diff --git a/chart/0.0.1/templates/crd/kgio.dams.kgio_gitremotes.yaml b/chart/0.0.1/templates/crd/kgio.dams.kgio_gitremotes.yaml index df3ceb9..5c7620c 100644 --- a/chart/0.0.1/templates/crd/kgio.dams.kgio_gitremotes.yaml +++ b/chart/0.0.1/templates/crd/kgio.dams.kgio_gitremotes.yaml @@ -40,29 +40,58 @@ spec: spec: description: GitRemoteSpec defines the desired state of GitRemote properties: - customGitProvider: + customGitProviderConfigRef: + description: |- + Reference to a ConfigMap to configuration the behavior of the GitRemote connexion with the distant server + + Instead of using this type, create a locally provided and used type that is well-focused on your reference. + For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . properties: - authentication: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string - fqdn: + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string - required: - - authentication - - fqdn type: object + x-kubernetes-map-type: atomic email: type: string gitBaseDomainFQDN: type: string - gitProvider: - type: string - remoteConfiguration: - properties: - caBundle: - type: string - insecureSkipTlsVerify: - type: boolean - type: object secretRef: description: |- SecretReference represents a Secret Reference. It has enough information to retrieve secret @@ -89,12 +118,30 @@ spec: description: GitRemoteStatus defines the observed state of GitRemote properties: connexionStatus: - type: string - gitUserID: + properties: + details: + type: string + status: + type: string + type: object + gitProviderConfiguration: + properties: + authenticationEndpoint: + type: string + caBundle: + type: string + inherited: + type: boolean + insecureSkipTlsVerify: + type: boolean + type: object + gitUser: type: string lastAuthTime: format: date-time type: string + secretBoundStatus: + type: string type: object type: object served: true diff --git a/chart/0.0.1/templates/crd/kgio.dams.kgio_resourcesinterceptors.yaml b/chart/0.0.1/templates/crd/kgio.dams.kgio_resourcesinterceptors.yaml index 54dc544..b29a3ec 100644 --- a/chart/0.0.1/templates/crd/kgio.dams.kgio_resourcesinterceptors.yaml +++ b/chart/0.0.1/templates/crd/kgio.dams.kgio_resourcesinterceptors.yaml @@ -1,5 +1,6 @@ {{- if eq .Values.installCRD true }} --- +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -137,6 +138,7 @@ spec: description: |- Reference to a GitUserBinding. If set, this git user will be use to push the resources. + Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . properties: @@ -264,408 +266,132 @@ spec: properties: lastBypassObject: properties: - apiGroups: - description: |- - APIGroup contains the name, the supported versions, and the preferred version - of a group. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - name: - description: name is the name of the group. - type: string - preferredVersion: - description: |- - preferredVersion is the version preferred by the API server, which - probably is the storage version. - properties: - groupVersion: - description: groupVersion specifies the API group - and version in the form "group/version" - type: string - version: - description: |- - version specifies the version in the form of "version". This is to save - the clients the trouble of splitting the GroupVersion. - type: string - required: - - groupVersion - - version - type: object - serverAddressByClientCIDRs: - description: |- - a map of client CIDR to server address that is serving this group. - This is to help clients reach servers in the most network-efficient way possible. - Clients can use the appropriate server address as per the CIDR that they match. - In case of multiple matches, clients should use the longest matching CIDR. - The server returns only those CIDRs that it thinks that the client can match. - For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. - Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP. - items: - description: ServerAddressByClientCIDR helps the client - to determine the server address that they should use, - depending on the clientCIDR that they match. - properties: - clientCIDR: - description: The CIDR with which clients can match - their IP to figure out the server address that - they should use. - type: string - serverAddress: - description: |- - Address of this server, suitable for a client that matches the above CIDR. - This can be a hostname, hostname:port, IP or IP:port. - type: string - required: - - clientCIDR - - serverAddress - type: object - type: array - versions: - description: versions are the versions supported in this - group. - items: - description: |- - GroupVersion contains the "group/version" and "version" string of a version. - It is made a struct to keep extensibility. - properties: - groupVersion: - description: groupVersion specifies the API group - and version in the form "group/version" - type: string - version: - description: |- - version specifies the version in the form of "version". This is to save - the clients the trouble of splitting the GroupVersion. - type: string - required: - - groupVersion - - version - type: object - type: array - required: - - name - - versions - type: object - apiVersions: + group: type: string name: type: string - resources: + resource: + type: string + version: type: string required: - - apiGroups - - apiVersions + - group - name - - resources + - resource + - version type: object - lastBypassObjectSubject: + lastBypassObjectTime: + format: date-time + type: string + lastBypassObjectUserInfo: description: |- - Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, - or a value for non-objects such as user and group names. + UserInfo holds the information about the user needed to implement the + user.Info interface. properties: - apiGroup: - description: |- - APIGroup holds the API group of the referenced subject. - Defaults to "" for ServiceAccount subjects. - Defaults to "rbac.authorization.k8s.io" for User and Group subjects. - type: string - kind: + extra: + additionalProperties: + description: ExtraValue masks the value so protobuf can + generate + items: + type: string + type: array + description: Any additional information provided by the authenticator. + type: object + groups: + description: The names of groups this user is a part of. + items: + type: string + type: array + uid: description: |- - Kind of object being referenced. Values defined by this API group are "User", "Group", and "ServiceAccount". - If the Authorizer does not recognized the kind value, the Authorizer should report an error. - type: string - name: - description: Name of the object being referenced. + A unique value that identifies this user across time. If this user is + deleted and another user by the same name is added, they will have + different UIDs. type: string - namespace: - description: |- - Namespace of the referenced object. If the object kind is non-namespace, such as "User" or "Group", and this value is not empty - the Authorizer should report an error. + username: + description: The name that uniquely identifies this user among + all active users. type: string - required: - - kind - - name type: object - x-kubernetes-map-type: atomic - lastBypassObjectTime: - format: date-time - type: string type: object lastInterceptedObjectState: properties: lastInterceptedObject: properties: - apiGroups: - description: |- - APIGroup contains the name, the supported versions, and the preferred version - of a group. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - name: - description: name is the name of the group. - type: string - preferredVersion: - description: |- - preferredVersion is the version preferred by the API server, which - probably is the storage version. - properties: - groupVersion: - description: groupVersion specifies the API group - and version in the form "group/version" - type: string - version: - description: |- - version specifies the version in the form of "version". This is to save - the clients the trouble of splitting the GroupVersion. - type: string - required: - - groupVersion - - version - type: object - serverAddressByClientCIDRs: - description: |- - a map of client CIDR to server address that is serving this group. - This is to help clients reach servers in the most network-efficient way possible. - Clients can use the appropriate server address as per the CIDR that they match. - In case of multiple matches, clients should use the longest matching CIDR. - The server returns only those CIDRs that it thinks that the client can match. - For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. - Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP. - items: - description: ServerAddressByClientCIDR helps the client - to determine the server address that they should use, - depending on the clientCIDR that they match. - properties: - clientCIDR: - description: The CIDR with which clients can match - their IP to figure out the server address that - they should use. - type: string - serverAddress: - description: |- - Address of this server, suitable for a client that matches the above CIDR. - This can be a hostname, hostname:port, IP or IP:port. - type: string - required: - - clientCIDR - - serverAddress - type: object - type: array - versions: - description: versions are the versions supported in this - group. - items: - description: |- - GroupVersion contains the "group/version" and "version" string of a version. - It is made a struct to keep extensibility. - properties: - groupVersion: - description: groupVersion specifies the API group - and version in the form "group/version" - type: string - version: - description: |- - version specifies the version in the form of "version". This is to save - the clients the trouble of splitting the GroupVersion. - type: string - required: - - groupVersion - - version - type: object - type: array - required: - - name - - versions - type: object - apiVersions: + group: type: string name: type: string - resources: + resource: + type: string + version: type: string required: - - apiGroups - - apiVersions + - group - name - - resources + - resource + - version type: object - lastInterceptedObjectKubernetesUser: + lastInterceptedObjectTime: + format: date-time + type: string + lastInterceptedObjectUserInfo: description: |- - Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, - or a value for non-objects such as user and group names. + UserInfo holds the information about the user needed to implement the + user.Info interface. properties: - apiGroup: - description: |- - APIGroup holds the API group of the referenced subject. - Defaults to "" for ServiceAccount subjects. - Defaults to "rbac.authorization.k8s.io" for User and Group subjects. - type: string - kind: + extra: + additionalProperties: + description: ExtraValue masks the value so protobuf can + generate + items: + type: string + type: array + description: Any additional information provided by the authenticator. + type: object + groups: + description: The names of groups this user is a part of. + items: + type: string + type: array + uid: description: |- - Kind of object being referenced. Values defined by this API group are "User", "Group", and "ServiceAccount". - If the Authorizer does not recognized the kind value, the Authorizer should report an error. - type: string - name: - description: Name of the object being referenced. + A unique value that identifies this user across time. If this user is + deleted and another user by the same name is added, they will have + different UIDs. type: string - namespace: - description: |- - Namespace of the referenced object. If the object kind is non-namespace, such as "User" or "Group", and this value is not empty - the Authorizer should report an error. + username: + description: The name that uniquely identifies this user among + all active users. type: string - required: - - kind - - name type: object - x-kubernetes-map-type: atomic - lastInterceptedObjectTime: - format: date-time - type: string type: object lastPushedObjectState: properties: - lastPushedGitUserID: + lastPushedGitUser: type: string lastPushedObject: properties: - apiGroups: - description: |- - APIGroup contains the name, the supported versions, and the preferred version - of a group. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - name: - description: name is the name of the group. - type: string - preferredVersion: - description: |- - preferredVersion is the version preferred by the API server, which - probably is the storage version. - properties: - groupVersion: - description: groupVersion specifies the API group - and version in the form "group/version" - type: string - version: - description: |- - version specifies the version in the form of "version". This is to save - the clients the trouble of splitting the GroupVersion. - type: string - required: - - groupVersion - - version - type: object - serverAddressByClientCIDRs: - description: |- - a map of client CIDR to server address that is serving this group. - This is to help clients reach servers in the most network-efficient way possible. - Clients can use the appropriate server address as per the CIDR that they match. - In case of multiple matches, clients should use the longest matching CIDR. - The server returns only those CIDRs that it thinks that the client can match. - For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. - Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP. - items: - description: ServerAddressByClientCIDR helps the client - to determine the server address that they should use, - depending on the clientCIDR that they match. - properties: - clientCIDR: - description: The CIDR with which clients can match - their IP to figure out the server address that - they should use. - type: string - serverAddress: - description: |- - Address of this server, suitable for a client that matches the above CIDR. - This can be a hostname, hostname:port, IP or IP:port. - type: string - required: - - clientCIDR - - serverAddress - type: object - type: array - versions: - description: versions are the versions supported in this - group. - items: - description: |- - GroupVersion contains the "group/version" and "version" string of a version. - It is made a struct to keep extensibility. - properties: - groupVersion: - description: groupVersion specifies the API group - and version in the form "group/version" - type: string - version: - description: |- - version specifies the version in the form of "version". This is to save - the clients the trouble of splitting the GroupVersion. - type: string - required: - - groupVersion - - version - type: object - type: array - required: - - name - - versions - type: object - apiVersions: + group: type: string name: type: string - resources: + resource: + type: string + version: type: string required: - - apiGroups - - apiVersions + - group - name - - resources + - resource + - version type: object + lastPushedObjectCommitHash: + type: string lastPushedObjectGitPath: type: string + lastPushedObjectGitRepo: + type: string lastPushedObjectState: type: string lastPushedObjectTime: @@ -678,4 +404,5 @@ spec: storage: true subresources: status: {} + {{- end }} diff --git a/config/crd/bases/kgio.dams.kgio_gitremotes.yaml b/config/crd/bases/kgio.dams.kgio_gitremotes.yaml index 83a6df7..c363445 100644 --- a/config/crd/bases/kgio.dams.kgio_gitremotes.yaml +++ b/config/crd/bases/kgio.dams.kgio_gitremotes.yaml @@ -41,20 +41,7 @@ spec: properties: customGitProviderConfigRef: description: |- - ObjectReference contains enough information to let you inspect or modify the referred object. - --- - New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. - 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. - 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular - restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". - Those cannot be well described when embedded. - 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. - 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity - during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple - and the version of the actual struct is irrelevant. - 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type - will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. - + Reference to a ConfigMap to configuration the behavior of the GitRemote connexion with the distant server Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . diff --git a/config/crd/bases/kgio.dams.kgio_resourcesinterceptors.yaml b/config/crd/bases/kgio.dams.kgio_resourcesinterceptors.yaml index 6248ce0..7cb26b7 100644 --- a/config/crd/bases/kgio.dams.kgio_resourcesinterceptors.yaml +++ b/config/crd/bases/kgio.dams.kgio_resourcesinterceptors.yaml @@ -43,20 +43,7 @@ spec: authorizedUsers: items: description: |- - ObjectReference contains enough information to let you inspect or modify the referred object. - --- - New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. - 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. - 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular - restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". - Those cannot be well described when embedded. - 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. - 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity - during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple - and the version of the actual struct is irrelevant. - 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type - will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. - + Reference to GitUserBinding objects Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . @@ -147,19 +134,7 @@ spec: type: string defaultUserBind: description: |- - ObjectReference contains enough information to let you inspect or modify the referred object. - --- - New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. - 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. - 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular - restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted". - Those cannot be well described when embedded. - 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. - 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity - during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple - and the version of the actual struct is irrelevant. - 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type - will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. + Reference to a GitUserBinding. If set, this git user will be use to push the resources. Instead of using this type, create a locally provided and used type that is well-focused on your reference.