v1

package
v0.0.0-...-eb0673e Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 4, 2026 License: Apache-2.0 Imports: 8 Imported by: 72

Documentation

Overview

Package v1 contains API Schema definitions for the cloudcredential v1 API group +k8s:deepcopy-gen=package +groupName=cloudcredential.openshift.io

Package v1 contains API Schema definitions for the cloudcredential v1 API group +k8s:openapi-gen=true +k8s:deepcopy-gen=package,register +k8s:conversion-gen=github.com/openshift/cloud-credential-operator/pkg/apis/cloudcredential +k8s:defaulter-gen=TypeMeta +groupName=cloudcredential.openshift.io

Index

Constants

View Source 
const (
	// FinalizerDeprovision is used on CredentialsRequests to ensure we delete the
	// credentials in AWS before allowing the CredentialsRequest to be deleted in etcd.
	FinalizerDeprovision string = "cloudcredential.openshift.io/deprovision"

	// LabelCredentialsRequest is to mark Secrets created as a target of CredentialsRequests.
	LabelCredentialsRequest      string = "cloudcredential.openshift.io/credentials-request"
	LabelCredentialsRequestValue string = "true"

	// AnnotationCredentialsRequest is used on Secrets created as a target of CredentialsRequests.
	// The annotation value will map back to the namespace/name of the CredentialsRequest that created
	// or adopted the secret.
	AnnotationCredentialsRequest string = "cloudcredential.openshift.io/credentials-request"

	// AnnotationAWSPolicyLastApplied is added to target Secrets indicating the last AWS policy
	// we successfully applied. It is used to compare if changes are necessary, without requiring
	// AWS credentials to view the actual state.
	AnnotationAWSPolicyLastApplied string = "cloudcredential.openshift.io/aws-policy-last-applied"

	// CloudCredOperatorNamespace is the namespace where the credentials operator runs.
	CloudCredOperatorNamespace = "openshift-cloud-credential-operator"
)

Variables

View Source 
var (
	GroupName     = "cloudcredential.openshift.io"
	GroupVersion  = schema.GroupVersion{Group: GroupName, Version: "v1"}
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	// Install is a function which adds this version to a scheme
	Install = SchemeBuilder.AddToScheme

	// SchemeGroupVersion generated code relies on this name
	// DEPRECATED
	SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"}
	// AddToScheme exists solely to keep the old generators creating valid code
	// DEPRECATED
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var (
	// FailureConditionTypes is a list of all conditions where the overall controller status would not
	// be healthy.
	FailureConditionTypes = []CredentialsRequestConditionType{
		InsufficientCloudCredentials,
		MissingTargetNamespace,
		CredentialsProvisionFailure,
		CredentialsDeprovisionFailure,
	}
)

Functions

func RegisterDefaults 

func RegisterDefaults(scheme *runtime.Scheme) error

RegisterDefaults adds defaulters functions to the given scheme. Public to allow building arbitrary schemes. All generated defaulters are covering - they call all nested defaulters.

func Resource 

func Resource(resource string) schema.GroupResource

Resource generated code relies on this being here, but it logically belongs to the group DEPRECATED

Types

type AWSProviderSpec 

type AWSProviderSpec struct {
	metav1.TypeMeta `json:",inline"`
	// StatementEntries contains a list of policy statements that should be associated with this credentials access key.
	StatementEntries []StatementEntry `json:"statementEntries"`
	// stsIAMRoleARN is the Amazon Resource Name (ARN) of an IAM Role which was created manually for the associated
	// CredentialsRequest.
	// The presence of an stsIAMRoleARN within the AWSProviderSpec initiates creation of a secret containing IAM
	// Role details necessary for assuming the IAM Role via Amazon's Secure Token Service.
	// +optional
	STSIAMRoleARN string `json:"stsIAMRoleARN,omitempty"`
}

AWSProviderSpec contains the required information to create a user policy in AWS. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AWSProviderSpec) DeepCopy 

func (in *AWSProviderSpec) DeepCopy() *AWSProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSProviderSpec.

