Documentation
¶
Index ¶
- Constants
- Variables
- func NewForbiddenError(key string, forbiddenSpec ForbiddenListSpec) error
- func ValidateForbidden(metadata map[string]string, forbiddenList ForbiddenListSpec) error
- type AdditionalMetadataSelectorSpec
- type AdditionalMetadataSpec
- type AdditionalRoleBindingsSpec
- type AllowedIP
- type AllowedListSpec
- type AllowedServices
- type ByKindAndName
- type ByKindName
- type CoreOwnerSpec
- type DefaultAllowedListSpec
- type ExternalServiceIPsSpec
- type ForbiddenError
- type ForbiddenListSpec
- type GetByKindAndName
- type HostnameCollisionScope
- type ImagePullPolicySpec
- type LimitRangesSpec
- type Name
- type NetworkPolicySpec
- type OwnerKind
- type OwnerListSpec
- func (in OwnerListSpec) DeepCopy() OwnerListSpec
- func (in OwnerListSpec) DeepCopyInto(out *OwnerListSpec)
- func (o OwnerListSpec) FindOwner(name string, kind OwnerKind) (owner OwnerSpec)
- func (o OwnerListSpec) IsOwner(name string, groups []string) bool
- func (o OwnerListSpec) ToStatusOwners() OwnerStatusListSpec
- type OwnerSpec
- type OwnerStatusListSpec
- func (in OwnerStatusListSpec) DeepCopy() OwnerStatusListSpec
- func (in OwnerStatusListSpec) DeepCopyInto(out *OwnerStatusListSpec)
- func (o OwnerStatusListSpec) FindOwner(name string, kind OwnerKind) (CoreOwnerSpec, bool)
- func (o OwnerStatusListSpec) IsOwner(name string, groups []string) bool
- func (o *OwnerStatusListSpec) Upsert(newOwner CoreOwnerSpec)
- type PodOptions
- type PoolExhaustionResource
- type ProxyOperation
- type ProxyServiceKind
- type ProxySettings
- type ResourceQuotaScope
- type ResourceQuotaSpec
- type SelectionListWithDefaultSpec
- type SelectionListWithSpec
- type SelectorAllowedListSpec
- type ServiceOptions
- type StatusNameUID
- type Tenant
- type TenantSubjectRoles
- type UserKind
- type UserListSpec
- func (in UserListSpec) DeepCopy() UserListSpec
- func (in UserListSpec) DeepCopyInto(out *UserListSpec)
- func (o UserListSpec) FindUser(name string, kind OwnerKind) (UserSpec, bool)
- func (o UserListSpec) GetByKinds(kinds []OwnerKind) []string
- func (u UserListSpec) IsPresent(name string, groups []string) bool
- type UserSpec
Constants ¶
const ( // ForbiddenLabelReason used as reason string to deny forbidden labels. ForbiddenLabelReason = "ForbiddenLabel" // ForbiddenAnnotationReason used as reason string to deny forbidden annotations. ForbiddenAnnotationReason = "ForbiddenAnnotation" )
const ( NodesProxy ProxyServiceKind = "Nodes" StorageClassesProxy ProxyServiceKind = "StorageClasses" IngressClassesProxy ProxyServiceKind = "IngressClasses" PriorityClassesProxy ProxyServiceKind = "PriorityClasses" RuntimeClassesProxy ProxyServiceKind = "RuntimeClasses" PersistentVolumesProxy ProxyServiceKind = "PersistentVolumes" TenantProxy ProxyServiceKind = "Tenant" ListOperation ProxyOperation = "List" UpdateOperation ProxyOperation = "Update" DeleteOperation ProxyOperation = "Delete" UserOwner OwnerKind = "User" GroupOwner OwnerKind = "Group" ServiceAccountOwner OwnerKind = "ServiceAccount" )
const ( ProvisionerRoleName = "capsule-namespace-provisioner" DeleterRoleName = "capsule-namespace-deleter" )
Variables ¶
