v1alpha1

package
v0.32.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 24, 2024 License: Apache-2.0 Imports: 13 Imported by: 1

Documentation

Overview

Package v1alpha1 contains API Schema definitions for the extensions v1alpha1 API group +kubebuilder:object:generate=true +groupName=dashboard.gardener.cloud

Index

Constants

View Source 
const (
	// TerminalName is the value in a Terminal resource's `.metadata.finalizers[]` array on which the Terminal controller will react
	// when performing a delete request on a resource.
	TerminalName = "terminal"

	// ExternalTerminalName is the value in a Kubernetes core resources `.metadata.finalizers[]` array on which the
	// Terminal will react when performing a delete request on a resource.
	ExternalTerminalName = "gardener.cloud/terminal"

	// Component is the label key for the component
	Component = "component"

	// TerminalComponent is the component name of the terminal controller manager. All resources created by the terminal controller will have this label
	TerminalComponent = "terminal-controller-manager"

	// GardenCreatedBy is the key for an annotation of a terminal resource whose value contains the username
	// of the user that created the resource.
	GardenCreatedBy = "gardener.cloud/created-by"

	// TerminalLastHeartbeat is the key for an annotation of a terminal resource whose value contains the username
	// of the user that created the resource.
	TerminalLastHeartbeat = "dashboard.gardener.cloud/last-heartbeat-at"

	// TerminalOperation is a constant for an annotation on a Terminal indicating that an operation shall be performed.
	TerminalOperation = "dashboard.gardener.cloud/operation"

	// TerminalReference is a label used to identify service accounts which are referred by a target or host .credential.serviceAccountRef of a Terminal (necessarily in the same namespace).
	// and for which cleanupProjectMembership is set to true
	TerminalReference = "reference.dashboard.gardener.cloud/terminal"

	// Description is the key for an annotation whose value contains the description for this resource
	// of the user that created the resource.
	Description = "dashboard.gardener.cloud/description"

	// TerminalOperationKeepalive is a constant for an annotation on a Terminal indicating that the Terminal should be kept alive for a certain period of time.
	TerminalOperationKeepalive = "keepalive"

	// EventReconciling indicates that a Reconcile operation started.
	EventReconciling = "Reconciling"
	// EventReconciled indicates that a Reconcile operation was successful.
	EventReconciled = "Reconciled"
	// EventReconcileError indicates that a Reconcile operation failed.
	EventReconcileError = "ReconcileError"
	// EventDeleting indicates that a Delete operation started.
	EventDeleting = "Deleting"
	// EventDeleted indicates that a Delete operation was successful.
	EventDeleted = "Deleted"
	// EventDeleteError indicates that a Delete operation failed.
	EventDeleteError = "DeleteError"

	// BindingKindClusterRoleBinding will result in a ClusterRoleBinding
	BindingKindClusterRoleBinding BindingKind = "ClusterRoleBinding"
	// BindingKindRoleBinding  will result in a RoleBinding
	BindingKindRoleBinding BindingKind = "RoleBinding"

	// KubeconfigSecretResourceNamePrefix is a name prefix for the kubeconfig secret used within the terminal pod.
	KubeconfigSecretResourceNamePrefix = "term-kubeconfig-"

	// TokenSecretResourceNamePrefix is a name prefix for the token secret that is mounted to the terminal pod.
	TokenSecretResourceNamePrefix = "term-token-"

	// TerminalAttachResourceNamePrefix is a name prefix for resources related to attach to the terminal pod.
	TerminalAttachResourceNamePrefix = "term-attach-"

	// TerminalAccessResourceNamePrefix is a name prefix for resources related to accessing the target cluster.
	TerminalAccessResourceNamePrefix = "term-access-"

	// TerminalPodResourceNamePrefix is a name prefix for the terminal pod
	TerminalPodResourceNamePrefix = "term-"

	// TerminalAttachRoleResourceNamePrefix is a name prefix for the role allowing to attach to the terminal pod
	TerminalAttachRoleResourceNamePrefix = "dashboard.gardener.cloud:term-attach-"
)

Variables

View Source 
var (
	// GroupVersion is group version used to register these objects
	GroupVersion = schema.GroupVersion{Group: "dashboard.gardener.cloud", Version: "v1alpha1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

This section is empty.