func (*AWSProviderSpec) DeepCopyInto 

func (in *AWSProviderSpec) DeepCopyInto(out *AWSProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AWSProviderSpec) DeepCopyObject 

func (in *AWSProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AWSProviderStatus 

type AWSProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
	// User is the name of the User created in AWS for these credentials.
	User string `json:"user"`
	// Policy is the name of the policy attached to the user in AWS.
	Policy string `json:"policy"`
}

AWSProviderStatus containes the status of the credentials request in AWS. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AWSProviderStatus) DeepCopy 

func (in *AWSProviderStatus) DeepCopy() *AWSProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSProviderStatus.

func (*AWSProviderStatus) DeepCopyInto 

func (in *AWSProviderStatus) DeepCopyInto(out *AWSProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AWSProviderStatus) DeepCopyObject 

func (in *AWSProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AccessPolicy 

type AccessPolicy struct {
	// Attributes identify the resources to which this policy applies
	Attributes []ResourceAttribute `json:"attributes"`

	// Roles are the IAM roles assigned to this policy
	Roles []string `json:"roles"`
}

AccessPolicy is a definition of an IAM access policy

func (*AccessPolicy) DeepCopy 

func (in *AccessPolicy) DeepCopy() *AccessPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessPolicy.

func (*AccessPolicy) DeepCopyInto 

func (in *AccessPolicy) DeepCopyInto(out *AccessPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureProviderSpec 

type AzureProviderSpec struct {
	metav1.TypeMeta `json:",inline"`

	// RoleBindings contains a list of roles that should be associated with the minted credential.
	RoleBindings []RoleBinding `json:"roleBindings"`

	// Permissions is the list of Azure permissions required to create a more fine-grained custom role to
	// satisfy the CredentialsRequest.
	// The Permissions field may be provided in addition to RoleBindings. When both fields are specified,
	// the user-assigned managed identity will have union of permissions defined from both Permissions
	// and RoleBindings.
	// +optional
	Permissions []string `json:"permissions,omitempty"`

	// DataPermissions is the list of Azure data permissions required to create a more fine-grained custom
	// role to satisfy the CredentialsRequest.
	// The DataPermissions field may be provided in addition to RoleBindings. When both fields are specified,
	// the user-assigned managed identity will have union of permissions defined from both DataPermissions
	// and RoleBindings.
	// +optional
	DataPermissions []string `json:"dataPermissions,omitempty"`

	// The following fields are only required for Azure Workload Identity.
	// AzureClientID is the ID of the specific application you created in Azure
	// +optional
	AzureClientID string `json:"azureClientID,omitempty"`

	// AzureRegion is the geographic region of the Azure service.
	// +optional
	AzureRegion string `json:"azureRegion,omitempty"`

	// Each Azure subscription has an ID associated with it, as does the tenant to which a subscription belongs.
	// AzureSubscriptionID is the ID of the subscription.
	// +optional
	AzureSubscriptionID string `json:"azureSubscriptionID,omitempty"`

	// AzureTenantID is the ID of the tenant to which the subscription belongs.
	// +optional
	AzureTenantID string `json:"azureTenantID,omitempty"`
}

AzureProviderSpec contains the required information to create RBAC role bindings for Azure. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzureProviderSpec) DeepCopy 

func (in *AzureProviderSpec) DeepCopy() *AzureProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureProviderSpec.

func (*AzureProviderSpec) DeepCopyInto 

func (in *AzureProviderSpec) DeepCopyInto(out *AzureProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzureProviderSpec) DeepCopyObject 

func (in *AzureProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzureProviderStatus 

type AzureProviderStatus struct {
	metav1.TypeMeta `json:",inline"`

	// ServicePrincipalName is the name of the service principal created in Azure for these credentials.
	ServicePrincipalName string `json:"name"`

	// AppID is the application id of the service principal created in Azure for these credentials.
	AppID string `json:"appID"`

	// SecretLastResourceVersion is the resource version of the secret resource
	// that was last synced. Used to determine if the object has changed and
	// requires a sync.
	SecretLastResourceVersion string `json:"secretLastResourceVersion"`
}

AzureProviderStatus contains the status of the credentials request in Azure. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzureProviderStatus) DeepCopy 

func (in *AzureProviderStatus) DeepCopy() *AzureProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureProviderStatus.

