_UNKNOWN represents an unknown phase for the cluster.
	PHASE_UNKNOWN string = "Unknown"
	// PHASE_PROGRESSING indicates that the cluster is being created or updated.
	PHASE_PROGRESSING string = "Progressing"
	// PHASE_SUCCEEDED indicates that the cluster is ready.
	PHASE_SUCCEEDED string = "Succeeded"
	// PHASE_FAILED indicates that an error occurred while creating or updating the cluster.
	PHASE_FAILED string = "Failed"
	// PHASE_DELETING indicates that the cluster is being deleted.
	PHASE_DELETING string = "Deleting"
	// PHASE_DELETION_FAILED indicates that an error occurred while deleting the cluster.
	PHASE_DELETION_FAILED string = "DeletionFailed"
)
View Source 
const (
	// REQUEST_PENDING indicates that the request has neither been granted nor denied yet.
	REQUEST_PENDING string = "Pending"
	// REQUEST_GRANTED indicates that the request has been granted.
	REQUEST_GRANTED string = "Granted"
	// REQUEST_DENIED indicates that the request has been denied.
	REQUEST_DENIED string = "Denied"
)
View Source 
const (
	// K8sVersionLabel can be used to display the k8s version of the cluster.
	// This is useful since the cluster spec can contain only a partial version (e.g. "1.23") or no version at all, so the actual version can not be determined from the spec alone.
	// The responsible ClusterProvider has to set this label.
	K8sVersionLabel = GroupName + "/k8sversion"
	// ProviderInfoAnnotation can be used to display provider-specific information about the cluster.
	// The responsible ClusterProvider can set this annotation to display additional information about the cluster.
	// The value will be shown in a column when 'kubectl get clusters -o wide' is used.
	ProviderInfoAnnotation = GroupName + "/providerinfo"
	// ProviderLabel can be used to display the provider of the cluster.
	// It is also used to indicate the provider that is responsible for an AccessRequest.
	// For clusters, the responsible ClusterProvider has to set this label.
	// For AccessRequests, the generic controller that is part of the openMCP Operator sets it.
	ProviderLabel = GroupName + "/provider"

	// DeleteWithoutRequestsLabel marks that the corresponding cluster can be deleted if the scheduler removes the last request pointing to it.
	// Its value must be "true" for the label to take effect.
	DeleteWithoutRequestsLabel = GroupName + "/delete-without-requests"
	// ProfileLabel is used to make the profile information easily accessible on AccessRequests.
	ProfileLabel = GroupName + "/profile"
	// RandomizeClusterNameLabel can be set to "true" on ClusterRequests to have the corresponding Cluster get a randomized name.
	// This is meant as a tool for operators to resolve conflicts, which itself should be rare.
	RandomizeClusterNameLabel = GroupName + "/randomize-cluster-name"
)
View Source 
const (
	// ClusterRequestFinalizer is the finalizer used on ClusterRequest resources
	ClusterRequestFinalizer = GroupName + "/request"
	// RequestFinalizerOnClusterPrefix is the prefix for the finalizers that mark a Cluster as being referenced by a ClusterRequest.
	RequestFinalizerOnClusterPrefix = "request." + GroupName + "/"
)
View Source 
const (
	// SecretKeyKubeconfig is the name of the key in the AccessRequest secret that contains the kubeconfig.
	SecretKeyKubeconfig = "kubeconfig"
	// SecretKeyExpirationTimestamp is the name of the key in the AccessRequest secret that contains the expiration timestamp.
	// This value is optional and must not be set for non-expiring authentication methods.
	SecretKeyExpirationTimestamp = "expirationTimestamp"
	// SecretKeyCreationTimestamp is the name of the key in the AccessRequest secret that contains the creation timestamp.
	// This value is optional and must not be set for non-expiring authentication methods.
	SecretKeyCreationTimestamp = "creationTimestamp"
	// SecretKeyClientID is the name of the key in the AccessRequest secret that contains the client ID.
	// This value is optional and must not be set for non-OIDC-based authentication methods.
	SecretKeyClientID = "clientID"
	// SecretKeyHost is the name of the key in the AccessRequest secret that contains the host of the cluster.
	// This value is optional.
	SecretKeyHost = "host"
	// SecretKeyCA is the name of the key in the AccessRequest secret that contains the CA certificate of the cluster.
	// This value is optional.
	SecretKeyCA = "ca.crt"
	// SecretKeyToken is the name of the key in the AccessRequest secret that contains the token.
	// This value is optional.
	SecretKeyToken = "token"
)
View Source 
const GroupName = "clusters." + apiconst.OpenMCPGroupName

Variables

View Source 
var (
	// GroupVersion is group version used to register these objects
	GroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

This section is empty.

