github.com/codeready-toolchain/api@v0.0.0-20240507023248-73662d6db2c5/api/v1alpha1/workspace_types.go

github.com/codeready-toolchain/api@v0.0.0-20240507023248-73662d6db2c5/api/v1alpha1/workspace_types.go (about)

     1  package v1alpha1
     2  
     3  import (
     4  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
     5  )
     6  
     7  // WorkspaceStatus defines the observed state of a Workspace
     8  // +k8s:openapi-gen=true
     9  type WorkspaceStatus struct {
    10  	// The list of namespaces belonging to the Workspace.
    11  	// +optional
    12  	// +listType=atomic
    13  	Namespaces []SpaceNamespace `json:"namespaces,omitempty"`
    14  
    15  	// Owner the name of the UserSignup that owns the workspace. It’s the user who is being charged
    16  	// for the usage and whose quota is used for the workspace. There is only one user for this kind
    17  	// of relationship and it can be transferred to someone else during the lifetime of the workspace.
    18  	// By default, it’s the creator who becomes the owner as well.
    19  	// +optional
    20  	Owner string `json:"owner,omitempty"`
    21  
    22  	// Role defines what kind of permissions the user has in the given workspace.
    23  	// +optional
    24  	Role string `json:"role,omitempty"`
    25  
    26  	// Type defines the type of workspace. For example, "home" for a user's given workspace upon first
    27  	// signing up. It is currently valid for this value to be empty.
    28  	// +optional
    29  	Type string `json:"type,omitempty"`
    30  
    31  	// AvailableRoles contains the roles for this tier. For example, "admin|contributor|maintainer".
    32  	// +listType=atomic
    33  	// +optional
    34  	AvailableRoles []string `json:"availableRoles,omitempty"`
    35  
    36  	// Bindings enumerates the permissions that have been granted to users within the current workspace, and actions that can be applied to those permissions.
    37  	// +listType=atomic
    38  	// +optional
    39  	Bindings []Binding `json:"bindings,omitempty"`
    40  }
    41  
    42  // Binding defines a user role in a given workspace,
    43  // and available actions that can be performed on the role
    44  // +k8s:openapi-gen=true
    45  type Binding struct {
    46  	// MasterUserRecord is the name of the user that has access to the workspace.
    47  	// This field is immutable via a validating webhook.
    48  	MasterUserRecord string `json:"masterUserRecord,omitempty"`
    49  
    50  	// Role is the role of the user in the current workspace. For example "admin" for the user that has all permissions on the current workspace.
    51  	Role string `json:"role,omitempty"`
    52  
    53  	// AvailableActions is a list of actions that can be performed on the binding.
    54  	// Available values:
    55  	// - "update" when the role in the current binding can be changed
    56  	// - "delete" when the current binding can be deleted
    57  	// - "override" when the current binding is inherited from a parent workspace, it cannot be updated, but it can be overridden by creating a new binding containing the same MasterUserRecord but different role in the subworkspace.
    58  	// +listType=atomic
    59  	// +optional
    60  	AvailableActions []string `json:"availableActions,omitempty"`
    61  
    62  	// BindingRequest provides the name and namespace of the SpaceBindingRequest that generated the SpaceBinding resource.
    63  	// It's available only if the binding was generated using the SpaceBindingRequest mechanism.
    64  	// +optional
    65  	BindingRequest *BindingRequest `json:"bindingRequest,omitempty"`
    66  }
    67  
    68  // BindingRequest contains the name and the namespace where of the associated SpaceBindingRequest.
    69  // +k8s:openapi-gen=true
    70  type BindingRequest struct {
    71  	// Name of the SpaceBindingRequest that generated the SpaceBinding resource.
    72  	Name string `json:"name"`
    73  	// Namespace of the SpaceBindingRequest that generated the SpaceBinding resource.
    74  	Namespace string `json:"namespace"`
    75  }
    76  
    77  // +kubebuilder:object:root=true
    78  // +kubebuilder:subresource:status
    79  // Workspace is the Schema for the workspaces API but it is only for use by the Proxy. There will be
    80  // no actual Workspace CRs in the host/member clusters. The CRD will be installed in member clusters
    81  // for API discovery purposes only. The schema will be used by the proxy's workspace lister API.
    82  // +k8s:openapi-gen=true
    83  // +kubebuilder:resource:scope=Cluster
    84  // +kubebuilder:printcolumn:name="Owner",type="string",JSONPath=`.status.owner`
    85  // +kubebuilder:printcolumn:name="Role",type="string",JSONPath=`.status.role`
    86  // +kubebuilder:validation:XPreserveUnknownFields
    87  // +operator-sdk:gen-csv:customresourcedefinitions.displayName="Workspace"
    88  type Workspace struct {
    89  	metav1.TypeMeta   `json:",inline"`
    90  	metav1.ObjectMeta `json:"metadata,omitempty"`
    91  
    92  	Status WorkspaceStatus `json:"status,omitempty"`
    93  }
    94  
    95  //+kubebuilder:object:root=true
    96  
    97  // WorkspaceList contains a list of Workspaces
    98  type WorkspaceList struct {
    99  	metav1.TypeMeta `json:",inline"`
   100  	metav1.ListMeta `json:"metadata,omitempty"`
   101  	Items           []Workspace `json:"items"`
   102  }
   103  
   104  func init() {
   105  	SchemeBuilder.Register(&Workspace{}, &WorkspaceList{})
   106  }