Skip to content

✨ Add RosaRoles config #5473

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

✨ Add RosaRoles config #5473

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 21 additions & 20 deletions PROJECT
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,59 +2,60 @@ version: "2"
domain: cluster.x-k8s.io
repo: sigs.k8s.io/cluster-api-provider-aws
resources:
# v1beta1 types
- group: infrastructure
version: v1beta1
kind: AWSMachine
- group: infrastructure
version: v1beta1
kind: AWSCluster
- group: infrastructure
kind: AWSCluster
version: v1beta1
kind: AWSMachineTemplate
- group: infrastructure
kind: AWSMachineTemplate
version: v1beta1
kind: AWSClusterStaticIdentity
- group: infrastructure
kind: AWSClusterStaticIdentity
version: v1beta1
kind: AWSClusterRoleIdentity
- group: infrastructure
kind: AWSClusterRoleIdentity
version: v1beta1
kind: AWSClusterControllerIdentity
- group: infrastructure
kind: AWSClusterControllerIdentity
version: v1beta1
kind: AWSClusterTemplate
- group: infrastructure
kind: AWSClusterTemplate
version: v1beta1
kind: AWSManagedControlPlanes
- group: infrastructure
kind: AWSManagedControlPlanes
version: v1beta1
- group: infrastructure
kind: AWSManagedCluster
# v1beta2 types
version: v1beta1
- group: infrastructure
version: v1beta2
kind: AWSMachine
- group: infrastructure
version: v1beta2
kind: AWSCluster
- group: infrastructure
kind: AWSCluster
version: v1beta2
kind: AWSMachineTemplate
- group: infrastructure
kind: AWSMachineTemplate
version: v1beta2
kind: AWSClusterStaticIdentity
- group: infrastructure
kind: AWSClusterStaticIdentity
version: v1beta2
kind: AWSClusterRoleIdentity
- group: infrastructure
kind: AWSClusterRoleIdentity
version: v1beta2
kind: AWSClusterControllerIdentity
- group: infrastructure
kind: AWSClusterControllerIdentity
version: v1beta2
kind: AWSClusterTemplate
- group: infrastructure
kind: AWSClusterTemplate
version: v1beta2
kind: AWSManagedControlPlanes
- group: infrastructure
kind: AWSManagedControlPlanes
version: v1beta2
- group: infrastructure
kind: AWSManagedCluster
version: v1beta2
- group: infrastructure
kind: ROSARoleConfig
version: v1beta2
263 changes: 263 additions & 0 deletions config/crd/bases/infrastructure.cluster.x-k8s.io_rosaroleconfig.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,263 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.5
name: rosaroleconfig.infrastructure.cluster.x-k8s.io
spec:
group: infrastructure.cluster.x-k8s.io
names:
categories:
- cluster-api
kind: ROSARoleConfig
listKind: ROSARoleConfigList
plural: rosaroleconfig
shortNames:
- rosarole
singular: rosaroleconfig
scope: cluster
versions:
- name: v1beta2
schema:
openAPIV3Schema:
description: ROSARoleConfig is the Schema for the rosaroleconfigs API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
properties:
accountRoleConfig:
properties:
path:
type: string
permissionsBoundaryARN:
type: string
prefix:
maxLength: 4
type: string
sharedVPCConfig:
properties:
routeRoleARN:
type: string
vpcEndpointRoleArn:
type: string
type: object
version:
type: string
required:
- prefix
- version
type: object
oidcConfig:
properties:
createManagedOIDC:
type: string
externalAuthProviders:
items:
properties:
claimMappings:
properties:
groups:
properties:
claim:
type: string
prefixPolicy:
type: string
required:
- claim
type: object
username:
properties:
claim:
type: string
prefixPolicy:
type: string
required:
- claim
type: object
required:
- username
type: object
issuer:
properties:
audiences:
items:
type: string
type: array
issuerURL:
type: string
required:
- issuerURL
type: object
name:
type: string
oidcClients:
items:
properties:
clientID:
type: string
clientSecret:
properties:
name:
type: string
required:
- name
type: object
componentName:
type: string
componentNamespace:
type: string
required:
- clientID
- clientSecret
- componentName
- componentNamespace
type: object
type: array
required:
- claimMappings
- issuer
- name
type: object
type: array
required:
- createManagedOIDC
type: object
operatorRoleConfig:
properties:
oidcConfigId:
type: string
permissionsBoundaryARN:
type: string
prefix:
maxLength: 4
type: string
sharedVPCConfig:
properties:
routeRoleARN:
type: string
vpcEndpointRoleArn:
type: string
type: object
required:
- oidcConfigId
- prefix
type: object
required:
- accountRoleConfig
- oidcConfig
- operatorRoleConfig
type: object
status:
description: ROSARoleConfigStatus defines the observed state of ROSARoleConfig
properties:
accountRolesRef:
properties:
installerRoleARN:
type: string
supportRoleARN:
type: string
workerRoleARN:
type: string
type: object
conditions:
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
oidcID:
type: string
oidcProviderARN:
type: string
operatorRolesRef:
properties:
controlPlaneOperatorARN:
type: string
imageRegistryARN:
type: string
ingressARN:
type: string
kmsProviderARN:
type: string
kubeCloudControllerARN:
type: string
networkARN:
type: string
nodePoolManagementARN:
type: string
storageARN:
type: string
type: object
type: object
type: object
served: true
storage: true
subresources:
status: {}
Loading