Documentation
¶
Overview ¶
Package v1alpha2 contains API Schema definitions for the iam v1alpha2 API group +k8s:openapi-gen=true +k8s:deepcopy-gen=package,register +k8s:conversion-gen=kubesphere.io/kubesphere/pkg/apis/iam +k8s:defaulter-gen=TypeMeta +groupName=iam.kubesphere.io
Index ¶
- Constants
- Variables
- func Resource(resource string) schema.GroupResource
- type FinalizerName
- type GlobalRole
- type GlobalRoleBinding
- type GlobalRoleBindingList
- type GlobalRoleList
- type LoginRecord
- type LoginRecordList
- type LoginRecordSpec
- type LoginType
- type RoleBase
- type RoleBaseList
- type User
- type UserList
- type UserSpec
- type UserState
- type UserStatus
- type WorkspaceRole
- type WorkspaceRoleBinding
- type WorkspaceRoleBindingList
- type WorkspaceRoleList
Constants ¶
const ( ResourceKindUser = "User" ResourcesSingularUser = "user" ResourcesPluralUser = "users" ResourceKindLoginRecord = "LoginRecord" ResourcesSingularLoginRecord = "loginrecord" ResourcesPluralLoginRecord = "loginrecords" ResourceKindGlobalRoleBinding = "GlobalRoleBinding" ResourcesSingularGlobalRoleBinding = "globalrolebinding" ResourcesPluralGlobalRoleBinding = "globalrolebindings" ResourceKindClusterRoleBinding = "ClusterRoleBinding" ResourcesSingularClusterRoleBinding = "clusterrolebinding" ResourcesPluralClusterRoleBinding = "clusterrolebindings" ResourceKindRoleBinding = "RoleBinding" ResourcesSingularRoleBinding = "rolebinding" ResourcesPluralRoleBinding = "rolebindings" ResourceKindGlobalRole = "GlobalRole" ResourcesSingularGlobalRole = "globalrole" ResourcesPluralGlobalRole = "globalroles" ResourceKindWorkspaceRoleBinding = "WorkspaceRoleBinding" ResourcesSingularWorkspaceRoleBinding = "workspacerolebinding" ResourcesPluralWorkspaceRoleBinding = "workspacerolebindings" ResourceKindWorkspaceRole = "WorkspaceRole" ResourcesSingularWorkspaceRole = "workspacerole" ResourcesPluralWorkspaceRole = "workspaceroles" ResourceKindClusterRole = "ClusterRole" ResourcesSingularClusterRole = "clusterrole" ResourcesPluralClusterRole = "clusterroles" ResourceKindRole = "Role" ResourcesSingularRole = "role" ResourcesPluralRole = "roles" RegoOverrideAnnotation = "iam.kubesphere.io/rego-override" AggregationRolesAnnotation = "iam.kubesphere.io/aggregation-roles" GlobalRoleAnnotation = "iam.kubesphere.io/globalrole" WorkspaceRoleAnnotation = "iam.kubesphere.io/workspacerole" ClusterRoleAnnotation = "iam.kubesphere.io/clusterrole" RoleAnnotation = "iam.kubesphere.io/role" RoleTemplateLabel = "iam.kubesphere.io/role-template" ScopeLabelFormat = "scope.kubesphere.io/%s" UserReferenceLabel = "iam.kubesphere.io/user-ref" IdentifyProviderLabel = "iam.kubesphere.io/identify-provider" PasswordEncryptedAnnotation = "iam.kubesphere.io/password-encrypted" FieldEmail = "email" AggregateTo = "aggregateTo" ScopeWorkspace = "workspace" ScopeCluster = "cluster" ScopeNamespace = "namespace" ScopeDevOps = "devops" PlatformAdmin = "platform-admin" NamespaceAdmin = "admin" WorkspaceAdminFormat = "%s-admin" ClusterAdmin = "cluster-admin" )
Variables ¶
var ( // SchemeGroupVersion is group version used to register these objects SchemeGroupVersion = schema.GroupVersion{Group: "iam.kubesphere.io", Version: "v1alpha2"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) // AddToScheme is required by pkg/client/... AddToScheme = SchemeBuilder.AddToScheme )
Functions ¶
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource is required by pkg/client/listers/...
Types ¶
type FinalizerName ¶
type FinalizerName string
type GlobalRole ¶
type GlobalRole struct {
metav1.TypeMeta `json:",inline"`
// Standard object's metadata.
// +optional
metav1.ObjectMeta `json:"metadata,omitempty"`
// Rules holds all the PolicyRules for this GlobalRole
// +optional
Rules []rbacv1.PolicyRule `json:"rules" protobuf:"bytes,2,rep,name=rules"`
}
+kubebuilder:resource:categories="iam",scope="Cluster"
func (*GlobalRole) DeepCopy ¶
func (in *GlobalRole) DeepCopy() *GlobalRole
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GlobalRole.
func (*GlobalRole) DeepCopyInto ¶
func (in *GlobalRole) DeepCopyInto(out *GlobalRole)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*GlobalRole) DeepCopyObject ¶
func (in *GlobalRole) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type GlobalRoleBinding ¶
type GlobalRoleBinding struct {
metav1.TypeMeta `json:",inline"`
// Standard object's metadata.
// +optional
metav1.ObjectMeta `json:"metadata,omitempty"`
// Subjects holds references to the objects the role applies to.
// +optional
Subjects []rbacv1.Subject `json:"subjects,omitempty" protobuf:"bytes,2,rep,name=subjects"`
// RoleRef can only reference a GlobalRole.
// If the RoleRef cannot be resolved, the Authorizer must return an error.