func (*AzureProviderStatus) DeepCopyInto 

func (in *AzureProviderStatus) DeepCopyInto(out *AzureProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzureProviderStatus) DeepCopyObject 

func (in *AzureProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CredentialsRequest 

type CredentialsRequest struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// +kubebuilder:validation:Required
	// +required
	Spec   CredentialsRequestSpec   `json:"spec"`
	Status CredentialsRequestStatus `json:"status,omitempty"`
}

CredentialsRequest is the Schema for the credentialsrequests API +k8s:openapi-gen=true +kubebuilder:subresource:status

func (*CredentialsRequest) DeepCopy 

func (in *CredentialsRequest) DeepCopy() *CredentialsRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsRequest.

func (*CredentialsRequest) DeepCopyInto 

func (in *CredentialsRequest) DeepCopyInto(out *CredentialsRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CredentialsRequest) DeepCopyObject 

func (in *CredentialsRequest) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CredentialsRequestCondition 

type CredentialsRequestCondition struct {
	// Type is the specific type of the condition
	// +kubebuilder:validation:Required
	// +required
	Type CredentialsRequestConditionType `json:"type"`
	// Status is the status of the condition
	// +kubebuilder:validation:Required
	// +required
	Status corev1.ConditionStatus `json:"status"`
	// LastProbeTime is the last time we probed the condition
	LastProbeTime metav1.Time `json:"lastProbeTime,omitempty"`
	// LastTransitionTime is the last time the condition transitioned from one status to another.
	LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
	// Reason is a unique, one-word, CamelCase reason for the condition's last transition
	Reason string `json:"reason,omitempty"`
	// Message is a human-readable message indicating details about the last transition
	Message string `json:"message,omitempty"`
}

CredentialsRequestCondition contains details for any of the conditions on a CredentialsRequest object

func (*CredentialsRequestCondition) DeepCopy 

func (in *CredentialsRequestCondition) DeepCopy() *CredentialsRequestCondition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsRequestCondition.

func (*CredentialsRequestCondition) DeepCopyInto 

func (in *CredentialsRequestCondition) DeepCopyInto(out *CredentialsRequestCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CredentialsRequestConditionType 

type CredentialsRequestConditionType string

CredentialsRequestConditionType are the valid condition types for a CredentialsRequest 

const (
	// InsufficientCloudCredentials is true when the cloud credentials are deemed to be insufficient
	// to either mint custom creds to satisfy the CredentialsRequest or insufficient to
	// be able to be passed along as-is to satisfy the CredentialsRequest
	InsufficientCloudCredentials CredentialsRequestConditionType = "InsufficientCloudCreds"
	// MissingTargetNamespace is true when the namespace specified to hold the resulting
	// credentials is not present
	MissingTargetNamespace CredentialsRequestConditionType = "MissingTargetNamespace"
	// CredentialsProvisionFailure is true whenver there has been an issue while trying
	// to provision the credentials (either passthrough or minting). Error message will
	// be stored directly in the condition message.
	CredentialsProvisionFailure CredentialsRequestConditionType = "CredentialsProvisionFailure"
	// CredentialsDeprovisionFailure is true whenever there is an error when trying
	// to clean up any previously-created cloud resources
	CredentialsDeprovisionFailure CredentialsRequestConditionType = "CredentialsDeprovisionFailure"
	// Ignored is true when the CredentialsRequest's ProviderSpec is for
	// a different infrastructure platform than what the cluster has been
	// deployed to. This is normal as the release image contains CredentialsRequests for all
	// possible clouds/infrastructure, and cloud-credential-operator will only act on the
	// CredentialsRequests where the cloud/infra matches.
	Ignored CredentialsRequestConditionType = "Ignored"
	// StaleCredentials is true when CredentialsRequest is no longer required and has to be cleaned ip
	StaleCredentials CredentialsRequestConditionType = "StaleCredentials"
	// OrphanedCloudResource is true when CCO was unable to delete a previously created
	// App Registration / Service Principal while pivoting from Mint mode to Passthrough
	OrphanedCloudResource CredentialsRequestConditionType = "OrphanedCloudResource"
)

