kubesphere.io/api@v0.0.0-20231107125330-c9a03957060c/iam/v1alpha2/federated_types.go (about) 1 /* 2 3 Copyright 2020 The KubeSphere Authors. 4 5 Licensed under the Apache License, Version 2.0 (the "License"); 6 you may not use this file except in compliance with the License. 7 You may obtain a copy of the License at 8 9 http://www.apache.org/licenses/LICENSE-2.0 10 11 Unless required by applicable law or agreed to in writing, software 12 distributed under the License is distributed on an "AS IS" BASIS, 13 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 See the License for the specific language governing permissions and 15 limitations under the License. 16 17 */ 18 19 package v1alpha2 20 21 import ( 22 rbacv1 "k8s.io/api/rbac/v1" 23 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 24 "k8s.io/apimachinery/pkg/runtime/schema" 25 ) 26 27 const ( 28 ResourcesSingularFedUser = "federateduser" 29 ResourcesSingularFedGlobalRoleBinding = "federatedglobalrolebinding" 30 ResourcesSingularFedWorkspaceRoleBinding = "federatedworkspacerolebinding" 31 ResourcesSingularFedGlobalRole = "federatedglobalrole" 32 ResourcesSingularFedWorkspaceRole = "federatedworkspacerole" 33 ResourcesPluralFedUser = "federatedusers" 34 ResourcesPluralFedGlobalRoleBinding = "federatedglobalrolebindings" 35 ResourcesPluralFedWorkspaceRoleBinding = "federatedworkspacerolebindings" 36 ResourcesPluralFedGlobalRole = "federatedglobalroles" 37 ResourcesPluralFedWorkspaceRole = "federatedworkspaceroles" 38 FedClusterRoleBindingKind = "FederatedClusterRoleBinding" 39 FedClusterRoleKind = "FederatedClusterRole" 40 FedGlobalRoleKind = "FederatedGlobalRole" 41 FedWorkspaceRoleKind = "FederatedWorkspaceRole" 42 FedGlobalRoleBindingKind = "FederatedGlobalRoleBinding" 43 FedWorkspaceRoleBindingKind = "FederatedWorkspaceRoleBinding" 44 fedResourceGroup = "types.kubefed.io" 45 fedResourceVersion = "v1beta1" 46 FedUserKind = "FederatedUser" 47 ) 48 49 var ( 50 FedUserResource = metav1.APIResource{ 51 Name: ResourcesPluralFedUser, 52 SingularName: ResourcesSingularFedUser, 53 Namespaced: false, 54 Group: fedResourceGroup, 55 Version: fedResourceVersion, 56 Kind: FedUserKind, 57 } 58 FedGlobalRoleBindingResource = metav1.APIResource{ 59 Name: ResourcesPluralFedGlobalRoleBinding, 60 SingularName: ResourcesSingularFedGlobalRoleBinding, 61 Namespaced: false, 62 Group: fedResourceGroup, 63 Version: fedResourceVersion, 64 Kind: FedGlobalRoleBindingKind, 65 } 66 FedWorkspaceRoleBindingResource = metav1.APIResource{ 67 Name: ResourcesPluralFedWorkspaceRoleBinding, 68 SingularName: ResourcesSingularFedWorkspaceRoleBinding, 69 Namespaced: false, 70 Group: fedResourceGroup, 71 Version: fedResourceVersion, 72 Kind: FedWorkspaceRoleBindingKind, 73 } 74 FedGlobalRoleResource = metav1.APIResource{ 75 Name: ResourcesPluralFedGlobalRole, 76 SingularName: ResourcesSingularFedGlobalRole, 77 Namespaced: false, 78 Group: fedResourceGroup, 79 Version: fedResourceVersion, 80 Kind: FedGlobalRoleKind, 81 } 82 83 FedWorkspaceRoleResource = metav1.APIResource{ 84 Name: ResourcesPluralFedWorkspaceRole, 85 SingularName: ResourcesSingularFedWorkspaceRole, 86 Namespaced: false, 87 Group: fedResourceGroup, 88 Version: fedResourceVersion, 89 Kind: FedWorkspaceRoleKind, 90 } 91 92 FederatedClusterRoleBindingResource = schema.GroupVersionResource{ 93 Group: fedResourceGroup, 94 Version: fedResourceVersion, 95 Resource: "federatedclusterrolebindings", 96 } 97 ) 98 99 // +kubebuilder:object:generate=false 100 type FederatedRoleBinding struct { 101 metav1.TypeMeta `json:",inline"` 102 metav1.ObjectMeta `json:"metadata,omitempty"` 103 Spec FederatedRoleBindingSpec `json:"spec"` 104 } 105 106 // +kubebuilder:object:generate=false 107 type FederatedRoleBindingSpec struct { 108 Template RoleBindingTemplate `json:"template"` 109 Placement Placement `json:"placement"` 110 } 111 112 // +kubebuilder:object:generate=false 113 type RoleBindingTemplate struct { 114 metav1.ObjectMeta `json:"metadata,omitempty"` 115 Subjects []rbacv1.Subject `json:"subjects,omitempty"` 116 RoleRef rbacv1.RoleRef `json:"roleRef"` 117 } 118 119 // +kubebuilder:object:generate=false 120 type FederatedRole struct { 121 metav1.TypeMeta `json:",inline"` 122 metav1.ObjectMeta `json:"metadata,omitempty"` 123 Spec FederatedRoleSpec `json:"spec"` 124 } 125 126 // +kubebuilder:object:generate=false 127 type FederatedRoleSpec struct { 128 Template RoleTemplate `json:"template"` 129 Placement Placement `json:"placement"` 130 } 131 132 // +kubebuilder:object:generate=false 133 type RoleTemplate struct { 134 metav1.ObjectMeta `json:"metadata,omitempty"` 135 // +optional 136 Rules []rbacv1.PolicyRule `json:"rules" protobuf:"bytes,2,rep,name=rules"` 137 } 138 139 // +kubebuilder:object:generate=false 140 type FederatedUser struct { 141 metav1.TypeMeta `json:",inline"` 142 metav1.ObjectMeta `json:"metadata,omitempty"` 143 Spec FederatedUserSpec `json:"spec"` 144 } 145 146 // +kubebuilder:object:generate=false 147 type FederatedUserSpec struct { 148 Template UserTemplate `json:"template"` 149 Placement Placement `json:"placement"` 150 } 151 152 // +kubebuilder:object:generate=false 153 type UserTemplate struct { 154 metav1.ObjectMeta `json:"metadata,omitempty"` 155 Spec UserSpec `json:"spec"` 156 // +optional 157 Status UserStatus `json:"status,omitempty"` 158 } 159 160 // +kubebuilder:object:generate=false 161 type Placement struct { 162 Clusters []Cluster `json:"clusters,omitempty"` 163 ClusterSelector ClusterSelector `json:"clusterSelector,omitempty"` 164 } 165 166 // +kubebuilder:object:generate=true 167 type ClusterSelector struct { 168 MatchLabels map[string]string `json:"matchLabels,omitempty"` 169 } 170 171 // +kubebuilder:object:generate=false 172 type Cluster struct { 173 Name string `json:"name"` 174 }