sigs.k8s.io/cluster-api-provider-azure@v1.17.0/api/v1beta1/azureclusteridentity_types.go

sigs.k8s.io/cluster-api-provider-azure@v1.17.0/api/v1beta1/azureclusteridentity_types.go (about)

     1  /*
     2  Copyright 2021 The Kubernetes Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8      http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package v1beta1
    18  
    19  import (
    20  	corev1 "k8s.io/api/core/v1"
    21  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    22  	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
    23  )
    24  
    25  // AllowedNamespaces defines the namespaces the clusters are allowed to use the identity from
    26  // NamespaceList takes precedence over the Selector.
    27  type AllowedNamespaces struct {
    28  	// A nil or empty list indicates that AzureCluster cannot use the identity from any namespace.
    29  	//
    30  	// +optional
    31  	// +nullable
    32  	NamespaceList []string `json:"list"`
    33  	// Selector is a selector of namespaces that AzureCluster can
    34  	// use this Identity from. This is a standard Kubernetes LabelSelector,
    35  	// a label query over a set of resources. The result of matchLabels and
    36  	// matchExpressions are ANDed.
    37  	//
    38  	// A nil or empty selector indicates that AzureCluster cannot use this
    39  	// AzureClusterIdentity from any namespace.
    40  	// +optional
    41  	Selector *metav1.LabelSelector `json:"selector"`
    42  }
    43  
    44  // AzureClusterIdentitySpec defines the parameters that are used to create an AzureIdentity.
    45  type AzureClusterIdentitySpec struct {
    46  	// Type is the type of Azure Identity used.
    47  	// ServicePrincipal, ServicePrincipalCertificate, UserAssignedMSI, ManualServicePrincipal or WorkloadIdentity.
    48  	Type IdentityType `json:"type"`
    49  	// ResourceID is the Azure resource ID for the User Assigned MSI resource.
    50  	// Only applicable when type is UserAssignedMSI.
    51  	//
    52  	// Deprecated: This field no longer has any effect.
    53  	//
    54  	// +optional
    55  	ResourceID string `json:"resourceID,omitempty"`
    56  	// ClientID is the service principal client ID.
    57  	// Both User Assigned MSI and SP can use this field.
    58  	ClientID string `json:"clientID"`
    59  	// ClientSecret is a secret reference which should contain either a Service Principal password or certificate secret.
    60  	// +optional
    61  	ClientSecret corev1.SecretReference `json:"clientSecret,omitempty"`
    62  	// TenantID is the service principal primary tenant id.
    63  	TenantID string `json:"tenantID"`
    64  	// AllowedNamespaces is used to identify the namespaces the clusters are allowed to use the identity from.
    65  	// Namespaces can be selected either using an array of namespaces or with label selector.
    66  	// An empty allowedNamespaces object indicates that AzureClusters can use this identity from any namespace.
    67  	// If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided)
    68  	// A namespace should be either in the NamespaceList or match with Selector to use the identity.
    69  	//
    70  	// +optional
    71  	// +nullable
    72  	AllowedNamespaces *AllowedNamespaces `json:"allowedNamespaces"`
    73  }
    74  
    75  // AzureClusterIdentityStatus defines the observed state of AzureClusterIdentity.
    76  type AzureClusterIdentityStatus struct {
    77  	// Conditions defines current service state of the AzureClusterIdentity.
    78  	// +optional
    79  	Conditions clusterv1.Conditions `json:"conditions,omitempty"`
    80  }
    81  
    82  // +kubebuilder:object:root=true
    83  // +kubebuilder:printcolumn:name="Type",type="string",JSONPath=".spec.type",description="Type of AzureClusterIdentity"
    84  // +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp",description="Time duration since creation of this AzureClusterIdentity"
    85  // +kubebuilder:resource:path=azureclusteridentities,scope=Namespaced,categories=cluster-api
    86  // +kubebuilder:storageversion
    87  // +kubebuilder:subresource:status
    88  
    89  // AzureClusterIdentity is the Schema for the azureclustersidentities API.
    90  type AzureClusterIdentity struct {
    91  	metav1.TypeMeta   `json:",inline"`
    92  	metav1.ObjectMeta `json:"metadata,omitempty"`
    93  
    94  	Spec   AzureClusterIdentitySpec   `json:"spec,omitempty"`
    95  	Status AzureClusterIdentityStatus `json:"status,omitempty"`
    96  }
    97  
    98  // +kubebuilder:object:root=true
    99  
   100  // AzureClusterIdentityList contains a list of AzureClusterIdentity.
   101  type AzureClusterIdentityList struct {
   102  	metav1.TypeMeta `json:",inline"`
   103  	metav1.ListMeta `json:"metadata,omitempty"`
   104  	Items           []AzureClusterIdentity `json:"items"`
   105  }
   106  
   107  // GetConditions returns the list of conditions for an AzureClusterIdentity API object.
   108  func (c *AzureClusterIdentity) GetConditions() clusterv1.Conditions {
   109  	return c.Status.Conditions
   110  }
   111  
   112  // SetConditions will set the given conditions on an AzureClusterIdentity object.
   113  func (c *AzureClusterIdentity) SetConditions(conditions clusterv1.Conditions) {
   114  	c.Status.Conditions = conditions
   115  }
   116  
   117  func init() {
   118  	SchemeBuilder.Register(&AzureClusterIdentity{}, &AzureClusterIdentityList{})
   119  }