These are valid conditions for a CredentialsRequest

type CredentialsRequestList 

type CredentialsRequestList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []CredentialsRequest `json:"items"`
}

CredentialsRequestList contains a list of CredentialsRequest

func (*CredentialsRequestList) DeepCopy 

func (in *CredentialsRequestList) DeepCopy() *CredentialsRequestList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsRequestList.

func (*CredentialsRequestList) DeepCopyInto 

func (in *CredentialsRequestList) DeepCopyInto(out *CredentialsRequestList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CredentialsRequestList) DeepCopyObject 

func (in *CredentialsRequestList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CredentialsRequestSpec 

type CredentialsRequestSpec struct {
	// SecretRef points to the secret where the credentials should be stored once generated.
	// +kubebuilder:validation:Required
	// +required
	SecretRef corev1.ObjectReference `json:"secretRef"`

	// ProviderSpec contains the cloud provider specific credentials specification.
	// +kubebuilder:pruning:PreserveUnknownFields
	ProviderSpec *runtime.RawExtension `json:"providerSpec,omitempty"`

	// ServiceAccountNames contains a list of ServiceAccounts that will use permissions associated with this
	// CredentialsRequest. This is not used by CCO, but the information is needed for being able to properly
	// set up access control in the cloud provider when the ServiceAccounts are used as part of the cloud
	// credentials flow.
	// +optional
	ServiceAccountNames []string `json:"serviceAccountNames,omitempty"`

	// cloudTokenPath is the path where the Kubernetes ServiceAccount token (JSON Web Token) is mounted
	// on the deployment for the workload requesting a credentials secret.
	// The presence of this field in combination with fields such as spec.providerSpec.stsIAMRoleARN
	// indicate that CCO should broker creation of a credentials secret containing fields necessary for
	// token based authentication methods such as with the AWS Secure Token Service (STS).
	//
	// cloudTokenPath may also be used to specify the azure_federated_token_file path used
	// in Azure configuration secrets generated by ccoctl.
	// Defaults to "/var/run/secrets/openshift/serviceaccount/token".
	// +optional
	CloudTokenPath string `json:"cloudTokenPath,omitempty"`
}

CredentialsRequestSpec defines the desired state of CredentialsRequest

func (*CredentialsRequestSpec) DeepCopy 

func (in *CredentialsRequestSpec) DeepCopy() *CredentialsRequestSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsRequestSpec.

func (*CredentialsRequestSpec) DeepCopyInto 

func (in *CredentialsRequestSpec) DeepCopyInto(out *CredentialsRequestSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CredentialsRequestStatus 

type CredentialsRequestStatus struct {
	// Provisioned is true once the credentials have been initially provisioned.
	// +kubebuilder:validation:Required
	// +required
	Provisioned bool `json:"provisioned"`

	// LastSyncTimestamp is the time that the credentials were last synced.
	LastSyncTimestamp *metav1.Time `json:"lastSyncTimestamp,omitempty"`

	// LastSyncGeneration is the generation of the credentials request resource
	// that was last synced. Used to determine if the object has changed and
	// requires a sync.
	// +kubebuilder:validation:Required
	// +required
	LastSyncGeneration int64 `json:"lastSyncGeneration"`

	// LastSyncCloudCredsSecretResourceVersion is the resource version of the
	// cloud credentials secret resource when the credentials request resource
	// was last synced. Used to determine if the cloud credentials have
	// been updated since the last sync.
	// +optional
	LastSyncCloudCredsSecretResourceVersion string `json:"lastSyncCloudCredsSecretResourceVersion,omitempty"`

	// LastSyncInfrastructureResourceVersion is the resource version of the
	// Infrastructure resource. It is used to determine if the user provided tags have
	// been updated since the last sync.
	// +optional
	LastSyncInfrastructureResourceVersion string `json:"lastSyncInfrastructureResourceVersion,omitempty"`

	// ProviderStatus contains cloud provider specific status.
	// +kubebuilder:pruning:PreserveUnknownFields
	ProviderStatus *runtime.RawExtension `json:"providerStatus,omitempty"`

	// Conditions includes detailed status for the CredentialsRequest
	// +optional
	Conditions []CredentialsRequestCondition `json:"conditions,omitempty"`
}

