k8c.io/api/v3@v3.0.0-20230904060738-b0a93889c0b6/pkg/apis/apps.kubermatic/v1/application_definition.go (about) 1 /* 2 Copyright 2023 The Kubermatic Kubernetes Platform contributors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package v1 18 19 import ( 20 corev1 "k8s.io/api/core/v1" 21 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 22 "k8s.io/apimachinery/pkg/runtime" 23 ) 24 25 const ( 26 // ApplicationInstallationResourceName represents "Resource" defined in Kubernetes. 27 ApplicationDefinitionResourceName = "applicationdefinitions" 28 29 // ApplicationDefinitionKindName represents "Kind" defined in Kubernetes. 30 ApplicationDefinitionKindName = "ApplicationDefinitions" 31 ) 32 33 type HelmCredentials struct { 34 // Username holds the ref and key in the secret for the username credential. 35 // The Secret must exist in the namespace where KKP is installed (default is "kubermatic"). 36 // The Secret must be annotated with `apps.kubermatic.k8c.io/secret-type:` set to helm or git 37 Username *corev1.SecretKeySelector `json:"username,omitempty"` 38 39 // Password holds the ref and key in the secret for the Password credential. 40 // The Secret must exist in the namespace where KKP is installed (default is "kubermatic"). 41 // The Secret must be annotated with `apps.kubermatic.k8c.io/secret-type:` set to helm or git 42 Password *corev1.SecretKeySelector `json:"password,omitempty"` 43 44 // RegistryConfigFile holds the ref and key in the secret for the registry credential file. The value is dockercfg 45 // file that follows the same format rules as ~/.docker/config.json 46 // The The Secret must exist in the namespace where KKP is installed (default is "kubermatic"). 47 // The Secret must be annotated with `apps.kubermatic.k8c.io/secret-type:` set to helm or git 48 RegistryConfigFile *corev1.SecretKeySelector `json:"registryConfigFile,omitempty"` 49 } 50 51 type HelmSource struct { 52 // URl of the helm repository. 53 // It can be an HTTP(s) repository (e.g. https://localhost/myrepo) or on OCI repository (e.g. oci://localhost:5000/myrepo). 54 // +kubebuilder:validation:Pattern="^(http|https|oci)://.+" 55 URL string `json:"url"` 56 57 // Name of the Chart. 58 // +kubebuilder:validation:MinLength=1 59 ChartName string `json:"chartName"` 60 61 // Version of the Chart. 62 // +kubebuilder:validation:MinLength=1 63 ChartVersion string `json:"chartVersion"` 64 65 // Credentials are optional and hold the ref to the secret with helm credentials. 66 // Either username / Password or registryConfigFile can be defined. 67 Credentials *HelmCredentials `json:"credentials,omitempty"` 68 } 69 70 const ( 71 GitAuthMethodPassword GitAuthMethod = "password" 72 GitAuthMethodToken GitAuthMethod = "token" 73 GitAuthMethodSSHKey GitAuthMethod = "ssh-key" 74 ) 75 76 // +kubebuilder:validation:Enum=password;token;ssh-key 77 type GitAuthMethod string 78 79 type GitCredentials struct { 80 // Authentication method. Either password or token or ssh-key. 81 // if method is password then username and password must be defined. 82 // if method is token then token must be defined. 83 // if method is ssh-key then ssh-key must be defined. 84 Method GitAuthMethod `json:"method"` 85 86 // Username holds the ref and key in the secret for the username credential. 87 // The Secret must exist in the namespace where KKP is installed (default is "kubermatic"). 88 // The Secret must be annotated with `apps.kubermatic.k8c.io/secret-type:` set to helm or git 89 Username *corev1.SecretKeySelector `json:"username,omitempty"` 90 91 // Password holds the ref and key in the secret for the Password credential. 92 // The Secret must exist in the namespace where KKP is installed (default is "kubermatic"). 93 // The Secret must be annotated with `apps.kubermatic.k8c.io/secret-type:` set to helm or git 94 Password *corev1.SecretKeySelector `json:"password,omitempty"` 95 96 // Token holds the ref and key in the secret for the token credential. 97 // The Secret must exist in the namespace where KKP is installed (default is "kubermatic"). 98 // The Secret must be annotated with `apps.kubermatic.k8c.io/secret-type:` set to helm or git 99 Token *corev1.SecretKeySelector `json:"token,omitempty"` 100 101 // SSHKey holds the ref and key in the secret for the SshKey credential. 102 // The Secret must exist in the namespace where KKP is installed (default is "kubermatic"). 103 // The Secret must be annotated with `apps.kubermatic.k8c.io/secret-type:` set to helm or git 104 SSHKey *corev1.SecretKeySelector `json:"sshKey,omitempty"` 105 } 106 107 type GitReference struct { 108 // Branch to checkout. Only the last commit of the branch will be checkout in order to reduce the amount of data to download. 