Types

type AccessRequest 

type AccessRequest struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AccessRequestSpec   `json:"spec,omitempty"`
	Status AccessRequestStatus `json:"status,omitempty"`
}

AccessRequest is the Schema for the accessrequests API

func (*AccessRequest) DeepCopy 

func (in *AccessRequest) DeepCopy() *AccessRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessRequest.

func (*AccessRequest) DeepCopyInto 

func (in *AccessRequest) DeepCopyInto(out *AccessRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AccessRequest) DeepCopyObject 

func (in *AccessRequest) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AccessRequestList 

type AccessRequestList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AccessRequest `json:"items"`
}

AccessRequestList contains a list of AccessRequest

func (*AccessRequestList) DeepCopy 

func (in *AccessRequestList) DeepCopy() *AccessRequestList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessRequestList.

func (*AccessRequestList) DeepCopyInto 

func (in *AccessRequestList) DeepCopyInto(out *AccessRequestList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AccessRequestList) DeepCopyObject 

func (in *AccessRequestList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AccessRequestSpec 

type AccessRequestSpec struct {
	// ClusterRef is the reference to the Cluster for which access is requested.
	// If set, requestRef will be ignored.
	// This value is immutable.
	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="clusterRef is immutable"
	// +optional
	ClusterRef *commonapi.ObjectReference `json:"clusterRef,omitempty"`

	// RequestRef is the reference to the ClusterRequest for whose Cluster access is requested.
	// Is ignored if clusterRef is set.
	// This value is immutable.
	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="requestRef is immutable"
	// +optional
	RequestRef *commonapi.ObjectReference `json:"requestRef,omitempty"`

	// Token is the configuration for token-based access.
	// Exactly one of Token or OIDC must be set.
	// +optional
	Token *TokenConfig `json:"token,omitempty"`

	// OIDC is the configuration for OIDC-based access.
	// Exactly one of Token or OIDC must be set.
	// +optional
	OIDC *OIDCConfig `json:"oidc,omitempty"`

	// TTL is the desired time-to-live for the granted access.
	// The AccessRequest will be automatically deleted after the TTL has expired.
	// Note that this value refers to the creation time of the AccessRequest, not the time the access was granted.
	// Leave nil for unlimited TTL.
	// +optional
	TTL *metav1.Duration `json:"ttl,omitempty"`
}

+kubebuilder:validation:XValidation:rule="!has(oldSelf.clusterRef) || has(self.clusterRef)", message="clusterRef may not be removed once set" +kubebuilder:validation:XValidation:rule="!has(oldSelf.requestRef) || has(self.requestRef)", message="requestRef may not be removed once set" +kubebuilder:validation:XValidation:rule="(has(self.token) && !has(self.oidc)) || (!has(self.token) && has(self.oidc))",message="exactly one of spec.token or spec.oidc must be set"

func (*AccessRequestSpec) DeepCopy 

func (in *AccessRequestSpec) DeepCopy() *AccessRequestSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessRequestSpec.

func (*AccessRequestSpec) DeepCopyInto 

func (in *AccessRequestSpec) DeepCopyInto(out *AccessRequestSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AccessRequestStatus 

type AccessRequestStatus struct {
	commonapi.Status `json:",inline"`

	// SecretRef holds the reference to the secret that contains the actual credentials.
	// The secret is in the same namespace as the AccessRequest.
	// +optional
	SecretRef *commonapi.LocalObjectReference `json:"secretRef,omitempty"`
}

AccessRequestStatus defines the observed state of AccessRequest

func (*AccessRequestStatus) DeepCopy 

func (in *AccessRequestStatus) DeepCopy() *AccessRequestStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessRequestStatus.

