Skip to content

Commit ab5e856

Browse files
PanSpagetkaPanSpagetka
committed
tmp
1 parent e9f2823 commit ab5e856

17 files changed

+1367
-27
lines changed

PROJECT

+22-21
Original file line numberDiff line numberDiff line change
@@ -1,60 +1,61 @@
1-
version: "2"
21
domain: cluster.x-k8s.io
32
repo: sigs.k8s.io/cluster-api-provider-aws
43
resources:
5-
# v1beta1 types
64
- group: infrastructure
7-
version: v1beta1
85
kind: AWSMachine
9-
- group: infrastructure
106
version: v1beta1
11-
kind: AWSCluster
127
- group: infrastructure
8+
kind: AWSCluster
139
version: v1beta1
14-
kind: AWSMachineTemplate
1510
- group: infrastructure
11+
kind: AWSMachineTemplate
1612
version: v1beta1
17-
kind: AWSClusterStaticIdentity
1813
- group: infrastructure
14+
kind: AWSClusterStaticIdentity
1915
version: v1beta1
20-
kind: AWSClusterRoleIdentity
2116
- group: infrastructure
17+
kind: AWSClusterRoleIdentity
2218
version: v1beta1
23-
kind: AWSClusterControllerIdentity
2419
- group: infrastructure
20+
kind: AWSClusterControllerIdentity
2521
version: v1beta1
26-
kind: AWSClusterTemplate
2722
- group: infrastructure
23+
kind: AWSClusterTemplate
2824
version: v1beta1
29-
kind: AWSManagedControlPlanes
3025
- group: infrastructure
26+
kind: AWSManagedControlPlanes
3127
version: v1beta1
28+
- group: infrastructure
3229
kind: AWSManagedCluster
33-
# v1beta2 types
30+
version: v1beta1
3431
- group: infrastructure
35-
version: v1beta2
3632
kind: AWSMachine
37-
- group: infrastructure
3833
version: v1beta2
39-
kind: AWSCluster
4034
- group: infrastructure
35+
kind: AWSCluster
4136
version: v1beta2
42-
kind: AWSMachineTemplate
4337
- group: infrastructure
38+
kind: AWSMachineTemplate
4439
version: v1beta2
45-
kind: AWSClusterStaticIdentity
4640
- group: infrastructure
41+
kind: AWSClusterStaticIdentity
4742
version: v1beta2
48-
kind: AWSClusterRoleIdentity
4943
- group: infrastructure
44+
kind: AWSClusterRoleIdentity
5045
version: v1beta2
51-
kind: AWSClusterControllerIdentity
5246
- group: infrastructure
47+
kind: AWSClusterControllerIdentity
5348
version: v1beta2
54-
kind: AWSClusterTemplate
5549
- group: infrastructure
50+
kind: AWSClusterTemplate
5651
version: v1beta2
57-
kind: AWSManagedControlPlanes
5852
- group: infrastructure
53+
kind: AWSManagedControlPlanes
5954
version: v1beta2
55+
- group: infrastructure
6056
kind: AWSManagedCluster
57+
version: v1beta2
58+
- group: infrastructure
59+
kind: ROSARoleConfig
60+
version: v1beta2
61+
version: "2"