109 // +optional 110 Branch string `json:"branch,omitempty"` 111 112 // Commit SHA in a Branch to checkout. 113 // 114 // It must be used in conjunction with branch field. 115 // +kubebuilder:validation:Pattern:=`^[a-f0-9]{40}$` 116 // +kubebuilder:validation:Type=string 117 // +optional 118 Commit string `json:"commit,omitempty"` 119 120 // Tag to check out. 121 // It can not be used in conjunction with commit or branch. 122 // +kubebuilder:validation:Type=string 123 // +optional 124 Tag string `json:"tag,omitempty"` 125 } 126 127 type GitSource struct { 128 // URL to the repository. Can be HTTP(s) (e.g. https://example.com/myrepo) or SSH (e.g. git://example.com[:port]/path/to/repo.git/) 129 // +kubebuilder:validation:MinLength=1 130 Remote string `json:"remote"` 131 132 // Git reference to checkout. 133 // For large repositories, we recommend to either use Tag, Branch or Branch+Commit. This allows a shallow clone, which dramatically speeds up performance 134 Ref GitReference `json:"ref"` 135 136 // Path of the "source" in the repository. default is repository root 137 Path string `json:"path,omitempty"` 138 139 // Credentials are optional and holds the git credentials 140 Credentials *GitCredentials `json:"credentials,omitempty"` 141 } 142 143 type ApplicationSource struct { 144 // Install Application from a Helm repository 145 Helm *HelmSource `json:"helm,omitempty"` 146 147 // Install application from a Git repository 148 Git *GitSource `json:"git,omitempty"` 149 } 150 151 const ( 152 HelmTemplateMethod TemplateMethod = "helm" 153 ) 154 155 // +kubebuilder:validation:Enum=helm 156 type TemplateMethod string 157 158 type ApplicationTemplate struct { 159 // Defined how the source of the application (e.g Helm chart) is retrieved. 160 // Exactly one type of source must be defined. 161 Source ApplicationSource `json:"source"` 162 163 // DependencyCredentials holds the credentials that may be needed for templating the application. 164 DependencyCredentials *DependencyCredentials `json:"templateCredentials,omitempty"` 165 } 166 167 type DependencyCredentials struct { 168 // HelmCredentials holds the ref to the secret with helm credentials needed to build helm dependencies. 169 // It is not required when using helm as a source, as dependencies are already prepackaged in this case. 170 // It's either username / password or a registryConfigFile can be defined. 171 HelmCredentials *HelmCredentials `json:"helmCredentials,omitempty"` 172 } 173 174 type ApplicationVersion struct { 175 // +kubebuilder:validation:Pattern:=v?([0-9]+)(\.[0-9]+)?(\.[0-9]+)?(-([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?(\+([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))? 176 // +kubebuilder:validation:Type=string 177 178 // Version of the application (e.g. v1.2.3) 179 Version string `json:"version"` 180 // (pattern taken from masterminds/semver we use https://github.com/Masterminds/semver/blob/master/version.go#L42) 181 182 // Template defines how application is installed (source provenance, Method...) 183 Template ApplicationTemplate `json:"template"` 184 } 185 186 // ApplicationDefinitionSpec defines the desired state of ApplicationDefinition. 187 type ApplicationDefinitionSpec struct { 188 // Description of the application. what is its purpose 189 Description string `json:"description"` 190 191 // Method used to install the application 192 Method TemplateMethod `json:"method"` 193 194 // DefaultValues describe overrides for manifest-rendering in UI when creating an application. 195 // +kubebuilder:pruning:PreserveUnknownFields 196 DefaultValues *runtime.RawExtension `json:"defaultValues,omitempty"` 197 198 // DefaultDeployOptions holds the settings specific to the templating method used to deploy the application. 199 // These settings can be overridden in applicationInstallation. 200 DefaultDeployOptions *DeployOptions `json:"defaultDeployOptions,omitempty"` 201 202 // Available version for this application 203 Versions []ApplicationVersion `json:"versions"` 204 } 205 206 // +genclient 207 // +kubebuilder:object:root=true 208 // +kubebuilder:resource:scope=Cluster,shortName=appdef 209 210 // ApplicationDefinition is the Schema for the applicationdefinitions API. 211 type ApplicationDefinition struct { 212 metav1.TypeMeta `json:",inline"` 213 metav1.ObjectMeta `json:"metadata,omitempty"` 214 215 Spec ApplicationDefinitionSpec `json:"spec,omitempty"` 216 } 217 218 // +kubebuilder:object:root=true 219 220 // ApplicationDefinitionList contains a list of ApplicationDefinition. 221 type ApplicationDefinitionList struct { 222 metav1.TypeMeta `json:",inline"` 223 metav1.ListMeta `json:"metadata,omitempty"` 224 Items []ApplicationDefinition `json:"items"` 225 }