Types

type APIServer added in v0.14.0 

type APIServer struct {
	// ServiceRef is a reference to the kube-apiserver service on the host cluster that points to the kube-apiserver of the target cluster. If no namespace is set on the object reference, it is defaulted to Spec.Host.Namespace.
	// +optional
	ServiceRef *corev1.ObjectReference `json:"serviceRef,omitempty"`

	// Server is the address of the target kubernetes cluster (https://hostname:port). The address should be accessible from the terminal pod within the host cluster.
	// +optional
	Server string `json:"server,omitempty"`

	// CAData holds PEM-encoded bytes (typically read from a root certificates bundle).
	// +optional
	// +nullable
	CAData []byte `json:"caData"`
}

APIServer references the kube-apiserver.

func (*APIServer) DeepCopy added in v0.14.0 

func (in *APIServer) DeepCopy() *APIServer

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServer.

func (*APIServer) DeepCopyInto added in v0.14.0 

func (in *APIServer) DeepCopyInto(out *APIServer)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Authorization added in v0.14.0 

type Authorization struct {
	// RoleBindings defines the desired (temporary) rbac role bindings the "access" service account should be assigned to
	// +optional
	RoleBindings []RoleBinding `json:"roleBindings,omitempty"`

	// ProjectMemberships defines the (temporary) project memberships of the "access" service account. Each project is updated by using the target.credential, hence the target has the be the (virtual) garden cluster.
	// +optional
	ProjectMemberships []ProjectMembership `json:"projectMemberships,omitempty"`
}

Authorization the desired (temporary) privileges the "access" service account should receive. Either rbac role bindings can be defined, or the service account can be added as member to a gardener project with specific roles. In the latter case, gardener manages the rbac.

func (*Authorization) DeepCopy added in v0.14.0 

func (in *Authorization) DeepCopy() *Authorization

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Authorization.

func (*Authorization) DeepCopyInto added in v0.14.0 

func (in *Authorization) DeepCopyInto(out *Authorization)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BindingKind 

type BindingKind string

BindingKind describes the desired role binding +kubebuilder:validation:Enum=ClusterRoleBinding;RoleBinding;""

func (BindingKind) String added in v0.14.0 

func (c BindingKind) String() string

type ClusterCredentials 

type ClusterCredentials struct {
	// SecretRef is a reference to a secret that contains the cluster specific credentials
	// Either ShootRef, SecretRef or ServiceAccountRef is mandatory. ShootRef will be used if more than one ref is provided.
	// +optional
	SecretRef *corev1.SecretReference `json:"secretRef,omitempty"`

	// ServiceAccountRef is a reference to a service account that should be used, usually to manage resources on the same cluster as the service account is residing in
	// +optional
	ServiceAccountRef *corev1.ObjectReference `json:"serviceAccountRef,omitempty"`

	// ShootRef references the shoot cluster. The admin kubeconfig retrieved from the shoots/adminkubeconfig endpoint is used
	// +optional
	ShootRef *ShootRef `json:"shootRef,omitempty"`
}

ClusterCredentials define the credentials for a kubernetes cluster

func (*ClusterCredentials) DeepCopy 

func (in *ClusterCredentials) DeepCopy() *ClusterCredentials

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCredentials.