func (*AccessRequestStatus) DeepCopyInto 

func (in *AccessRequestStatus) DeepCopyInto(out *AccessRequestStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (AccessRequestStatus) IsDenied added in v0.9.0 

func (ars AccessRequestStatus) IsDenied() bool

func (AccessRequestStatus) IsGranted added in v0.9.0 

func (ars AccessRequestStatus) IsGranted() bool

func (AccessRequestStatus) IsPending added in v0.9.0 

func (ars AccessRequestStatus) IsPending() bool

type Cluster 

type Cluster struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   ClusterSpec   `json:"spec,omitempty"`
	Status ClusterStatus `json:"status,omitempty"`
}

Cluster is the Schema for the clusters API

func (*Cluster) DeepCopy 

func (in *Cluster) DeepCopy() *Cluster

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Cluster.

func (*Cluster) DeepCopyInto 

func (in *Cluster) DeepCopyInto(out *Cluster)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Cluster) DeepCopyObject 

func (in *Cluster) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Cluster) GetPurposes added in v0.19.0 

func (c *Cluster) GetPurposes() []string

GetPurposes implements the ObjectWithPurposes interface.

func (*Cluster) GetRequestUIDs added in v0.4.0 

func (c *Cluster) GetRequestUIDs() sets.Set[string]

GetRequestUIDs returns the UIDs of all ClusterRequests that have marked this cluster with a corresponding finalizer.

func (*Cluster) GetTenancyCount 

func (c *Cluster) GetTenancyCount() int

GetTenancyCount returns the number of ClusterRequests currently pointing to this cluster. This is determined by counting the finalizers that have the corresponding prefix. Note that only unique finalizers are counted, so if there are multiple identical request finalizers (which should not happen), this method's return value might not match the actual number of finalizers with the prefix.

type ClusterList 

type ClusterList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Cluster `json:"items"`
}

ClusterList contains a list of Cluster

func (*ClusterList) DeepCopy 

func (in *ClusterList) DeepCopy() *ClusterList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterList.

func (*ClusterList) DeepCopyInto 

func (in *ClusterList) DeepCopyInto(out *ClusterList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClusterList) DeepCopyObject 

func (in *ClusterList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ClusterProfile 

type ClusterProfile struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec ClusterProfileSpec `json:"spec,omitempty"`
}

func (*ClusterProfile) DeepCopy 

func (in *ClusterProfile) DeepCopy() *ClusterProfile

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterProfile.

func (*ClusterProfile) DeepCopyInto 

func (in *ClusterProfile) DeepCopyInto(out *ClusterProfile)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClusterProfile) DeepCopyObject 

func (in *ClusterProfile) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ClusterProfileList 

type ClusterProfileList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ClusterProfile `json:"items"`
}

func (*ClusterProfileList) DeepCopy 

func (in *ClusterProfileList) DeepCopy() *ClusterProfileList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterProfileList.

func (*ClusterProfileList) DeepCopyInto 

func (in *ClusterProfileList) DeepCopyInto(out *ClusterProfileList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClusterProfileList) DeepCopyObject 

func (in *ClusterProfileList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ClusterProfileSpec 

type ClusterProfileSpec struct {
	// ProviderRef is a reference to the ClusterProvider
	ProviderRef commonapi.LocalObjectReference `json:"providerRef"`

	// ProviderConfigRef is a reference to the provider-specific configuration.
	ProviderConfigRef commonapi.LocalObjectReference `json:"providerConfigRef"`

	// SupportedVersions are the supported Kubernetes versions.
	SupportedVersions []SupportedK8sVersion `json:"supportedVersions"`
}

ClusterProfileSpec defines the desired state of Provider.

func (*ClusterProfileSpec) DeepCopy 

func (in *ClusterProfileSpec) DeepCopy() *ClusterProfileSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterProfileSpec.

func (*ClusterProfileSpec) DeepCopyInto 

func (in *ClusterProfileSpec) DeepCopyInto(out *ClusterProfileSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClusterRequest 

type ClusterRequest struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   ClusterRequestSpec   `json:"spec,omitempty"`
	Status ClusterRequestStatus `json:"status,omitempty"`
}