var ( ClusterRoles = map[string]*rbacv1.ClusterRole{ ProvisionerRoleName: { ObjectMeta: metav1.ObjectMeta{ Name: ProvisionerRoleName, }, Rules: []rbacv1.PolicyRule{ { APIGroups: []string{""}, Resources: []string{"namespaces"}, Verbs: []string{"create", "patch"}, }, }, }, DeleterRoleName: { ObjectMeta: metav1.ObjectMeta{ Name: DeleterRoleName, }, Rules: []rbacv1.PolicyRule{ { APIGroups: []string{""}, Resources: []string{"namespaces"}, Verbs: []string{"delete"}, }, }, }, } ProvisionerClusterRoleBinding = &rbacv1.ClusterRoleBinding{ ObjectMeta: metav1.ObjectMeta{ Name: ProvisionerRoleName, }, RoleRef: rbacv1.RoleRef{ Kind: "ClusterRole", Name: ProvisionerRoleName, APIGroup: rbacv1.GroupName, }, } )
Functions ¶
func NewForbiddenError ¶ added in v0.5.0
func NewForbiddenError(key string, forbiddenSpec ForbiddenListSpec) error
func ValidateForbidden ¶ added in v0.5.0
func ValidateForbidden(metadata map[string]string, forbiddenList ForbiddenListSpec) error
Types ¶
type AdditionalMetadataSelectorSpec ¶ added in v0.9.0
type AdditionalMetadataSelectorSpec struct {
NamespaceSelector *metav1.LabelSelector `json:"namespaceSelector,omitempty"`
Labels map[string]string `json:"labels,omitempty"`
Annotations map[string]string `json:"annotations,omitempty"`
}
func (*AdditionalMetadataSelectorSpec) DeepCopy ¶ added in v0.9.0
func (in *AdditionalMetadataSelectorSpec) DeepCopy() *AdditionalMetadataSelectorSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalMetadataSelectorSpec.
func (*AdditionalMetadataSelectorSpec) DeepCopyInto ¶ added in v0.9.0
func (in *AdditionalMetadataSelectorSpec) DeepCopyInto(out *AdditionalMetadataSelectorSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AdditionalMetadataSpec ¶
type AdditionalMetadataSpec struct {
Labels map[string]string `json:"labels,omitempty"`
Annotations map[string]string `json:"annotations,omitempty"`
}
func (*AdditionalMetadataSpec) DeepCopy ¶
func (in *AdditionalMetadataSpec) DeepCopy() *AdditionalMetadataSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalMetadataSpec.
func (*AdditionalMetadataSpec) DeepCopyInto ¶
func (in *AdditionalMetadataSpec) DeepCopyInto(out *AdditionalMetadataSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AdditionalRoleBindingsSpec ¶
type AdditionalRoleBindingsSpec struct {
ClusterRoleName string `json:"clusterRoleName"`
// kubebuilder:validation:Minimum=1
Subjects []rbacv1.Subject `json:"subjects"`
// Additional Labels for the synchronized rolebindings
Labels map[string]string `json:"labels,omitempty"`
// Additional Annotations for the synchronized rolebindings
Annotations map[string]string `json:"annotations,omitempty"`
}
func (*AdditionalRoleBindingsSpec) DeepCopy ¶
func (in *AdditionalRoleBindingsSpec) DeepCopy() *AdditionalRoleBindingsSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalRoleBindingsSpec.
func (*AdditionalRoleBindingsSpec) DeepCopyInto ¶
func (in *AdditionalRoleBindingsSpec) DeepCopyInto(out *AdditionalRoleBindingsSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AllowedIP ¶
type AllowedIP string
+kubebuilder:validation:Pattern="^([0-9]{1,3}.){3}[0-9]{1,3}(/([0-9]|[1-2][0-9]|3[0-2]))?$"
type AllowedListSpec ¶
type AllowedListSpec struct {
// Match exact elements which are allowed as class names within this tenant
Exact []string `json:"allowed,omitempty"`
// Deprecated: will be removed in a future release
//
// Match elements by regex.