func (*ClusterCredentials) DeepCopyInto 

func (in *ClusterCredentials) DeepCopyInto(out *ClusterCredentials)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Container 

type Container struct {
	// Image defines the image used for the container.
	// As this image is also used for the "setup" init container, the `/bin/cp` binary has to be part of the image
	Image string `json:"image"`
	// Entrypoint array. Not executed within a shell.
	// The docker image's ENTRYPOINT is used if this is not provided.
	// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
	// cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax
	// can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
	// regardless of whether the variable exists or not.
	// Cannot be updated.
	// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
	// +optional
	Command []string `json:"command,omitempty"`
	// Arguments to the entrypoint.
	// The docker image's CMD is used if this is not provided.
	// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
	// cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax
	// can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
	// regardless of whether the variable exists or not.
	// Cannot be updated.
	// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
	// +optional
	Args []string `json:"args,omitempty"`
	// Compute Resources required by this container.
	// Cannot be updated.
	// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
	// +optional
	Resources corev1.ResourceRequirements `json:"resources,omitempty"`
	// Run container in privileged mode.
	// Processes in privileged containers are essentially equivalent to root on the host.
	// Defaults to false.
	// +optional
	Privileged bool `json:"privileged,omitempty"`
}

A single application container that you want to run within a pod.

func (*Container) DeepCopy 

func (in *Container) DeepCopy() *Container

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Container.

func (*Container) DeepCopyInto 

func (in *Container) DeepCopyInto(out *Container)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ControllerManagerConfiguration 

type ControllerManagerConfiguration struct {
	// +optional
	Kind string `json:"kind"`
	// +optional
	APIVersion string `json:"apiVersion"`

	// Server defines the configuration of the HTTP server.
	Server ServerConfiguration `json:"server"`

	// Controllers defines the configuration of the controllers.
	Controllers ControllerManagerControllerConfiguration `json:"controllers"`
	// Webhooks defines the configuration of the admission webhooks.
	Webhooks ControllerManagerWebhookConfiguration `json:"webhooks"`
	// HonourServiceAccountRefHostCluster defines if `host.credentials.serviceAccountRef` property should be honoured.
	// It is recommended to be set to false for multi-cluster setups, in case pods are refused on the (virtual) garden cluster where the terminal resources are stored.
	// Defaults to true.
	// +optional
	HonourServiceAccountRefHostCluster *bool `json:"honourServiceAccountRefHostCluster,omitempty"`
	// HonourServiceAccountRefTargetCluster defines if `target.credentials.serviceAccountRef` property should be honoured.
	// Defaults to true.
	// +optional
	HonourServiceAccountRefTargetCluster *bool `json:"honourServiceAccountRefTargetCluster,omitempty"`
	// HonourProjectMemberships defines if `target.authorization.projectMemberships` property should be honoured.
	// It is recommended to be set to false in case no gardener API server extension is registered for the (virtual) garden cluster where the terminal resources are stored.
	// Defaults to true.
	// +optional
	HonourProjectMemberships *bool `json:"honourProjectMemberships,omitempty"`
	// HonourCleanupProjectMembership defines if `target.credential.serviceAccountRef.cleanupProjectMembership` property should be honoured.
	// It is recommended to be set to false in case no gardener API server extension is registered for the (virtual) garden cluster where the terminal resources are stored.
	// Defaults to false.
	// +optional
	HonourCleanupProjectMembership *bool `json:"honourCleanupProjectMembership,omitempty"`

	// LeaderElection defines the configuration of leader election client.
	// +optional
	LeaderElection *componentbaseconfigv1alpha1.LeaderElectionConfiguration `json:"leaderElection,omitempty"`
}

ControllerManagerConfiguration defines the configuration for the Gardener controller manager.

func (*ControllerManagerConfiguration) DeepCopy 

func (in *ControllerManagerConfiguration) DeepCopy() *ControllerManagerConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerManagerConfiguration.

func (*ControllerManagerConfiguration) DeepCopyInto 

func (in *ControllerManagerConfiguration) DeepCopyInto(out *ControllerManagerConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ControllerManagerControllerConfiguration 

type ControllerManagerControllerConfiguration struct {
	// Terminal defines the configuration of the Terminal controller.
	Terminal TerminalControllerConfiguration `json:"terminal"`
	// TerminalHeartbeat defines the configuration of the TerminalHeartbeat controller.
	TerminalHeartbeat TerminalHeartbeatControllerConfiguration `json:"terminalHeartbeat"`
	// ServiceAccount defines the configuration of the ServiceAccount controller.
	ServiceAccount ServiceAccountControllerConfiguration `json:"serviceAccount"`
}