ClusterRequest is the Schema for the clusters API

func (*ClusterRequest) DeepCopy 

func (in *ClusterRequest) DeepCopy() *ClusterRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterRequest.

func (*ClusterRequest) DeepCopyInto 

func (in *ClusterRequest) DeepCopyInto(out *ClusterRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClusterRequest) DeepCopyObject 

func (in *ClusterRequest) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ClusterRequest) FinalizerForCluster 

func (cr *ClusterRequest) FinalizerForCluster() string

FinalizerForCluster returns the finalizer that is used to mark that a specific request has pointed to a specific cluster. Apart from preventing the Cluster's deletion, this information is used to recover the Cluster if the status of the ClusterRequest ever gets lost.

func (*ClusterRequest) GetPurposes added in v0.19.0 

func (cr *ClusterRequest) GetPurposes() []string

GetPurposes implements the ObjectWithPurposes interface.

type ClusterRequestList 

type ClusterRequestList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ClusterRequest `json:"items"`
}

ClusterRequestList contains a list of Cluster

func (*ClusterRequestList) DeepCopy 

func (in *ClusterRequestList) DeepCopy() *ClusterRequestList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterRequestList.

func (*ClusterRequestList) DeepCopyInto 

func (in *ClusterRequestList) DeepCopyInto(out *ClusterRequestList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClusterRequestList) DeepCopyObject 

func (in *ClusterRequestList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ClusterRequestSpec 

type ClusterRequestSpec struct {
	// Purpose is the purpose of the requested cluster.
	// +kubebuilder:validation:MinLength=1
	Purpose string `json:"purpose"`

	// WaitForClusterDeletion specifies whether the ClusterProvider should remove its finalizer from the ClusterRequest only after the corresponding Cluster has been deleted.
	// 'true' means that the finalizer stays until the Cluster is gone, 'false' means that the finalizer can be removed before the Cluster has been deleted.
	// If not specified, this defaults to 'true' if the cluster's tenancy is 'Exclusive' and to 'false' otherwise.
	// Note that the delayed finalizer removal only occurs if the deletion of the ClusterRequest actually triggers the deletion of the Cluster.
	// If the cluster is shared with further ClusterRequests using it or if it does not have the 'clusters.openmcp.cloud/delete-without-requests' label set to 'true',
	// the finalizer will be removed without waiting for the Cluster deletion, independently of this setting.
	// +optional
	WaitForClusterDeletion *bool `json:"waitForClusterDeletion,omitempty"`
}

+kubebuilder:validation:XValidation:rule="self == oldSelf",message="spec is immutable"

func (*ClusterRequestSpec) DeepCopy 

func (in *ClusterRequestSpec) DeepCopy() *ClusterRequestSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterRequestSpec.

func (*ClusterRequestSpec) DeepCopyInto 

func (in *ClusterRequestSpec) DeepCopyInto(out *ClusterRequestSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClusterRequestStatus 

type ClusterRequestStatus struct {
	commonapi.Status `json:",inline"`

	// Cluster is the reference to the Cluster that was returned as a result of a granted request.
	// Note that this information needs to be recoverable in case this status is lost, e.g. by adding a back reference in form of a finalizer to the Cluster resource.
	// +optional
	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="cluster is immutable"
	Cluster *commonapi.ObjectReference `json:"cluster,omitempty"`
}

+kubebuilder:validation:XValidation:rule="!has(oldSelf.cluster) || has(self.cluster)", message="cluster may not be removed once set"

func (*ClusterRequestStatus) DeepCopy 

func (in *ClusterRequestStatus) DeepCopy() *ClusterRequestStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterRequestStatus.

func (*ClusterRequestStatus) DeepCopyInto 

func (in *ClusterRequestStatus) DeepCopyInto(out *ClusterRequestStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (ClusterRequestStatus) IsDenied added in v0.9.0 

func (crs ClusterRequestStatus) IsDenied() bool

func (ClusterRequestStatus) IsGranted added in v0.9.0 

func (crs ClusterRequestStatus) IsGranted() bool

func (ClusterRequestStatus) IsPending added in v0.9.0 

func (crs ClusterRequestStatus) IsPending() bool

type ClusterSpec 

type ClusterSpec struct {
	// Profile is a reference to the cluster provider.
	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="profile is immutable"
	Profile string `json:"profile"`

