github.com/IBM-Blockchain/fabric-operator@v1.0.4/api/v1beta1/ibpca_types.go

github.com/IBM-Blockchain/fabric-operator@v1.0.4/api/v1beta1/ibpca_types.go (about)

     1  /*
     2   * Copyright contributors to the Hyperledger Fabric Operator project
     3   *
     4   * SPDX-License-Identifier: Apache-2.0
     5   *
     6   * Licensed under the Apache License, Version 2.0 (the "License");
     7   * you may not use this file except in compliance with the License.
     8   * You may obtain a copy of the License at:
     9   *
    10   * 	  http://www.apache.org/licenses/LICENSE-2.0
    11   *
    12   * Unless required by applicable law or agreed to in writing, software
    13   * distributed under the License is distributed on an "AS IS" BASIS,
    14   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    15   * See the License for the specific language governing permissions and
    16   * limitations under the License.
    17   */
    18  
    19  package v1beta1
    20  
    21  import (
    22  	corev1 "k8s.io/api/core/v1"
    23  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    24  	"k8s.io/apimachinery/pkg/runtime"
    25  )
    26  
    27  // NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
    28  
    29  // IBPCASpec defines the desired state of IBP CA
    30  // +k8s:deepcopy-gen=true
    31  // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
    32  type IBPCASpec struct {
    33  	// License should be accepted by the user to be able to setup CA
    34  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
    35  	License License `json:"license"`
    36  
    37  	/* generic configs - images/resources/storage/servicetype/version/replicas */
    38  
    39  	// Images (Optional) lists the images to be used for CA's deployment
    40  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
    41  	Images *CAImages `json:"images,omitempty"`
    42  
    43  	// RegistryURL is registry url used to pull images
    44  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
    45  	RegistryURL string `json:"registryURL,omitempty"`
    46  
    47  	// ImagePullSecrets (Optional) is the list of ImagePullSecrets to be used for CA's deployment
    48  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
    49  	ImagePullSecrets []string `json:"imagePullSecrets,omitempty"`
    50  
    51  	// Replicas (Optional - default 1) is the number of CA replicas to be setup
    52  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
    53  	Replicas *int32 `json:"replicas,omitempty"`
    54  
    55  	// Resources (Optional) is the amount of resources to be provided to CA deployment
    56  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
    57  	Resources *CAResources `json:"resources,omitempty"`
    58  
    59  	// Service (Optional) is the override object for CA's service
    60  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
    61  	Service *Service `json:"service,omitempty"`
    62  
    63  	// Storage (Optional - uses default storageclass if not provided) is the override object for CA's PVC config
    64  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
    65  	Storage *CAStorages `json:"storage,omitempty"`
    66  
    67  	/* CA specific configs */
    68  
    69  	// ConfigOverride (Optional) is the object to provide overrides to CA & TLSCA config
    70  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
    71  	ConfigOverride *ConfigOverride `json:"configoverride,omitempty"`
    72  
    73  	// HSM (Optional) is DEPRECATED
    74  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
    75  	HSM *HSM `json:"hsm,omitempty"`
    76  
    77  	// CustomNames (Optional) is to use pre-configured resources for CA's deployment
    78  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
    79  	CustomNames CACustomNames `json:"customNames,omitempty"`
    80  
    81  	// NumSecondsWarningPeriod (Optional - default 30 days) is used to define certificate expiry warning period.
    82  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
    83  	NumSecondsWarningPeriod int64 `json:"numSecondsWarningPeriod,omitempty"`
    84  
    85  	// FabricVersion (Optional) set the fabric version you want to use.