Regex string `json:"allowedRegex,omitempty"`
}
func (*AllowedListSpec) DeepCopy ¶
func (in *AllowedListSpec) DeepCopy() *AllowedListSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedListSpec.
func (*AllowedListSpec) DeepCopyInto ¶
func (in *AllowedListSpec) DeepCopyInto(out *AllowedListSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*AllowedListSpec) ExactMatch ¶
func (in *AllowedListSpec) ExactMatch(value string) (ok bool)
func (*AllowedListSpec) Match ¶
func (in *AllowedListSpec) Match(value string) (ok bool)
func (*AllowedListSpec) RegexMatch ¶
func (in *AllowedListSpec) RegexMatch(value string) (ok bool)
type AllowedServices ¶
type AllowedServices struct {
// +kubebuilder:default=true
// Specifies if NodePort service type resources are allowed for the Tenant. Default is true. Optional.
NodePort *bool `json:"nodePort,omitempty"`
// +kubebuilder:default=true
// Specifies if ExternalName service type resources are allowed for the Tenant. Default is true. Optional.
ExternalName *bool `json:"externalName,omitempty"`
// +kubebuilder:default=true
// Specifies if LoadBalancer service type resources are allowed for the Tenant. Default is true. Optional.
LoadBalancer *bool `json:"loadBalancer,omitempty"`
}
func (*AllowedServices) DeepCopy ¶
func (in *AllowedServices) DeepCopy() *AllowedServices
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedServices.
func (*AllowedServices) DeepCopyInto ¶
func (in *AllowedServices) DeepCopyInto(out *AllowedServices)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ByKindAndName ¶ added in v0.12.0
type ByKindAndName OwnerListSpec
func (ByKindAndName) Len ¶ added in v0.12.0
func (b ByKindAndName) Len() int
func (ByKindAndName) Less ¶ added in v0.12.0
func (b ByKindAndName) Less(i, j int) bool
func (ByKindAndName) Swap ¶ added in v0.12.0
func (b ByKindAndName) Swap(i, j int)
type ByKindName ¶ added in v0.12.0
type ByKindName UserListSpec
func (ByKindName) Len ¶ added in v0.12.0
func (b ByKindName) Len() int
func (ByKindName) Less ¶ added in v0.12.0
func (b ByKindName) Less(i, j int) bool
func (ByKindName) Swap ¶ added in v0.12.0
func (b ByKindName) Swap(i, j int)
type CoreOwnerSpec ¶ added in v0.12.0
type CoreOwnerSpec struct {
UserSpec `json:",inline"`
// Defines additional cluster-roles for the specific Owner.
// +kubebuilder:default={admin,capsule-namespace-deleter}
ClusterRoles []string `json:"clusterRoles,omitempty"`
}
func (*CoreOwnerSpec) DeepCopy ¶ added in v0.12.0
func (in *CoreOwnerSpec) DeepCopy() *CoreOwnerSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CoreOwnerSpec.
func (*CoreOwnerSpec) DeepCopyInto ¶ added in v0.12.0
func (in *CoreOwnerSpec) DeepCopyInto(out *CoreOwnerSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type DefaultAllowedListSpec ¶
type DefaultAllowedListSpec struct {
SelectorAllowedListSpec `json:",inline"`
Default string `json:"default,omitempty"`
}
func (*DefaultAllowedListSpec) DeepCopy ¶
func (in *DefaultAllowedListSpec) DeepCopy() *DefaultAllowedListSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DefaultAllowedListSpec.
func (*DefaultAllowedListSpec) DeepCopyInto ¶
func (in *DefaultAllowedListSpec) DeepCopyInto(out *DefaultAllowedListSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*DefaultAllowedListSpec) MatchDefault ¶
func (in *DefaultAllowedListSpec) MatchDefault(value string) bool
type ExternalServiceIPsSpec ¶
type ExternalServiceIPsSpec struct {
Allowed []AllowedIP `json:"allowed"`
}
func (*ExternalServiceIPsSpec) DeepCopy ¶
func (in *ExternalServiceIPsSpec) DeepCopy() *ExternalServiceIPsSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalServiceIPsSpec.