ControllerManagerControllerConfiguration defines the configuration of the controllers.

func (*ControllerManagerControllerConfiguration) DeepCopy 

func (in *ControllerManagerControllerConfiguration) DeepCopy() *ControllerManagerControllerConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerManagerControllerConfiguration.

func (*ControllerManagerControllerConfiguration) DeepCopyInto 

func (in *ControllerManagerControllerConfiguration) DeepCopyInto(out *ControllerManagerControllerConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ControllerManagerWebhookConfiguration 

type ControllerManagerWebhookConfiguration struct {
	// TerminalValidation defines the configuration of the validating webhook.
	TerminalValidation TerminalValidatingWebhookConfiguration `json:"terminalValidation"`
}

ControllerManagerWebhookConfiguration defines the configuration of the admission webhooks.

func (*ControllerManagerWebhookConfiguration) DeepCopy 

func (in *ControllerManagerWebhookConfiguration) DeepCopy() *ControllerManagerWebhookConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControllerManagerWebhookConfiguration.

func (*ControllerManagerWebhookConfiguration) DeepCopyInto 

func (in *ControllerManagerWebhookConfiguration) DeepCopyInto(out *ControllerManagerWebhookConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Duration 

type Duration struct {
	time.Duration
}

Duration is a wrapper around time.Duration which supports correct marshaling to YAML. In particular, it marshals into strings, which can be used as map keys in json.

func (*Duration) DeepCopy 

func (in *Duration) DeepCopy() *Duration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Duration.

func (*Duration) DeepCopyInto 

func (in *Duration) DeepCopyInto(out *Duration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Duration) UnmarshalJSON added in v0.32.0 

func (d *Duration) UnmarshalJSON(bytes []byte) error

UnmarshalJSON implements the json.Unmarshaler interface.

func (*Duration) UnmarshalYAML 

func (d *Duration) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML implements the yaml.Unmarshaller interface.

type ErrorCode 

type ErrorCode string

ErrorCode is a string alias.

type HostCluster 

type HostCluster struct {
	// ClusterCredentials define the credentials to the host cluster
	Credentials ClusterCredentials `json:"credentials"`

	// Namespace is the namespace where the pod resides in
	// This field should not be set if TemporaryNamespace is set to true but must be set in case TemporaryNamespace is set to false.
	// +optional
	Namespace *string `json:"namespace,omitempty"`

	// TemporaryNamespace is a flag to indicate if the namespace should be ephemeral. If true, the namespace will be created and when the terminal is deleted, the namespace is also deleted.
	// If true, the mutating webhook makes sure that a temporary namespace is set; in this case you cannot choose the namespace
	// This field should be false if Namespace is set. You cannot define the name of the temporary namespace.
	// +optional
	TemporaryNamespace *bool `json:"temporaryNamespace,omitempty"`

	Pod Pod `json:"pod"`
}

HostCluster defines the desired state of the resources related to the host cluster

func (*HostCluster) DeepCopy 

func (in *HostCluster) DeepCopy() *HostCluster

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostCluster.

func (*HostCluster) DeepCopyInto 

func (in *HostCluster) DeepCopyInto(out *HostCluster)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LastError 

type LastError struct {
	// Description is a human-readable message indicating details about the last error.
	Description string `json:"description"`
	// Last time the error was reported
	// +optional
	LastUpdateTime metav1.Time `json:"lastUpdateTime,omitempty"`
}

LastError indicates the last occurred error for an operation on a resource.

func (*LastError) DeepCopy 

func (in *LastError) DeepCopy() *LastError

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LastError.