	// ClusterConfigs allows to reference any amount of provider-specific cluster configuration objects.
	// The k8s resource kind that is referenced by this depends on the provider (which is defined by the profile).
	// +optional
	ClusterConfigs []commonapi.LocalObjectReference `json:"clusterConfigs,omitempty"`

	// Kubernetes configuration for the cluster.
	Kubernetes K8sConfiguration `json:"kubernetes,omitempty"`

	// Purposes lists the purposes this cluster is intended for.
	// +kubebuilder:validation:MinItems=1
	Purposes []string `json:"purposes,omitempty"`

	// Tenancy is the tenancy model of the cluster.
	// +kubebuilder:validation:Enum=Exclusive;Shared
	Tenancy Tenancy `json:"tenancy"`
}

ClusterSpec defines the desired state of Cluster

func (*ClusterSpec) DeepCopy 

func (in *ClusterSpec) DeepCopy() *ClusterSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterSpec.

func (*ClusterSpec) DeepCopyInto 

func (in *ClusterSpec) DeepCopyInto(out *ClusterSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClusterStatus 

type ClusterStatus struct {
	commonapi.Status `json:",inline"`

	// APIServer is the API server endpoint of the cluster.
	// +optional
	APIServer string `json:"apiServer,omitempty"`

	// ProviderStatus is the provider-specific status of the cluster.
	// x-kubernetes-preserve-unknown-fields: true
	// +optional
	ProviderStatus *runtime.RawExtension `json:"providerStatus,omitempty"`
}

ClusterStatus defines the observed state of Cluster

func (*ClusterStatus) DeepCopy 

func (in *ClusterStatus) DeepCopy() *ClusterStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterStatus.

func (*ClusterStatus) DeepCopyInto 

func (in *ClusterStatus) DeepCopyInto(out *ClusterStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClusterStatus) GetProviderStatus 

func (cs *ClusterStatus) GetProviderStatus(into any) error

GetProviderStatus tries to unmarshal the provider status into the given variable.

func (*ClusterStatus) SetProviderStatus 

func (cs *ClusterStatus) SetProviderStatus(from any) error

SetProviderStatus marshals the given variable into the provider status.

type IdentityLabelPurposeSelector added in v0.19.0 

type IdentityLabelPurposeSelector struct {
	IdentitySelector `json:",inline"`
	PurposeSelector  `json:",inline"`
	LabelSelector    `json:",inline"`
}

IdentityLabelPurposeSelector combines an identity selector, a purpose selector and a label selector. If the identity selector is not nil, the other selectors are ignored and only the identities are matched. Otherwise, an object must match both the label selector and the purpose selector to be selected.

func (*IdentityLabelPurposeSelector) DeepCopy added in v0.19.0 

func (in *IdentityLabelPurposeSelector) DeepCopy() *IdentityLabelPurposeSelector

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityLabelPurposeSelector.

func (*IdentityLabelPurposeSelector) DeepCopyInto added in v0.19.0 

func (in *IdentityLabelPurposeSelector) DeepCopyInto(out *IdentityLabelPurposeSelector)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IdentityLabelPurposeSelector) Empty added in v0.19.0 

func (s *IdentityLabelPurposeSelector) Empty() bool

func (*IdentityLabelPurposeSelector) Matches added in v0.19.0 

func (s *IdentityLabelPurposeSelector) Matches(obj ObjectWithPurposes) bool

func (*IdentityLabelPurposeSelector) Validate added in v0.19.0 

func (s *IdentityLabelPurposeSelector) Validate() error

type IdentityLabelSelector added in v0.19.0 

type IdentityLabelSelector struct {
	IdentitySelector `json:",inline"`
	LabelSelector    `json:",inline"`
}

IdentityLabelSelector combines an identity selector and a label selector. Note that the label selector is ignored if the identity selector is not nil.

func (*IdentityLabelSelector) DeepCopy added in v0.19.0 

func (in *IdentityLabelSelector) DeepCopy() *IdentityLabelSelector

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityLabelSelector.