func (*ExternalServiceIPsSpec) DeepCopyInto ¶
func (in *ExternalServiceIPsSpec) DeepCopyInto(out *ExternalServiceIPsSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ForbiddenError ¶ added in v0.5.0
type ForbiddenError struct {
// contains filtered or unexported fields
}
func (ForbiddenError) Error ¶ added in v0.5.0
func (f ForbiddenError) Error() string
type ForbiddenListSpec ¶
type ForbiddenListSpec struct {
Exact []string `json:"denied,omitempty"`
Regex string `json:"deniedRegex,omitempty"`
}
+kubebuilder:object:generate=true
func (*ForbiddenListSpec) DeepCopy ¶
func (in *ForbiddenListSpec) DeepCopy() *ForbiddenListSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ForbiddenListSpec.
func (*ForbiddenListSpec) DeepCopyInto ¶
func (in *ForbiddenListSpec) DeepCopyInto(out *ForbiddenListSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ForbiddenListSpec) ExactMatch ¶
func (in ForbiddenListSpec) ExactMatch(value string) (ok bool)
func (ForbiddenListSpec) RegexMatch ¶
func (in ForbiddenListSpec) RegexMatch(value string) (ok bool)
type GetByKindAndName ¶ added in v0.12.0
type GetByKindAndName OwnerStatusListSpec
func (GetByKindAndName) Len ¶ added in v0.12.0
func (b GetByKindAndName) Len() int
func (GetByKindAndName) Less ¶ added in v0.12.0
func (b GetByKindAndName) Less(i, j int) bool
func (GetByKindAndName) Swap ¶ added in v0.12.0
func (b GetByKindAndName) Swap(i, j int)
type HostnameCollisionScope ¶
type HostnameCollisionScope string
+kubebuilder:validation:Enum=Cluster;Tenant;Namespace;Disabled
const ( HostnameCollisionScopeCluster HostnameCollisionScope = "Cluster" HostnameCollisionScopeTenant HostnameCollisionScope = "Tenant" HostnameCollisionScopeNamespace HostnameCollisionScope = "Namespace" HostnameCollisionScopeDisabled HostnameCollisionScope = "Disabled" )
type ImagePullPolicySpec ¶
type ImagePullPolicySpec string
+kubebuilder:validation:Enum=Always;Never;IfNotPresent
func (ImagePullPolicySpec) String ¶
func (i ImagePullPolicySpec) String() string
type LimitRangesSpec ¶
type LimitRangesSpec struct {
Items []corev1.LimitRangeSpec `json:"items,omitempty"`
}
func (*LimitRangesSpec) DeepCopy ¶
func (in *LimitRangesSpec) DeepCopy() *LimitRangesSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LimitRangesSpec.
func (*LimitRangesSpec) DeepCopyInto ¶
func (in *LimitRangesSpec) DeepCopyInto(out *LimitRangesSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Name ¶ added in v0.10.0
type Name string
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names +kubebuilder:validation:Pattern=`^[a-z0-9]([-a-z0-9]*[a-z0-9])?$` +kubebuilder:validation:MaxLength=253 +kubebuilder:object:generate=true
type NetworkPolicySpec ¶
type NetworkPolicySpec struct {
Items []networkingv1.NetworkPolicySpec `json:"items,omitempty"`
}
func (*NetworkPolicySpec) DeepCopy ¶
func (in *NetworkPolicySpec) DeepCopy() *NetworkPolicySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicySpec.