func (*LastError) DeepCopyInto 

func (in *LastError) DeepCopyInto(out *LastError)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LastOperation added in v0.32.0 

type LastOperation struct {
	// A human-readable message indicating details about the last operation.
	Description string `json:"description"`
	// Last time the operation state transitioned from one to another.
	LastUpdateTime metav1.Time `json:"lastUpdateTime"`
	// Status of the last operation, one of Processing, Succeeded, Error.
	State LastOperationState `json:"state"`
	// Type of the last operation, one of Reconcile, Delete.
	Type LastOperationType `json:"type"`
}

LastOperation indicates the type and the state of the last operation, along with a description message.

func (*LastOperation) DeepCopy added in v0.32.0 

func (in *LastOperation) DeepCopy() *LastOperation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LastOperation.

func (*LastOperation) DeepCopyInto added in v0.32.0 

func (in *LastOperation) DeepCopyInto(out *LastOperation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LastOperationState added in v0.32.0 

type LastOperationState string
const (
	// LastOperationStateProcessing indicates that an operation is ongoing.
	LastOperationStateProcessing LastOperationState = "Processing"
	// LastOperationStateSucceeded indicates that an operation has completed successfully.
	LastOperationStateSucceeded LastOperationState = "Succeeded"
	// LastOperationStateError indicates that an operation is completed with errors and will be retried.
	LastOperationStateError LastOperationState = "Error"
)

LastOperationState is a string alias.

type LastOperationType added in v0.32.0 

type LastOperationType string

LastOperationType is a string alias. 

const (
	// LastOperationTypeReconcile indicates a 'reconcile' operation.
	LastOperationTypeReconcile LastOperationType = "Reconcile"
	// LastOperationTypeDelete indicates a 'delete' operation.
	LastOperationTypeDelete LastOperationType = "Delete"
)

type Pod 

type Pod struct {
	// Map of string keys and values that can be used to organize and categorize
	// (scope and select) objects. Will be set as labels of the pod
	// +optional
	Labels map[string]string `json:"labels,omitempty"`
	// Container belonging to the pod.
	// Cannot be updated.
	// +optional if ContainerImage is set
	Container *Container `json:"container,omitempty"`
	// ContainerImage defines the image used for the container.
	// ContainerImage is ignored if Container is set.
	// +optional
	// Deprecated: Use `Container.Image` instead.
	ContainerImage string `json:"containerImage,omitempty"`
	// Run container in privileged mode.
	// Privileged is ignored if Container is set.
	// Processes in privileged containers are essentially equivalent to root on the host.
	// Defaults to false.
	// +optional
	// Deprecated: Use `Container.Privileged` instead.
	Privileged bool `json:"privileged,omitempty"`
	// Host networking requested for this pod. Use the host's network namespace.
	// Default to false.
	// +optional
	HostNetwork bool `json:"hostNetwork,omitempty"`
	// Use the host's pid namespace.
	// Default to false.
	// +optional
	HostPID bool `json:"hostPID,omitempty"`
	// NodeSelector is a selector which must be true for the pod to fit on a node.
	// Selector which must match a node's labels for the pod to be scheduled on that node.
	// +optional
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`
}

Pod defines the desired state of the pod

func (*Pod) DeepCopy 

func (in *Pod) DeepCopy() *Pod

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Pod.

func (*Pod) DeepCopyInto 

func (in *Pod) DeepCopyInto(out *Pod)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProjectMembership added in v0.14.0 

type ProjectMembership struct {
	// ProjectName is the name of the project, the "access" service account should be member of
	ProjectName string `json:"projectName"`

	// Roles defines the gardener roles the "access" service account should receive, e.g. admin, viewer, uam.
	Roles []string `json:"roles"`
}

ProjectMembership defines the (temporary) project membership of the "access" service account. The project is updated by using the target.credential, hence the target has the be the (virtual) garden cluster.

func (*ProjectMembership) DeepCopy added in v0.14.0 

func (in *ProjectMembership) DeepCopy() *ProjectMembership

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectMembership.

func (*ProjectMembership) DeepCopyInto added in v0.14.0 

func (in *ProjectMembership) DeepCopyInto(out *ProjectMembership)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RoleBinding added in v0.14.0 

type RoleBinding struct {
	// NameSuffix is the name suffix of the temporary (Cluster)RoleBinding that will be created. NameSuffix should be unique
	NameSuffix string `json:"nameSuffix"`

	// RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace.
	RoleRef rbacv1.RoleRef `json:"roleRef"`

	// BindingKind defines the desired role binding. ClusterRoleBinding will result in a ClusterRoleBinding. RoleBinding will result in a RoleBinding.
	BindingKind BindingKind `json:"bindingKind"`
}

func (*RoleBinding) DeepCopy added in v0.14.0 

func (in *RoleBinding) DeepCopy() *RoleBinding

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleBinding.

func (*RoleBinding) DeepCopyInto added in v0.14.0 

func (in *RoleBinding) DeepCopyInto(out *RoleBinding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Server added in v0.31.0 

type Server struct {
	// BindAddress is the IP address on which to listen for the specified port.
	BindAddress string `json:"bindAddress"`
	// Port is the port on which to serve requests.
	Port int `json:"port"`
}

Server contains information for HTTP(S) server configuration.

func (*Server) DeepCopy added in v0.31.0 

func (in *Server) DeepCopy() *Server

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Server.

func (*Server) DeepCopyInto added in v0.31.0 

func (in *Server) DeepCopyInto(out *Server)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ServerConfiguration added in v0.31.0 

type ServerConfiguration struct {
	// HealthProbes is the configuration for serving the healthz and readyz endpoints.
	HealthProbes *Server `json:"healthProbes"`
	// Metrics is the configuration for serving the metrics endpoint.
	Metrics *Server `json:"metrics"`
}

ServerConfiguration contains details for the HTTP(S) servers.

func (*ServerConfiguration) DeepCopy added in v0.31.0 

func (in *ServerConfiguration) DeepCopy() *ServerConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServerConfiguration.

func (*ServerConfiguration) DeepCopyInto added in v0.31.0 

func (in *ServerConfiguration) DeepCopyInto(out *ServerConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ServiceAccountControllerConfiguration added in v0.31.0 

type ServiceAccountControllerConfiguration struct {
	// MaxConcurrentReconciles is the maximum number of concurrent Reconciles which can be run. Defaults to 1.
	MaxConcurrentReconciles int `json:"maxConcurrentReconciles"`

	// AllowedServiceAccountNames is a list of service account names that are allowed to be cleaned up as project members.
	// If the list is empty all names are considered as allowed
	AllowedServiceAccountNames []string `json:"allowedServiceAccountNames"`
}

ServiceAccountControllerConfiguration defines the configuration of the ServiceAccount controller.

func (*ServiceAccountControllerConfiguration) DeepCopy added in v0.31.0 

func (in *ServiceAccountControllerConfiguration) DeepCopy() *ServiceAccountControllerConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceAccountControllerConfiguration.

func (*ServiceAccountControllerConfiguration) DeepCopyInto added in v0.31.0 

func (in *ServiceAccountControllerConfiguration) DeepCopyInto(out *ServiceAccountControllerConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ShootRef added in v0.31.0 

type ShootRef struct {
	// Namespace is the namespace of the shoot cluster
	Namespace string `json:"namespace"`
	// Name is the name of the shoot cluster
	Name string `json:"name"`
}

ShootRef references the shoot cluster by namespace and name

func (*ShootRef) DeepCopy added in v0.31.0 

func (in *ShootRef) DeepCopy() *ShootRef

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ShootRef.

func (*ShootRef) DeepCopyInto added in v0.31.0 

func (in *ShootRef) DeepCopyInto(out *ShootRef)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TargetCluster 

type TargetCluster struct {
	// ClusterCredentials define the credentials to the target cluster
	Credentials ClusterCredentials `json:"credentials"`

	// CleanupProjectMembership indicates if the service account referenced by credentials.serviceAccountRef should be removed as project member if not referenced anymore by a Terminal resource.
	// If true, the credentials.serviceAccountRef.namespace must be the same as the Terminal resource.
	// +optional
	CleanupProjectMembership *bool `json:"cleanupProjectMembership,omitempty"`