func (*IdentityLabelSelector) DeepCopyInto added in v0.19.0 

func (in *IdentityLabelSelector) DeepCopyInto(out *IdentityLabelSelector)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IdentityLabelSelector) Empty added in v0.19.0 

func (s *IdentityLabelSelector) Empty() bool

func (*IdentityLabelSelector) Matches added in v0.19.0 

func (s *IdentityLabelSelector) Matches(obj ObjectWithPurposes) bool

func (*IdentityLabelSelector) Validate added in v0.19.0 

func (s *IdentityLabelSelector) Validate() error

type IdentityPurposeSelector added in v0.19.0 

type IdentityPurposeSelector struct {
	IdentitySelector `json:",inline"`
	PurposeSelector  `json:",inline"`
}

IdentityPurposeSelector combines an identity selector and a purpose selector. Note that the purpose selector is ignored if the identity selector is not nil.

func (*IdentityPurposeSelector) DeepCopy added in v0.19.0 

func (in *IdentityPurposeSelector) DeepCopy() *IdentityPurposeSelector

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityPurposeSelector.

func (*IdentityPurposeSelector) DeepCopyInto added in v0.19.0 

func (in *IdentityPurposeSelector) DeepCopyInto(out *IdentityPurposeSelector)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IdentityPurposeSelector) Empty added in v0.19.0 

func (s *IdentityPurposeSelector) Empty() bool

func (*IdentityPurposeSelector) Matches added in v0.19.0 

func (s *IdentityPurposeSelector) Matches(obj ObjectWithPurposes) bool

func (*IdentityPurposeSelector) Validate added in v0.19.0 

func (s *IdentityPurposeSelector) Validate() error

type IdentitySelector added in v0.19.0 

type IdentitySelector struct {
	// MatchIdentities contains a list of object references and matches only the objects with the given identities.
	// If this selector is nil, all objects match.
	// If this selector is not nil, but the list is empty, no objects match.
	// If not nil, all other selector fields are ignored and only the identities are matched.
	// +optional
	// +listType=atomic
	MatchIdentities []common.ObjectReference `json:"matchIdentities,omitempty"`
}

func (*IdentitySelector) DeepCopy added in v0.19.0 

func (in *IdentitySelector) DeepCopy() *IdentitySelector

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentitySelector.

func (*IdentitySelector) DeepCopyInto added in v0.19.0 

func (in *IdentitySelector) DeepCopyInto(out *IdentitySelector)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IdentitySelector) Empty added in v0.19.0 

func (s *IdentitySelector) Empty() bool

func (*IdentitySelector) Matches added in v0.19.0 

func (s *IdentitySelector) Matches(obj ObjectWithPurposes) bool

func (*IdentitySelector) Validate added in v0.19.0 

func (s *IdentitySelector) Validate() error

type K8sConfiguration 

type K8sConfiguration struct {
	// Version is the k8s version of the cluster.
	Version string `json:"version,omitempty"`
}

func (*K8sConfiguration) DeepCopy 

func (in *K8sConfiguration) DeepCopy() *K8sConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new K8sConfiguration.

func (*K8sConfiguration) DeepCopyInto 

func (in *K8sConfiguration) DeepCopyInto(out *K8sConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LabelPurposeSelector added in v0.19.0 

type LabelPurposeSelector struct {
	PurposeSelector `json:",inline"`
	LabelSelector   `json:",inline"`
}

LabelPurposeSelector combines a label selector and a purpose selector. An object must match both selectors to be selected.

func (*LabelPurposeSelector) DeepCopy added in v0.19.0 

func (in *LabelPurposeSelector) DeepCopy() *LabelPurposeSelector

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LabelPurposeSelector.

func (*LabelPurposeSelector) DeepCopyInto added in v0.19.0 

func (in *LabelPurposeSelector) DeepCopyInto(out *LabelPurposeSelector)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*LabelPurposeSelector) Empty added in v0.19.0 

func (s *LabelPurposeSelector) Empty() bool

func (*LabelPurposeSelector) Matches added in v0.19.0 

func (s *LabelPurposeSelector) Matches(obj ObjectWithPurposes) bool

func (*LabelPurposeSelector) Validate added in v0.19.0 

func (s *LabelPurposeSelector) Validate() error

type LabelSelector added in v0.19.0 

type LabelSelector metav1.LabelSelector

func (*LabelSelector) DeepCopy added in v0.19.0 

func (in *LabelSelector) DeepCopy() *LabelSelector

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LabelSelector.