func (*NetworkPolicySpec) DeepCopyInto ¶
func (in *NetworkPolicySpec) DeepCopyInto(out *NetworkPolicySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OwnerKind ¶ added in v0.12.0
type OwnerKind string
+kubebuilder:validation:Enum=User;Group;ServiceAccount
type OwnerListSpec ¶ added in v0.12.0
type OwnerListSpec []OwnerSpec
func (OwnerListSpec) DeepCopy ¶ added in v0.12.0
func (in OwnerListSpec) DeepCopy() OwnerListSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OwnerListSpec.
func (OwnerListSpec) DeepCopyInto ¶ added in v0.12.0
func (in OwnerListSpec) DeepCopyInto(out *OwnerListSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (OwnerListSpec) FindOwner ¶ added in v0.12.0
func (o OwnerListSpec) FindOwner(name string, kind OwnerKind) (owner OwnerSpec)
func (OwnerListSpec) IsOwner ¶ added in v0.12.0
func (o OwnerListSpec) IsOwner(name string, groups []string) bool
func (OwnerListSpec) ToStatusOwners ¶ added in v0.12.0
func (o OwnerListSpec) ToStatusOwners() OwnerStatusListSpec
type OwnerSpec ¶ added in v0.12.0
type OwnerSpec struct {
CoreOwnerSpec `json:",inline"`
// Proxy settings for tenant owner.
ProxyOperations []ProxySettings `json:"proxySettings,omitempty"`
// Additional Labels for the synchronized rolebindings
Labels map[string]string `json:"labels,omitempty"`
// Additional Annotations for the synchronized rolebindings
Annotations map[string]string `json:"annotations,omitempty"`
}
func (*OwnerSpec) DeepCopy ¶ added in v0.12.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OwnerSpec.
func (*OwnerSpec) DeepCopyInto ¶ added in v0.12.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OwnerStatusListSpec ¶ added in v0.12.0
type OwnerStatusListSpec []CoreOwnerSpec
func (OwnerStatusListSpec) DeepCopy ¶ added in v0.12.0
func (in OwnerStatusListSpec) DeepCopy() OwnerStatusListSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OwnerStatusListSpec.
func (OwnerStatusListSpec) DeepCopyInto ¶ added in v0.12.0
func (in OwnerStatusListSpec) DeepCopyInto(out *OwnerStatusListSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (OwnerStatusListSpec) FindOwner ¶ added in v0.12.0
func (o OwnerStatusListSpec) FindOwner(name string, kind OwnerKind) (CoreOwnerSpec, bool)
func (OwnerStatusListSpec) IsOwner ¶ added in v0.12.0
func (o OwnerStatusListSpec) IsOwner(name string, groups []string) bool
func (*OwnerStatusListSpec) Upsert ¶ added in v0.12.0
func (o *OwnerStatusListSpec) Upsert( newOwner CoreOwnerSpec, )
type PodOptions ¶ added in v0.5.0
type PodOptions struct {
// Specifies additional labels and annotations the Capsule operator places on any Pod resource in the Tenant. Optional.
AdditionalMetadata *AdditionalMetadataSpec `json:"additionalMetadata,omitempty"`
}
func (*PodOptions) DeepCopy ¶ added in v0.5.0
func (in *PodOptions) DeepCopy() *PodOptions
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodOptions.
func (*PodOptions) DeepCopyInto ¶ added in v0.5.0
func (in *PodOptions) DeepCopyInto(out *PodOptions)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PoolExhaustionResource ¶ added in v0.10.1
type PoolExhaustionResource struct {
// Available Resources to be claimed
// +optional
Available resource.Quantity `json:"available,omitzero"`
// Requesting Resources
// +optional
Requesting resource.Quantity `json:"requesting,omitzero"`
}
+kubebuilder:object:generate=true
func (*PoolExhaustionResource) DeepCopy ¶ added in v0.10.1
func (in *PoolExhaustionResource) DeepCopy() *PoolExhaustionResource
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PoolExhaustionResource.