    86  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
    87  	FabricVersion string `json:"version"`
    88  
    89  	// Domain is the sub-domain used for CA's deployment
    90  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
    91  	Domain string `json:"domain,omitempty"`
    92  
    93  	// Ingress (Optional) is ingress object for ingress overrides
    94  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
    95  	Ingress Ingress `json:"ingress,omitempty"`
    96  
    97  	/* cluster related configs */
    98  
    99  	// Arch (Optional) is the architecture of the nodes where CA should be deployed
   100  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   101  	Arch []string `json:"arch,omitempty"`
   102  
   103  	// Region (Optional) is the region of the nodes where the CA should be deployed
   104  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   105  	Region string `json:"region,omitempty"`
   106  
   107  	// Zone (Optional) is the zone of the nodes where the CA should be deployed
   108  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   109  	Zone string `json:"zone,omitempty"`
   110  
   111  	// Action (Optional) is action object for trigerring actions
   112  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   113  	Action CAAction `json:"action,omitempty"`
   114  }
   115  
   116  // +k8s:deepcopy-gen=true
   117  // ConfigOverride is the overrides to CA's & TLSCA's configuration
   118  // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   119  type ConfigOverride struct {
   120  	// CA (Optional) is the overrides to CA's configuration
   121  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   122  	// +kubebuilder:validation:Type=object
   123  	// +kubebuilder:validation:Schemaless
   124  	// +kubebuilder:pruning:PreserveUnknownFields
   125  	CA *runtime.RawExtension `json:"ca,omitempty"`
   126  	// TLSCA (Optional) is the overrides to TLSCA's configuration
   127  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   128  	// +kubebuilder:validation:Type=object
   129  	// +kubebuilder:validation:Schemaless
   130  	// +kubebuilder:pruning:PreserveUnknownFields
   131  	TLSCA *runtime.RawExtension `json:"tlsca,omitempty"`
   132  	// MaxNameLength (Optional) is the maximum length of the name that the CA can have
   133  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   134  	MaxNameLength *int `json:"maxnamelength,omitempty"`
   135  }
   136  
   137  // +k8s:deepcopy-gen=true
   138  // IBPCAStatus defines the observed state of IBPCA
   139  // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   140  type IBPCAStatus struct {
   141  	// CRStatus is the status of the CA resource
   142  	// +operator-sdk:gen-csv:customresourcedefinitions.statusDescriptors=true
   143  	CRStatus `json:",inline"`
   144  }
   145  
   146  // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
   147  // +k8s:deepcopy-gen=true
   148  // +kubebuilder:storageversion
   149  // Certificate Authorities issue certificates for all the identities to transact on the network.
   150  // Warning: CA deployment using this tile is not supported. Please use the IBP Console to deploy a CA.
   151  // +kubebuilder:subresource:status
   152  // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   153  // +operator-sdk:gen-csv:customresourcedefinitions.displayName="IBP CA"
   154  // +operator-sdk:gen-csv:customresourcedefinitions.resources=`Deployments,v1,""`
   155  // +operator-sdk:gen-csv:customresourcedefinitions.resources=`Ingresses,v1beta1,""`
   156  // +operator-sdk:gen-csv:customresourcedefinitions.resources=`PersistentVolumeClaim,v1,""`
   157  // +operator-sdk:gen-csv:customresourcedefinitions.resources=`Role,v1,""`
   158  // +operator-sdk:gen-csv:customresourcedefinitions.resources=`RoleBinding,v1,""`
   159  // +operator-sdk:gen-csv:customresourcedefinitions.resources=`Route,v1,""`
   160  // +operator-sdk:gen-csv:customresourcedefinitions.resources=`Services,v1,""`
   161  // +operator-sdk:gen-csv:customresourcedefinitions.resources=`ServiceAccounts,v1,""`
   162  // +operator-sdk:gen-csv:customresourcedefinitions.resources=`ConfigMaps,v1,""`
   163  // +operator-sdk:gen-csv:customresourcedefinitions.resources=`Secrets,v1,""`
   164  // +operator-sdk:gen-csv:customresourcedefinitions.resources=`Pods,v1,""`
   165  // +operator-sdk:gen-csv:customresourcedefinitions.resources=`Replicasets,v1,""`
   166  // +operator-sdk:gen-csv:customresourcedefinitions.resources=`IBPCA,v1beta1,""`
   167  // +operator-sdk:gen-csv:customresourcedefinitions.resources=`IBPPeer,v1beta1,""`
   168  // +operator-sdk:gen-csv:customresourcedefinitions.resources=`IBPOrderer,v1beta1,""`
   169  // +operator-sdk:gen-csv:customresourcedefinitions.resources=`IBPConsole,v1beta1,""`
   170  type IBPCA struct {
   171  	metav1.TypeMeta   `json:",inline"`
   172  	metav1.ObjectMeta `json:"metadata,omitempty"`
   173  
   174  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   175  	Spec IBPCASpec `json:"spec,omitempty"`
   176  
   177  	// Status is the observed state of IBPCA
   178  	// +operator-sdk:gen-csv:customresourcedefinitions.statusDescriptors=true
   179  	Status IBPCAStatus `json:"status,omitempty"`
   180  }
   181  
   182  // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
   183  // +k8s:deepcopy-gen=true
   184  // IBPCAList contains a list of IBPCA
   185  // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   186  type IBPCAList struct {
   187  	metav1.TypeMeta `json:",inline"`
   188  	metav1.ListMeta `json:"metadata,omitempty"`
   189  	Items           []IBPCA `json:"items"`
   190  }
   191  
   192  // +k8s:deepcopy-gen=true
   193  // CAResources is the overrides to the resources of the CA
   194  // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   195  type CAResources struct {
   196  	// Init is the resources provided to the init container
   197  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   198  	Init *corev1.ResourceRequirements `json:"init,omitempty"`
   199  
   200  	// CA is the resources provided to the CA container