func (*LabelSelector) DeepCopyInto added in v0.19.0 

func (in *LabelSelector) DeepCopyInto(out *LabelSelector)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*LabelSelector) Empty added in v0.19.0 

func (s *LabelSelector) Empty() bool

func (*LabelSelector) Matches added in v0.19.0 

func (s *LabelSelector) Matches(obj ObjectWithPurposes) bool

func (*LabelSelector) Validate added in v0.19.0 

func (s *LabelSelector) Validate() error

type OIDCConfig added in v0.12.0 

type OIDCConfig struct {
	commonapi.OIDCProviderConfig `json:",inline"`

	// Roles are additional (Cluster)Roles that should be created.
	// Note that they are not automatically bound to any user.
	// It is strongly recommended to set the name field so that the created (Cluster)Roles can be referenced in the RoleBindings field.
	// +optional
	Roles []PermissionsRequest `json:"roles,omitempty"`
}

func (*OIDCConfig) DeepCopy added in v0.12.0 

func (in *OIDCConfig) DeepCopy() *OIDCConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCConfig.

func (*OIDCConfig) DeepCopyInto added in v0.12.0 

func (in *OIDCConfig) DeepCopyInto(out *OIDCConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ObjectWithPurposes added in v0.19.0 

type ObjectWithPurposes interface {
	client.Object
	GetPurposes() []string
}

+kubebuilder:object:generate=false

type PermissionsRequest 

type PermissionsRequest struct {
	// Name is an optional name for the (Cluster)Role that will be created for the requested permissions.
	// If not set, a randomized name that is unique in the cluster will be generated.
	// Note that the AccessRequest will not be granted if the to-be-created (Cluster)Role already exists, but is not managed by the AccessRequest, so choose this name carefully.
	// +optional
	Name string `json:"name,omitempty"`

	// Namespace is the namespace for which the permissions are requested.
	// If empty, this will result in a ClusterRole, otherwise in a Role in the respective namespace.
	// Note that for a Role, the namespace needs to either exist or a permission to create it must be included in the requested permissions (it will be created automatically then), otherwise the request will be rejected.
	// +optional
	Namespace string `json:"namespace,omitempty"`

	// Rules are the requested RBAC rules.
	Rules []rbacv1.PolicyRule `json:"rules"`
}

func (*PermissionsRequest) DeepCopy 

func (in *PermissionsRequest) DeepCopy() *PermissionsRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PermissionsRequest.

func (*PermissionsRequest) DeepCopyInto 

func (in *PermissionsRequest) DeepCopyInto(out *PermissionsRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PurposeSelector added in v0.19.0 

type PurposeSelector struct {
	// MatchPurposes contains a list of purpose selector requirements.
	// An empty or nil list matches all objects.
	// Duplicate purposes within a single requirement are ignored.
	// The requirements are ANDed.
	// +optional
	// +listType=atomic
	MatchPurposes []PurposeSelectorRequirement `json:"matchPurposes,omitempty"`
}

func (*PurposeSelector) DeepCopy added in v0.19.0 

func (in *PurposeSelector) DeepCopy() *PurposeSelector

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PurposeSelector.

func (*PurposeSelector) DeepCopyInto added in v0.19.0 

func (in *PurposeSelector) DeepCopyInto(out *PurposeSelector)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PurposeSelector) Empty added in v0.19.0 

func (s *PurposeSelector) Empty() bool

func (*PurposeSelector) Matches added in v0.19.0 

func (s *PurposeSelector) Matches(obj ObjectWithPurposes) bool

func (*PurposeSelector) Validate added in v0.19.0 

func (s *PurposeSelector) Validate() error

type PurposeSelectorOperator added in v0.19.0 

type PurposeSelectorOperator string

PurposeSelectorOperator is the set of operators that can be used in a selector requirement. 