api/v1beta2/rosaroleconfig_types.go

+140
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,140 @@
1+
/*
2+
Copyright The Kubernetes Authors.
3+
4+
Licensed under the Apache License, Version 2.0 (the "License");
5+
you may not use this file except in compliance with the License.
6+
You may obtain a copy of the License at
7+
8+
http://www.apache.org/licenses/LICENSE-2.0
9+
10+
Unless required by applicable law or agreed to in writing, software
11+
distributed under the License is distributed on an "AS IS" BASIS,
12+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
See the License for the specific language governing permissions and
14+
limitations under the License.
15+
*/
16+
17+
package v1beta2
18+
19+
import (
20+
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
21+
)
22+
23+
// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
24+
// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.
25+
26+
// ROSARoleConfigSpec defines the desired state of ROSARoleConfig
27+
28+
type ROSARoleConfigSpec struct {
29+
AccountRoleConfig AccountRoleConfig `json:"accountRoleConfig"`
30+
OperatorRoleConfig OperatorRoleConfig `json:"operatorRoleConfig"`
31+
OIDCConfig OIDCConfig `json:"oidcConfig"`
32+
}
33+
34+
// +kubebuilder:object:root=true
35+
36+
// ROSARoleConfig is the Schema for the rosaroleconfigs API
37+
type ROSARoleConfig struct {
38+
metav1.TypeMeta `json:",inline"`
39+
metav1.ObjectMeta `json:"metadata,omitempty"`
40+
41+
Spec ROSARoleConfigSpec `json:"spec,omitempty"`
42+
Status ROSARoleConfigStatus `json:"status,omitempty"`
43+
}
44+
45+
type AccountRoleConfig struct {
46+
Prefix string `json:"prefix"`
47+
PermissionsBoundaryARN string `json:"permissionsBoundaryARN,omitempty"`
48+
Path string `json:"path,omitempty"`
49+
Version string `json:"version"`
50+
SharedVPCConfig SharedVPCConfig `json:"sharedVPCConfig,omitempty"`
51+
}
52+
53+
type OperatorRoleConfig struct {
54+
Prefix string `json:"prefix"`
55+
PermissionsBoundaryARN string `json:"permissionsBoundaryARN,omitempty"`
56+
OIDCConfigID string `json:"oidcConfigId,omitempty"`
57+
SharedVPCConfig SharedVPCConfig `json:"sharedVPCConfig,omitempty"`
58+
}
59+
60+
type SharedVPCConfig struct {
61+
RouteRoleARN string `json:"routeRoleARN,omitempty"`
62+
VPCEndpointRoleARN string `json:"vpcEndpointRoleArn,omitempty"`
63+
}
64+
65+
type OIDCConfig struct {
66+
CreateManagedOIDC string `json:"createManagedOIDC"`
67+
ExternalAuthProviders []ExternalAuthProvider `json:"externalAuthProviders,omitempty"`
68+
}
69+
70+
type ExternalAuthProvider struct {
71+
Name string `json:"name"`
72+
Issuer Issuer `json:"issuer"`
73+
ClaimMappings ClaimMappings `json:"claimMappings"`
74+
OIDCClients []OIDCClient `json:"oidcClients,omitempty"`
75+
}
76+
77+
type Issuer struct {
78+
IssuerURL string `json:"issuerURL"`
79+
Audiences []string `json:"audiences,omitempty"`
80+
}
81+
82+
type ClaimMappings struct {
83+
Username Mapping `json:"username"`
84+
Groups Mapping `json:"groups,omitempty"`
85+
}
86+
87+
type Mapping struct {
88+
Claim string `json:"claim"`
89+
PrefixPolicy string `json:"prefixPolicy,omitempty"`
90+
}
91+
92+
type OIDCClient struct {
93+
ComponentName string `json:"componentName"`
94+
ComponentNamespace string `json:"componentNamespace"`
95+
ClientID string `json:"clientID"`
96+
ClientSecret SecretReference `json:"clientSecret"`
97+
}
98+
99+
type SecretReference struct {
100+
Name string `json:"name"`
101+
}
102+
103+
// ROSARoleConfigStatus defines the observed state of ROSARoleConfig
104+
type ROSARoleConfigStatus struct {
105+
Conditions []metav1.Condition `json:"conditions,omitempty"`
106+
OIDCID string `json:"oidcID,omitempty"`
107+
OIDCProviderARN string `json:"oidcProviderARN,omitempty"`
108+
AccountRolesRef AccountRolesRef `json:"accountRolesRef,omitempty"`
109+
OperatorRolesRef OperatorRolesRef `json:"operatorRolesRef,omitempty"`
110+
}
111+
112+
type AccountRolesRef struct {
113+
InstallerRoleARN string `json:"installerRoleARN,omitempty"`
114+
SupportRoleARN string `json:"supportRoleARN,omitempty"`
115+
WorkerRoleARN string `json:"workerRoleARN,omitempty"`
116+
}
117+
118+
type OperatorRolesRef struct {
119+
IngressARN string `json:"ingressARN,omitempty"`
120+
ImageRegistryARN string `json:"imageRegistryARN,omitempty"`
121+
StorageARN string `json:"storageARN,omitempty"`
122+
NetworkARN string `json:"networkARN,omitempty"`
123+
KubeCloudControllerARN string `json:"kubeCloudControllerARN,omitempty"`
124+
NodePoolManagementARN string `json:"nodePoolManagementARN,omitempty"`
125+
ControlPlaneOperatorARN string `json:"controlPlaneOperatorARN,omitempty"`
126+
KMSProviderARN string `json:"kmsProviderARN,omitempty"`
127+
}
128+
129+
// +kubebuilder:object:root=true
130+
131+
// ROSARoleConfigList contains a list of ROSARoleConfig
132+
type ROSARoleConfigList struct {
133+
metav1.TypeMeta `json:",inline"`
134+
metav1.ListMeta `json:"metadata,omitempty"`
135+
Items []ROSARoleConfig `json:"items"`
136+
}
137+
138+
func init() {
139+
SchemeBuilder.Register(&ROSARoleConfig{}, &ROSARoleConfigList{})
140+
}

0 commit comments

Comments
 (0)