   201  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   202  	CA *corev1.ResourceRequirements `json:"ca,omitempty"`
   203  
   204  	// EnrollJJob is the resources provided to the enroll job container
   205  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   206  	EnrollJob *corev1.ResourceRequirements `json:"enrollJob,omitempty"`
   207  
   208  	// HSMDaemon is the resources provided to the HSM daemon container
   209  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   210  	HSMDaemon *corev1.ResourceRequirements `json:"hsmDaemon,omitempty"`
   211  }
   212  
   213  // +k8s:deepcopy-gen=true
   214  // CAStorages is the overrides to the storage of the CA
   215  // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   216  type CAStorages struct {
   217  	// CA is the configuration of the storage of the CA
   218  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   219  	CA *StorageSpec `json:"ca,omitempty"`
   220  }
   221  
   222  // +k8s:deepcopy-gen=true
   223  // CAConnectionProfile is the object for connection profile
   224  // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   225  type CAConnectionProfile struct {
   226  	// Endpoints is the endpoints to talk to CA
   227  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   228  	Endpoints CAEndpoints `json:"endpoints"`
   229  
   230  	// TLS is the object with CA servers TLS information
   231  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   232  	TLS *ConnectionProfileTLS `json:"tls"`
   233  
   234  	// CA is the object with CA crypto in connection profile
   235  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   236  	CA *MSP `json:"ca"`
   237  
   238  	// TLSCA is the object with tls CA crypto in connection profile
   239  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   240  	TLSCA *MSP `json:"tlsca"`
   241  }
   242  
   243  // ConnectionProfileTLS is the object with CA servers TLS information
   244  // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   245  type ConnectionProfileTLS struct {
   246  
   247  	// Cert is the base64 encoded tls cert of CA server
   248  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   249  	Cert string `json:"cert"`
   250  }
   251  
   252  // CAEndpoints is the list of endpoints to communicate with the CA
   253  // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   254  type CAEndpoints struct {
   255  	// API is the endpoint to communicate with CA's API
   256  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   257  	API string `json:"api"`
   258  	// Operations is the endpoint to communicate with CA's Operations API
   259  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   260  	Operations string `json:"operations"`
   261  }
   262  
   263  // CAImages is the list of images to be used in CA deployment
   264  // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   265  type CAImages struct {
   266  	// CAImage is the name of the CA image
   267  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   268  	CAImage string `json:"caImage,omitempty"`
   269  	// CATag is the tag of the CA image
   270  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   271  	CATag string `json:"caTag,omitempty"`
   272  	// CAInitImage is the name of the Init image
   273  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   274  	CAInitImage string `json:"caInitImage,omitempty"`
   275  	// CAInitTag is the tag of the Init image
   276  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   277  	CAInitTag string `json:"caInitTag,omitempty"`
   278  	// HSMImage is the name of the HSM image
   279  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   280  	HSMImage string `json:"hsmImage,omitempty"`
   281  	// HSMTag is the tag of the HSM image
   282  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   283  	HSMTag string `json:"hsmTag,omitempty"`
   284  	// EnrollerImage is the name of the init image for crypto generation
   285  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   286  	EnrollerImage string `json:"enrollerImage,omitempty"`
   287  	// EnrollerTag is the tag of the init image for crypto generation
   288  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   289  	EnrollerTag string `json:"enrollerTag,omitempty"`
   290  }
   291  
   292  // +k8s:deepcopy-gen=true
   293  // CACustomNames is the list of preconfigured objects to be used for CA's deployment
   294  // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   295  type CACustomNames struct {
   296  	// PVC is the list of PVC Names to be used for CA's deployment
   297  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   298  	PVC CAPVCNames `json:"pvc,omitempty"`
   299  	// Sqlite is the sqlite path to be used for CA's deployment
   300  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   301  	Sqlite string `json:"sqlitepath,omitempty"`
   302  }
   303  
   304  // CAPVCNames is the list of PVC Names to be used for CA's deployment
   305  // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   306  type CAPVCNames struct {
   307  	// CA is the pvc to be used as CA's storage
   308  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   309  	CA string `json:"ca,omitempty"`
   310  }
   311  
   312  // CAAction contains actions that can be performed on CA
   313  // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   314  type CAAction struct {
   315  	// Restart action is used to restart the running CA
   316  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   317  	Restart bool `json:"restart,omitempty"`
   318  
   319  	// Renew action is object for certificate renewals
   320  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   321  	Renew Renew `json:"renew,omitempty"`
   322  }
   323  
   324  // Renew is object for certificate renewals
   325  // +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   326  type Renew struct {
   327  	// TLSCert action is used to renew TLS crypto for CA server
   328  	// +operator-sdk:gen-csv:customresourcedefinitions.specDescriptors=true
   329  	TLSCert bool `json:"tlscert,omitempty"`
   330  }