CredentialsRequestStatus defines the observed state of CredentialsRequest

func (*CredentialsRequestStatus) DeepCopy 

func (in *CredentialsRequestStatus) DeepCopy() *CredentialsRequestStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsRequestStatus.

func (*CredentialsRequestStatus) DeepCopyInto 

func (in *CredentialsRequestStatus) DeepCopyInto(out *CredentialsRequestStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GCPProviderSpec 

type GCPProviderSpec struct {
	metav1.TypeMeta `json:",inline"`
	// PredefinedRoles is the list of GCP pre-defined roles
	// that the CredentialsRequest requires.
	PredefinedRoles []string `json:"predefinedRoles"`
	// Permissions is the list of GCP permissions required to create a more fine-grained custom role to
	// satisfy the CredentialsRequest.
	// The Permissions field may be provided in addition to PredefinedRoles. When both fields are specified,
	// the service account will have union of permissions defined from both Permissions and PredefinedRoles.
	// +optional
	Permissions []string `json:"permissions,omitempty"`
	// SkipServiceCheck can be set to true to skip the check whether the requested roles or permissions
	// have the necessary services enabled
	// +optional
	SkipServiceCheck bool `json:"skipServiceCheck,omitempty"`

	// ServiceAccountEmail that will be impersonated during Workload Identity Federation.
	// +optional
	ServiceAccountEmail string `json:"serviceAccountEmail,omitempty"`

	// Audience that will be used with Workload Identity Federation.
	// It should be formatted as follows:
	// "//iam.googleapis.com/projects/<PROJECT_NUMBER>/locations/global/workloadIdentityPools/<POOL_ID>/providers/<PROVIDER_ID>"
	// For more information see https://cloud.google.com/iam/docs/workload-identity-federation-with-other-providers#create-credential-config
	Audience string `json:"audience,omitempty"`
}

GCPProviderSpec contains the required information to create a service account with policy bindings in GCP. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*GCPProviderSpec) DeepCopy 

func (in *GCPProviderSpec) DeepCopy() *GCPProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GCPProviderSpec.

func (*GCPProviderSpec) DeepCopyInto 

func (in *GCPProviderSpec) DeepCopyInto(out *GCPProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*GCPProviderSpec) DeepCopyObject 

func (in *GCPProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type GCPProviderStatus 

type GCPProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
	// ServiceAccountID is the ID of the service account created in GCP for the requested credentials.
	ServiceAccountID string `json:"serviceAccountID"`
	// RoleID is the ID of the custom role created in GCP for the requested permissions apart from
	// permissions granted by the pre-defined roles.
	// RoleID is set by the Cloud Credential Operator controllers and should not be set manually.
	// +optional
	RoleID string `json:"roleID,omitempty"`
}

GCPProviderStatus contains the status of the GCP credentials request. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*GCPProviderStatus) DeepCopy 

func (in *GCPProviderStatus) DeepCopy() *GCPProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GCPProviderStatus.

func (*GCPProviderStatus) DeepCopyInto 

func (in *GCPProviderStatus) DeepCopyInto(out *GCPProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*GCPProviderStatus) DeepCopyObject 

func (in *GCPProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMPolicyCondition 

type IAMPolicyCondition map[string]IAMPolicyConditionKeyValue

IAMPolicyCondition - map of condition types, with associated key - value mapping +k8s:deepcopy-gen=false

func (*IAMPolicyCondition) DeepCopy 

func (in *IAMPolicyCondition) DeepCopy() *IAMPolicyCondition

DeepCopy is a deepcopy function, copying the receiver, creating a new IAMPolicyCondition.

func (*IAMPolicyCondition) DeepCopyInto 

func (in *IAMPolicyCondition) DeepCopyInto(out *IAMPolicyCondition)

DeepCopyInto is a deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPolicyConditionKeyValue 

type IAMPolicyConditionKeyValue map[string]interface{}

IAMPolicyConditionKeyValue - mapping of values for the chosen type +k8s:deepcopy-gen=false

type IBMCloudPowerVSProviderSpec 

type IBMCloudPowerVSProviderSpec struct {
	metav1.TypeMeta `json:",inline"`

	// Policies are a list of access policies to create for the generated credentials
	Policies []AccessPolicy `json:"policies"`
}