const (
	// PurposeSelectorOpContainsAll matches only if the actual purpose list contains all of the values from the selector.
	PurposeSelectorOpContainsAll PurposeSelectorOperator = "ContainsAll"
	// PurposeSelectorOpContainsAny matches if the actual purpose list contains any of the values from the selector.
	PurposeSelectorOpContainsAny PurposeSelectorOperator = "ContainsAny"
	// PurposeSelectorOpContainsNone matches only if the actual purpose list contains none of the values from the selector.
	PurposeSelectorOpContainsNone PurposeSelectorOperator = "ContainsNone"
	// PurposeSelectorOpEquals matches only if the actual purpose list is exactly equal to the values from the selector (ignoring order).
	PurposeSelectorOpEquals PurposeSelectorOperator = "Equals"
)

type PurposeSelectorRequirement added in v0.19.0 

type PurposeSelectorRequirement struct {
	// Operator represents how the list of purposes is matched against the values.
	// Valid operators are: 'ContainsAll', 'ContainsAny', 'ContainsNone', 'Equals'.
	Operator PurposeSelectorOperator `json:"operator"`
	// Values is an array of string values.
	// An empty or nil array will match no objects for 'ContainsAll' and 'ContainsAny',
	// all objects for 'ContainsNone', and only objects with no purposes for 'Equals'.
	// This array is replaced during a strategic merge patch.
	// +optional
	// +listType=atomic
	Values []string `json:"values,omitempty" protobuf:"bytes,3,rep,name=values"`
}

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

func (*PurposeSelectorRequirement) DeepCopy added in v0.19.0 

func (in *PurposeSelectorRequirement) DeepCopy() *PurposeSelectorRequirement

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PurposeSelectorRequirement.

func (*PurposeSelectorRequirement) DeepCopyInto added in v0.19.0 

func (in *PurposeSelectorRequirement) DeepCopyInto(out *PurposeSelectorRequirement)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Selector added in v0.19.0 

type Selector interface {
	// Empty checks whether the selector is empty (i.e. matches all objects).
	Empty() bool

	// Matches checks whether the given object matches the selector.
	// A nil object always matches.
	Matches(obj ObjectWithPurposes) bool

	// Validate checks whether the selector is valid.
	// Note that an invalid selector's behavior is undefined.
	Validate() error
}

+kubebuilder:object:generate=false

type SupportedK8sVersion 

type SupportedK8sVersion struct {
	// Version is the Kubernetes version.
	// +kubebuilder:validation:MinLength=5
	Version string `json:"version"`

	// Deprecated indicates whether this version is deprecated.
	Deprecated bool `json:"deprecated,omitempty"`
}

func (*SupportedK8sVersion) DeepCopy 

func (in *SupportedK8sVersion) DeepCopy() *SupportedK8sVersion

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SupportedK8sVersion.

func (*SupportedK8sVersion) DeepCopyInto 

func (in *SupportedK8sVersion) DeepCopyInto(out *SupportedK8sVersion)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Tenancy 

type Tenancy string
const (
	// TENANCY_SHARED means the cluster is shared among multiple tenants.
	TENANCY_SHARED Tenancy = "Shared"
	// TENANCY_EXCLUSIVE means the cluster is dedicated to a single tenant.
	TENANCY_EXCLUSIVE Tenancy = "Exclusive"
)

type TokenConfig added in v0.12.0 

type TokenConfig struct {
	// Permissions are the requested permissions.
	// If not empty, corresponding Roles and ClusterRoles will be created in the target cluster.
	// The created serviceaccount will be bound to the created Roles and ClusterRoles.
	// +optional
	Permissions []PermissionsRequest `json:"permissions,omitempty"`

	// RoleRefs are references to existing (Cluster)Roles that should be bound to the created serviceaccount.
	// +optional
	RoleRefs []commonapi.RoleRef `json:"roleRefs,omitempty"`
}

func (*TokenConfig) DeepCopy added in v0.12.0 

func (in *TokenConfig) DeepCopy() *TokenConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenConfig.

func (*TokenConfig) DeepCopyInto added in v0.12.0 

func (in *TokenConfig) DeepCopyInto(out *TokenConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.