func (*PoolExhaustionResource) DeepCopyInto ¶ added in v0.10.1
func (in *PoolExhaustionResource) DeepCopyInto(out *PoolExhaustionResource)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ProxyOperation ¶ added in v0.12.0
type ProxyOperation string
+kubebuilder:validation:Enum=List;Update;Delete
func (ProxyOperation) String ¶ added in v0.12.0
func (p ProxyOperation) String() string
type ProxyServiceKind ¶ added in v0.12.0
type ProxyServiceKind string
+kubebuilder:validation:Enum=Nodes;StorageClasses;IngressClasses;PriorityClasses;RuntimeClasses;PersistentVolumes
func (ProxyServiceKind) String ¶ added in v0.12.0
func (p ProxyServiceKind) String() string
type ProxySettings ¶ added in v0.12.0
type ProxySettings struct {
Kind ProxyServiceKind `json:"kind"`
Operations []ProxyOperation `json:"operations"`
}
func (*ProxySettings) DeepCopy ¶ added in v0.12.0
func (in *ProxySettings) DeepCopy() *ProxySettings
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxySettings.
func (*ProxySettings) DeepCopyInto ¶ added in v0.12.0
func (in *ProxySettings) DeepCopyInto(out *ProxySettings)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ResourceQuotaScope ¶
type ResourceQuotaScope string
+kubebuilder:validation:Enum=Tenant;Namespace
const ( ResourceQuotaScopeTenant ResourceQuotaScope = "Tenant" ResourceQuotaScopeNamespace ResourceQuotaScope = "Namespace" )
type ResourceQuotaSpec ¶
type ResourceQuotaSpec struct {
// +kubebuilder:default=Tenant
// Define if the Resource Budget should compute resource across all Namespaces in the Tenant or individually per cluster. Default is Tenant
Scope ResourceQuotaScope `json:"scope,omitempty"`
Items []corev1.ResourceQuotaSpec `json:"items,omitempty"`
}
func (*ResourceQuotaSpec) DeepCopy ¶
func (in *ResourceQuotaSpec) DeepCopy() *ResourceQuotaSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceQuotaSpec.
func (*ResourceQuotaSpec) DeepCopyInto ¶
func (in *ResourceQuotaSpec) DeepCopyInto(out *ResourceQuotaSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SelectionListWithDefaultSpec ¶ added in v0.10.0
type SelectionListWithDefaultSpec struct {
SelectionListWithSpec `json:",inline"`
// Default class for tenant, when no class is set. This may overwrite even the global default.
Default string `json:"default,omitempty"`
}
+kubebuilder:object:generate=true
func (*SelectionListWithDefaultSpec) DeepCopy ¶ added in v0.10.0
func (in *SelectionListWithDefaultSpec) DeepCopy() *SelectionListWithDefaultSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SelectionListWithDefaultSpec.
func (*SelectionListWithDefaultSpec) DeepCopyInto ¶ added in v0.10.0
func (in *SelectionListWithDefaultSpec) DeepCopyInto(out *SelectionListWithDefaultSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*SelectionListWithDefaultSpec) MatchDefault ¶ added in v0.10.0
func (in *SelectionListWithDefaultSpec) MatchDefault(value string) bool
type SelectionListWithSpec ¶ added in v0.10.0
type SelectionListWithSpec struct {
metav1.LabelSelector `json:",inline"`
}
func (*SelectionListWithSpec) DeepCopy ¶ added in v0.10.0
func (in *SelectionListWithSpec) DeepCopy() *SelectionListWithSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SelectionListWithSpec.
func (*SelectionListWithSpec) DeepCopyInto ¶ added in v0.10.0
func (in *SelectionListWithSpec) DeepCopyInto(out *SelectionListWithSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*SelectionListWithSpec) SelectorMatch ¶ added in v0.10.0
func (in *SelectionListWithSpec) SelectorMatch(obj client.Object) bool
type SelectorAllowedListSpec ¶
type SelectorAllowedListSpec struct {
AllowedListSpec `json:",inline"`
metav1.LabelSelector `json:",inline"`
}
func (*SelectorAllowedListSpec) DeepCopy ¶
func (in *SelectorAllowedListSpec) DeepCopy() *SelectorAllowedListSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SelectorAllowedListSpec.