	// Namespace is a reference to the namespace within the target cluster in which the resources should be placed.
	// This field should not be set if TemporaryNamespace is set to true
	// +optional
	Namespace *string `json:"namespace,omitempty"`

	// TemporaryNamespace is a flag to indicate if the namespace should be ephemeral. If true, the namespace will be created and when the terminal is deleted, the namespace is also deleted.
	// If true, the mutating webhook makes sure that a temporary namespace is set; in this case you cannot choose the namespace
	// This field should be false if Namespace is set. You cannot define the name of the temporary namespace.
	// +optional
	TemporaryNamespace *bool `json:"temporaryNamespace,omitempty"`

	// KubeconfigContextNamespace is a reference to the namespace within the host cluster that should be used as default in the kubeconfig context
	KubeconfigContextNamespace string `json:"kubeconfigContextNamespace"`

	// APIServerServiceRef is a reference to the kube-apiserver service on the host cluster that points to the kube-apiserver of the target cluster. If no namespace is set on the object reference, it is defaulted to Spec.Host.Namespace.
	// +optional
	// Deprecated: use APIServer.ServiceRef instead
	APIServerServiceRef *corev1.ObjectReference `json:"apiServerServiceRef,omitempty"`

	// APIServer references the kube-apiserver of the target cluster.
	// +optional
	APIServer *APIServer `json:"apiServer,omitempty"`

	// RoleName is the name of the ClusterRole the "access" service account is bound to.
	// +optional
	// Deprecated: use Authorization.RoleBindings[].RoleRef.NameSuffix instead
	RoleName string `json:"roleName,omitempty"`

	// BindingKind defines the desired role binding. ClusterRoleBinding will result in a ClusterRoleBinding. RoleBinding will result in a RoleBinding.
	// +optional
	// Deprecated: use Authorization.RoleBindings[].BindingKind instead
	BindingKind BindingKind `json:"bindingKind,omitempty"`

	Authorization *Authorization `json:"authorization,omitempty"`
}

TargetCluster defines the desired state of the resources related to the target cluster

func (*TargetCluster) DeepCopy 

func (in *TargetCluster) DeepCopy() *TargetCluster

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetCluster.

func (*TargetCluster) DeepCopyInto 

func (in *TargetCluster) DeepCopyInto(out *TargetCluster)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Terminal 

type Terminal struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   TerminalSpec   `json:"spec,omitempty"`
	Status TerminalStatus `json:"status,omitempty"`
}

Terminal is the Schema for the terminals API

func (*Terminal) DeepCopy 

func (in *Terminal) DeepCopy() *Terminal

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Terminal.

func (*Terminal) DeepCopyInto 

func (in *Terminal) DeepCopyInto(out *Terminal)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Terminal) DeepCopyObject 

func (in *Terminal) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Terminal) NewAnnotationsSet 

func (t *Terminal) NewAnnotationsSet() (*utils.Set, error)

func (*Terminal) NewLabelsSet 

func (t *Terminal) NewLabelsSet() (*labels.Set, error)

type TerminalControllerConfiguration 

type TerminalControllerConfiguration struct {
	// MaxConcurrentReconciles is the maximum number of concurrent Reconciles which can be run. Defaults to 15.
	MaxConcurrentReconciles int `json:"maxConcurrentReconciles"`

	// MaxConcurrentReconciles is the maximum number of concurrent Reconciles which can be run per Namespace (independent of the user who created the Terminal resource). Defaults to 3.
	MaxConcurrentReconcilesPerNamespace int `json:"maxConcurrentReconcilesPerNamespace"`

	// TokenRequestExpirationSeconds is the requested duration of validity of the access token request.
	// The token issuer may return a token with a different validity duration.
	TokenRequestExpirationSeconds *int64 `json:"tokenRequestExpirationSeconds"`
}

TerminalControllerConfiguration defines the configuration of the Terminal controller.

