k8c.io/api/v3@v3.0.0-20230904060738-b0a93889c0b6/pkg/apis/ee.kubermatic/v1/group_project_binding.go

k8c.io/api/v3@v3.0.0-20230904060738-b0a93889c0b6/pkg/apis/ee.kubermatic/v1/group_project_binding.go (about)

     1  /*
     2  Copyright 2023 The Kubermatic Kubernetes Platform contributors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8      http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package v1
    18  
    19  import (
    20  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    21  )
    22  
    23  // +genclient
    24  // +kubebuilder:resource:scope=Cluster
    25  // +kubebuilder:object:generate=true
    26  // +kubebuilder:object:root=true
    27  // +kubebuilder:printcolumn:JSONPath=".spec.projectID",name="ProjectID",type="string"
    28  // +kubebuilder:printcolumn:JSONPath=".spec.group",name="Group",type="string"
    29  // +kubebuilder:printcolumn:JSONPath=".spec.role",name="Role",type="string"
    30  // +kubebuilder:printcolumn:JSONPath=".metadata.creationTimestamp",name="Age",type="date"
    31  
    32  // GroupProjectBinding specifies a binding between a group and a project
    33  // This resource is used by the user management to manipulate member groups of the given project.
    34  type GroupProjectBinding struct {
    35  	metav1.TypeMeta   `json:",inline"`
    36  	metav1.ObjectMeta `json:"metadata,omitempty"`
    37  
    38  	Spec GroupProjectBindingSpec `json:"spec,omitempty"`
    39  }
    40  
    41  // GroupProjectBindingSpec specifies an oidc group binding to a project.
    42  type GroupProjectBindingSpec struct {
    43  	// Group is the group name that is bound to the given project.
    44  	Group string `json:"group"`
    45  	// ProjectID is the ID of the target project.
    46  	// Should be a valid lowercase RFC1123 domain name
    47  	// +kubebuilder:validation:Pattern:=`^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$`
    48  	// +kubebuilder:validation:MaxLength:=63
    49  	// +kubebuilder:validation:Type=string
    50  	ProjectID string `json:"projectID"`
    51  
    52  	// +kubebuilder:validation:Enum=viewers;editors;owners;
    53  
    54  	// Role is the user's role within the project, determining their permissions.
    55  	// Possible roles are:
    56  	// "viewers" - allowed to get/list project resources
    57  	// "editors" - allowed to edit all project resources
    58  	// "owners" - same as editors, but also can manage users in the project
    59  	Role string `json:"role"`
    60  }
    61  
    62  // +kubebuilder:object:generate=true
    63  // +kubebuilder:object:root=true
    64  
    65  // GroupProjectBindingList is a list of group project bindings.
    66  type GroupProjectBindingList struct {
    67  	metav1.TypeMeta `json:",inline"`
    68  	metav1.ListMeta `json:"metadata,omitempty"`
    69  
    70  	Items []GroupProjectBinding `json:"items"`
    71  }