func (*SelectorAllowedListSpec) DeepCopyInto ¶
func (in *SelectorAllowedListSpec) DeepCopyInto(out *SelectorAllowedListSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*SelectorAllowedListSpec) MatchSelectByName ¶
func (in *SelectorAllowedListSpec) MatchSelectByName(obj client.Object) bool
func (*SelectorAllowedListSpec) SelectorMatch ¶
func (in *SelectorAllowedListSpec) SelectorMatch(obj client.Object) bool
type ServiceOptions ¶
type ServiceOptions struct {
// Specifies additional labels and annotations the Capsule operator places on any Service resource in the Tenant. Optional.
AdditionalMetadata *AdditionalMetadataSpec `json:"additionalMetadata,omitempty"`
// Block or deny certain type of Services. Optional.
AllowedServices *AllowedServices `json:"allowedServices,omitempty"`
// Specifies the external IPs that can be used in Services with type ClusterIP. An empty list means no IPs are allowed. Optional.
ExternalServiceIPs *ExternalServiceIPsSpec `json:"externalIPs,omitempty"`
// Define the labels that a Tenant Owner cannot set for their Service resources.
// +optional
ForbiddenLabels ForbiddenListSpec `json:"forbiddenLabels,omitzero"`
// Define the annotations that a Tenant Owner cannot set for their Service resources.
// +optional
ForbiddenAnnotations ForbiddenListSpec `json:"forbiddenAnnotations,omitzero"`
}
func (*ServiceOptions) DeepCopy ¶
func (in *ServiceOptions) DeepCopy() *ServiceOptions
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceOptions.
func (*ServiceOptions) DeepCopyInto ¶
func (in *ServiceOptions) DeepCopyInto(out *ServiceOptions)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type StatusNameUID ¶ added in v0.10.0
type TenantSubjectRoles ¶ added in v0.7.2
Type to extract all clusterroles for a subject on a tenant from the owner and additionalRoleBindings spec.
type UserKind ¶ added in v0.12.0
type UserKind string
+kubebuilder:validation:Enum=User;Group;ServiceAccount
type UserListSpec ¶ added in v0.12.0
type UserListSpec []UserSpec
+kubebuilder:object:generate=true
func (UserListSpec) DeepCopy ¶ added in v0.12.0
func (in UserListSpec) DeepCopy() UserListSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserListSpec.
func (UserListSpec) DeepCopyInto ¶ added in v0.12.0
func (in UserListSpec) DeepCopyInto(out *UserListSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (UserListSpec) FindUser ¶ added in v0.12.0
func (o UserListSpec) FindUser(name string, kind OwnerKind) (UserSpec, bool)
func (UserListSpec) GetByKinds ¶ added in v0.12.0
func (o UserListSpec) GetByKinds(kinds []OwnerKind) []string
type UserSpec ¶ added in v0.12.0
type UserSpec struct {
// Kind of entity. Possible values are "User", "Group", and "ServiceAccount"
Kind OwnerKind `json:"kind"`
// Name of the entity.
Name string `json:"name"`
}
+kubebuilder:object:generate=true
func (*UserSpec) DeepCopy ¶ added in v0.12.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserSpec.
func (*UserSpec) DeepCopyInto ¶ added in v0.12.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files
¶
- additional_metadata.go
- additional_role_bindings.go
- allowed_list.go
- exhaustion.go
- external_service_ips.go
- forbidden_list.go
- hostname_collision_scope.go
- image_pull_policy.go
- limit_ranges.go
- network_policy.go
- owner.go
- owner_list.go
- owner_status_list.go
- pod_options.go
- rbac.go
- resource_quota.go
- service_allowed_types.go
- service_options.go
- status.go
- status_namespaces.go
- tenant_roles.go
- users.go
- users_list.go
- zz_generated.deepcopy.go
Directories