IBMCloudPowerVSProviderSpec is the specification of the credentials request in IBM Cloud Power VS. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*IBMCloudPowerVSProviderSpec) DeepCopy 

func (in *IBMCloudPowerVSProviderSpec) DeepCopy() *IBMCloudPowerVSProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IBMCloudPowerVSProviderSpec.

func (*IBMCloudPowerVSProviderSpec) DeepCopyInto 

func (in *IBMCloudPowerVSProviderSpec) DeepCopyInto(out *IBMCloudPowerVSProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IBMCloudPowerVSProviderSpec) DeepCopyObject 

func (in *IBMCloudPowerVSProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IBMCloudPowerVSProviderStatus 

type IBMCloudPowerVSProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
}

IBMCloudPowerVSProviderStatus contains the status of the IBM Cloud Power VS credentials request. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*IBMCloudPowerVSProviderStatus) DeepCopy 

func (in *IBMCloudPowerVSProviderStatus) DeepCopy() *IBMCloudPowerVSProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IBMCloudPowerVSProviderStatus.

func (*IBMCloudPowerVSProviderStatus) DeepCopyInto 

func (in *IBMCloudPowerVSProviderStatus) DeepCopyInto(out *IBMCloudPowerVSProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IBMCloudPowerVSProviderStatus) DeepCopyObject 

func (in *IBMCloudPowerVSProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IBMCloudProviderSpec 

type IBMCloudProviderSpec struct {
	metav1.TypeMeta `json:",inline"`

	// Policies are a list of access policies to create for the generated credentials
	Policies []AccessPolicy `json:"policies"`
}

IBMCloudProviderSpec is the specification of the credentials request in IBM Cloud. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*IBMCloudProviderSpec) DeepCopy 

func (in *IBMCloudProviderSpec) DeepCopy() *IBMCloudProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IBMCloudProviderSpec.

func (*IBMCloudProviderSpec) DeepCopyInto 

func (in *IBMCloudProviderSpec) DeepCopyInto(out *IBMCloudProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IBMCloudProviderSpec) DeepCopyObject 

func (in *IBMCloudProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IBMCloudProviderStatus 

type IBMCloudProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
}

IBMCloudProviderStatus contains the status of the IBM Cloud credentials request. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*IBMCloudProviderStatus) DeepCopy 

func (in *IBMCloudProviderStatus) DeepCopy() *IBMCloudProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IBMCloudProviderStatus.

func (*IBMCloudProviderStatus) DeepCopyInto 

func (in *IBMCloudProviderStatus) DeepCopyInto(out *IBMCloudProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IBMCloudProviderStatus) DeepCopyObject 

func (in *IBMCloudProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type KubevirtProviderSpec 

type KubevirtProviderSpec struct {
	metav1.TypeMeta `json:",inline"`
}

KubevirtProviderSpec the specification of the credentials request in Kubevirt. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*KubevirtProviderSpec) DeepCopy 

func (in *KubevirtProviderSpec) DeepCopy() *KubevirtProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubevirtProviderSpec.

func (*KubevirtProviderSpec) DeepCopyInto 

func (in *KubevirtProviderSpec) DeepCopyInto(out *KubevirtProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KubevirtProviderSpec) DeepCopyObject 

func (in *KubevirtProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type KubevirtProviderStatus 

type KubevirtProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
}

KubevirtProviderSpec contains the status of the credentials request in Kubevirt. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*KubevirtProviderStatus) DeepCopy 

func (in *KubevirtProviderStatus) DeepCopy() *KubevirtProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubevirtProviderStatus.

func (*KubevirtProviderStatus) DeepCopyInto 

func (in *KubevirtProviderStatus) DeepCopyInto(out *KubevirtProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KubevirtProviderStatus) DeepCopyObject 

func (in *KubevirtProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type NutanixProviderSpec 

type NutanixProviderSpec struct {
	metav1.TypeMeta `json:",inline"`
}

NutanixProviderSpec the specification of the credentials request in Nutanix. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*NutanixProviderSpec) DeepCopy 

func (in *NutanixProviderSpec) DeepCopy() *NutanixProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NutanixProviderSpec.