func (*TerminalControllerConfiguration) DeepCopy 

func (in *TerminalControllerConfiguration) DeepCopy() *TerminalControllerConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TerminalControllerConfiguration.

func (*TerminalControllerConfiguration) DeepCopyInto 

func (in *TerminalControllerConfiguration) DeepCopyInto(out *TerminalControllerConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TerminalHeartbeatControllerConfiguration 

type TerminalHeartbeatControllerConfiguration struct {
	// MaxConcurrentReconciles is the maximum number of concurrent Reconciles which can be run. Defaults to 1.
	MaxConcurrentReconciles int `json:"maxConcurrentReconciles"`

	// TimeToLive is the duration a Terminal resource can live without receiving a heartbeat with the "dashboard.gardener.cloud/operation=keepalive" annotation. Defaults to 5m.
	TimeToLive Duration `json:"timeToLive"`
}

TerminalHeartbeatControllerConfiguration defines the configuration of the TerminalHeartbeat controller.

func (*TerminalHeartbeatControllerConfiguration) DeepCopy 

func (in *TerminalHeartbeatControllerConfiguration) DeepCopy() *TerminalHeartbeatControllerConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TerminalHeartbeatControllerConfiguration.

func (*TerminalHeartbeatControllerConfiguration) DeepCopyInto 

func (in *TerminalHeartbeatControllerConfiguration) DeepCopyInto(out *TerminalHeartbeatControllerConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TerminalList 

type TerminalList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Terminal `json:"items"`
}

TerminalList contains a list of Terminal

func (*TerminalList) DeepCopy 

func (in *TerminalList) DeepCopy() *TerminalList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TerminalList.

func (*TerminalList) DeepCopyInto 

func (in *TerminalList) DeepCopyInto(out *TerminalList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*TerminalList) DeepCopyObject 

func (in *TerminalList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type TerminalSpec 

type TerminalSpec struct {
	Identifier string        `json:"identifier"`
	Host       HostCluster   `json:"host"`
	Target     TargetCluster `json:"target"`
}

TerminalSpec defines the desired state of Terminal

func (*TerminalSpec) DeepCopy 

func (in *TerminalSpec) DeepCopy() *TerminalSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TerminalSpec.

func (*TerminalSpec) DeepCopyInto 

func (in *TerminalSpec) DeepCopyInto(out *TerminalSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TerminalStatus 

type TerminalStatus struct {
	// AttachServiceAccountName is the name of service account on the host cluster
	// +optional
	AttachServiceAccountName *string `json:"attachServiceAccountName,omitempty"`
	// PodName is the name of the pod on the host cluster
	// +optional
	PodName *string `json:"podName,omitempty"`
	// LastOperation indicates the type and the state of the last operation, along with a description message.
	// +optional
	LastOperation *LastOperation `json:"lastOperation,omitempty"`
	// LastError contains details about the last error that occurred.
	// +optional
	LastError *LastError `json:"lastError,omitempty"`
}

TerminalStatus defines the observed state of Terminal

func (*TerminalStatus) DeepCopy 

func (in *TerminalStatus) DeepCopy() *TerminalStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TerminalStatus.

func (*TerminalStatus) DeepCopyInto 

func (in *TerminalStatus) DeepCopyInto(out *TerminalStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TerminalValidatingWebhookConfiguration 

type TerminalValidatingWebhookConfiguration struct {
	// MaxObjectSize is the maximum size of a terminal resource in bytes. Defaults to 10240.
	MaxObjectSize int `json:"maxObjectSize"`
}

TerminalValidatingWebhookConfiguration defines the configuration of the validating webhook.

func (*TerminalValidatingWebhookConfiguration) DeepCopy 

func (in *TerminalValidatingWebhookConfiguration) DeepCopy() *TerminalValidatingWebhookConfiguration

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TerminalValidatingWebhookConfiguration.

func (*TerminalValidatingWebhookConfiguration) DeepCopyInto 

func (in *TerminalValidatingWebhookConfiguration) DeepCopyInto(out *TerminalValidatingWebhookConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.