func (*NutanixProviderSpec) DeepCopyInto 

func (in *NutanixProviderSpec) DeepCopyInto(out *NutanixProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*NutanixProviderSpec) DeepCopyObject 

func (in *NutanixProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type NutanixProviderStatus 

type NutanixProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
}

NutanixProviderStatus contains the status of the credentials request in Nutanix. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*NutanixProviderStatus) DeepCopy 

func (in *NutanixProviderStatus) DeepCopy() *NutanixProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NutanixProviderStatus.

func (*NutanixProviderStatus) DeepCopyInto 

func (in *NutanixProviderStatus) DeepCopyInto(out *NutanixProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*NutanixProviderStatus) DeepCopyObject 

func (in *NutanixProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OpenStackProviderSpec 

type OpenStackProviderSpec struct {
	metav1.TypeMeta `json:",inline"`
}

OpenStackProviderSpec the specification of the credentials request in OpenStack. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*OpenStackProviderSpec) DeepCopy 

func (in *OpenStackProviderSpec) DeepCopy() *OpenStackProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenStackProviderSpec.

func (*OpenStackProviderSpec) DeepCopyInto 

func (in *OpenStackProviderSpec) DeepCopyInto(out *OpenStackProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OpenStackProviderSpec) DeepCopyObject 

func (in *OpenStackProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OpenStackProviderStatus 

type OpenStackProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
}

OpenStackProviderStatus contains the status of the credentials request in OpenStack. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*OpenStackProviderStatus) DeepCopy 

func (in *OpenStackProviderStatus) DeepCopy() *OpenStackProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenStackProviderStatus.

func (*OpenStackProviderStatus) DeepCopyInto 

func (in *OpenStackProviderStatus) DeepCopyInto(out *OpenStackProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OpenStackProviderStatus) DeepCopyObject 

func (in *OpenStackProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OvirtProviderSpec 

type OvirtProviderSpec struct {
	metav1.TypeMeta `json:",inline"`
}

OvirtProviderSpec the specification of the credentials request in Ovirt. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*OvirtProviderSpec) DeepCopy 

func (in *OvirtProviderSpec) DeepCopy() *OvirtProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OvirtProviderSpec.

func (*OvirtProviderSpec) DeepCopyInto 

func (in *OvirtProviderSpec) DeepCopyInto(out *OvirtProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OvirtProviderSpec) DeepCopyObject 

func (in *OvirtProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type OvirtProviderStatus 

type OvirtProviderStatus struct {
	metav1.TypeMeta `json:",inline"`
}

OvirtProviderStatus contains the status of the credentials request in Ovirt. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*OvirtProviderStatus) DeepCopy 

func (in *OvirtProviderStatus) DeepCopy() *OvirtProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OvirtProviderStatus.

func (*OvirtProviderStatus) DeepCopyInto 

func (in *OvirtProviderStatus) DeepCopyInto(out *OvirtProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*OvirtProviderStatus) DeepCopyObject 

func (in *OvirtProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ProviderCodec 

type ProviderCodec struct {
	// contains filtered or unexported fields
}

ProviderCodec is a runtime codec for providers. +k8s:deepcopy-gen=false 

var Codec *ProviderCodec = nil

func (*ProviderCodec) DecodeProviderSpec 

func (codec *ProviderCodec) DecodeProviderSpec(providerConfig *runtime.RawExtension, out runtime.Object) error

DecodeProviderSpec deserializes an object from the provider config.

func (*ProviderCodec) DecodeProviderStatus 

func (codec *ProviderCodec) DecodeProviderStatus(providerStatus *runtime.RawExtension, out runtime.Object) error

DecodeProviderStatus deserializes the provider status.

func (*ProviderCodec) EncodeProviderSpec 

func (codec *ProviderCodec) EncodeProviderSpec(in runtime.Object) (*runtime.RawExtension, error)

EncodeProvider serializes an object to the provider spec.

func (*ProviderCodec) EncodeProviderStatus 

func (codec *ProviderCodec) EncodeProviderStatus(in runtime.Object) (*runtime.RawExtension, error)

EncodeProviderStatus serializes the provider status.

type ResourceAttribute 

type ResourceAttribute struct {
	// Name is the name of an attribute.
	Name string `json:"name"`

	// Value is the value of an attribute.
	Value string `json:"value"`

	// Operator is the operator of an attribute.
	Operator string `json:"operator,omitempty"`
}

ResourceAttribute is an attribute associated with a resource.

func (*ResourceAttribute) DeepCopy 

func (in *ResourceAttribute) DeepCopy() *ResourceAttribute

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceAttribute.

func (*ResourceAttribute) DeepCopyInto 

func (in *ResourceAttribute) DeepCopyInto(out *ResourceAttribute)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RoleBinding 

type RoleBinding struct {
	// Role defines a set of permissions that should be associated with the minted credential.
	Role string `json:"role"`
}

RoleBinding models part of the Azure RBAC Role Binding

func (*RoleBinding) DeepCopy 

func (in *RoleBinding) DeepCopy() *RoleBinding

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleBinding.

func (*RoleBinding) DeepCopyInto 

func (in *RoleBinding) DeepCopyInto(out *RoleBinding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type StatementEntry 

type StatementEntry struct {
	// Effect indicates if this policy statement is to Allow or Deny.
	Effect string `json:"effect"`
	// Action describes the particular AWS service actions that should be allowed or denied. (i.e. ec2:StartInstances, iam:ChangePassword)
	Action []string `json:"action"`
	// Resource specifies the object(s) this statement should apply to. (or "*" for all)
	Resource string `json:"resource"`
	// PolicyCondition specifies under which condition StatementEntry will apply
	PolicyCondition IAMPolicyCondition `json:"policyCondition,omitempty"`
}

StatementEntry models an AWS policy statement entry.

func (*StatementEntry) DeepCopy 

func (in *StatementEntry) DeepCopy() *StatementEntry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatementEntry.

func (*StatementEntry) DeepCopyInto 

func (in *StatementEntry) DeepCopyInto(out *StatementEntry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type VSpherePermission 

type VSpherePermission struct {
	// Privileges is the list of access being requested.
	Privileges []string `json:"privileges"`
}

VSpherePermission captures the details of the privileges being requested for the list of entities.

func (*VSpherePermission) DeepCopy 

func (in *VSpherePermission) DeepCopy() *VSpherePermission

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VSpherePermission.

func (*VSpherePermission) DeepCopyInto 

func (in *VSpherePermission) DeepCopyInto(out *VSpherePermission)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type VSphereProviderSpec 

type VSphereProviderSpec struct {
	metav1.TypeMeta `json:",inline"`

	// Permissions contains a list of groups of privileges that are being requested.
	Permissions []VSpherePermission `json:"permissions"`
}

VSphereProviderSpec contains the required information to create RBAC role bindings for VSphere. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*VSphereProviderSpec) DeepCopy 

func (in *VSphereProviderSpec) DeepCopy() *VSphereProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VSphereProviderSpec.

func (*VSphereProviderSpec) DeepCopyInto 

func (in *VSphereProviderSpec) DeepCopyInto(out *VSphereProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*VSphereProviderSpec) DeepCopyObject 

func (in *VSphereProviderSpec) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type VSphereProviderStatus 

type VSphereProviderStatus struct {
	metav1.TypeMeta `json:",inline"`

	// SecretLastResourceVersion is the resource version of the secret resource
	// that was last synced. Used to determine if the object has changed and
	// requires a sync.
	SecretLastResourceVersion string `json:"secretLastResourceVersion"`
}

VSphereProviderStatus contains the status of the credentials request in VSphere. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*VSphereProviderStatus) DeepCopy 

func (in *VSphereProviderStatus) DeepCopy() *VSphereProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VSphereProviderStatus.

func (*VSphereProviderStatus) DeepCopyInto 

func (in *VSphereProviderStatus) DeepCopyInto(out *VSphereProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*VSphereProviderStatus) DeepCopyObject 

func (in *VSphereProviderStatus) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.