RoleRef rbacv1.RoleRef `json:"roleRef" protobuf:"bytes,3,opt,name=roleRef"`
}
GlobalRoleBinding is the Schema for the globalrolebindings API +kubebuilder:resource:categories="iam",scope="Cluster"
func (*GlobalRoleBinding) DeepCopy ¶
func (in *GlobalRoleBinding) DeepCopy() *GlobalRoleBinding
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GlobalRoleBinding.
func (*GlobalRoleBinding) DeepCopyInto ¶
func (in *GlobalRoleBinding) DeepCopyInto(out *GlobalRoleBinding)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*GlobalRoleBinding) DeepCopyObject ¶
func (in *GlobalRoleBinding) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type GlobalRoleBindingList ¶
type GlobalRoleBindingList struct {
metav1.TypeMeta `json:",inline"`
// Standard object's metadata.
// +optional
metav1.ListMeta `json:"metadata,omitempty"`
Items []GlobalRoleBinding `json:"items"`
}
GlobalRoleBindingList contains a list of GlobalRoleBinding
func (*GlobalRoleBindingList) DeepCopy ¶
func (in *GlobalRoleBindingList) DeepCopy() *GlobalRoleBindingList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GlobalRoleBindingList.
func (*GlobalRoleBindingList) DeepCopyInto ¶
func (in *GlobalRoleBindingList) DeepCopyInto(out *GlobalRoleBindingList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*GlobalRoleBindingList) DeepCopyObject ¶
func (in *GlobalRoleBindingList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type GlobalRoleList ¶
type GlobalRoleList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []GlobalRole `json:"items"`
}
GlobalRoleList contains a list of GlobalRole
func (*GlobalRoleList) DeepCopy ¶
func (in *GlobalRoleList) DeepCopy() *GlobalRoleList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GlobalRoleList.
func (*GlobalRoleList) DeepCopyInto ¶
func (in *GlobalRoleList) DeepCopyInto(out *GlobalRoleList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*GlobalRoleList) DeepCopyObject ¶
func (in *GlobalRoleList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type LoginRecord ¶
type LoginRecord struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec LoginRecordSpec `json:"spec"`
}
+genclient +genclient:nonNamespaced +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +kubebuilder:printcolumn:name="Type",type="string",JSONPath=".spec.type" +kubebuilder:printcolumn:name="Provider",type="string",JSONPath=".spec.provider" +kubebuilder:printcolumn:name="From",type="string",JSONPath=".spec.sourceIP" +kubebuilder:printcolumn:name="Success",type="string",JSONPath=".spec.success" +kubebuilder:printcolumn:name="Reason",type="string",JSONPath=".spec.reason" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:categories="iam",scope="Cluster"
func (*LoginRecord) DeepCopy ¶
func (in *LoginRecord) DeepCopy() *LoginRecord
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoginRecord.
func (*LoginRecord) DeepCopyInto ¶
func (in *LoginRecord) DeepCopyInto(out *LoginRecord)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*LoginRecord) DeepCopyObject ¶
func (in *LoginRecord) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type LoginRecordList ¶
type LoginRecordList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []LoginRecord `json:"items"`
}
LoginRecordList contains a list of LoginRecord
func (*LoginRecordList) DeepCopy ¶
func (in *LoginRecordList) DeepCopy() *LoginRecordList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoginRecordList.
func (*LoginRecordList) DeepCopyInto ¶
func (in *LoginRecordList) DeepCopyInto(out *LoginRecordList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*LoginRecordList) DeepCopyObject ¶
func (in *LoginRecordList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type LoginRecordSpec ¶
type LoginRecordSpec struct {
// Which authentication method used, BasicAuth/OAuth
Type LoginType `json:"type"`
// Provider of authentication, Ldap/Github etc.
Provider string `json:"provider"`
// Source IP of client
SourceIP string `json:"sourceIP"`
// User agent of login attempt
UserAgent string `json:"userAgent,omitempty"`
// Successful login attempt or not
Success bool `json:"success"`
// States failed login attempt reason
Reason string `json:"reason"`
}
func (*LoginRecordSpec) DeepCopy ¶
func (in *LoginRecordSpec) DeepCopy() *LoginRecordSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoginRecordSpec.
func (*LoginRecordSpec) DeepCopyInto ¶
func (in *LoginRecordSpec) DeepCopyInto(out *LoginRecordSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RoleBase ¶
type RoleBase struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Role runtime.RawExtension `json:"role"`
}
+genclient +genclient:nonNamespaced +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +kubebuilder:resource:categories="iam",scope="Cluster"
func (*RoleBase) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleBase.
func (*RoleBase) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*RoleBase) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type RoleBaseList ¶
type RoleBaseList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []RoleBase `json:"items"`
}
RoleBaseList contains a list of RoleBase
func (*RoleBaseList) DeepCopy ¶
func (in *RoleBaseList) DeepCopy() *RoleBaseList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleBaseList.
func (*RoleBaseList) DeepCopyInto ¶
func (in *RoleBaseList) DeepCopyInto(out *RoleBaseList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*RoleBaseList) DeepCopyObject ¶
func (in *RoleBaseList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type User ¶
type User struct {
metav1.TypeMeta `json:",inline"`
// Standard object's metadata.
// +optional
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec UserSpec `json:"spec"`
// +optional
Status UserStatus `json:"status,omitempty"`
}
User is the Schema for the users API +kubebuilder:printcolumn:name="Email",type="string",JSONPath=".spec.email" +kubebuilder:printcolumn:name="Status",type="string",JSONPath=".status.state" +kubebuilder:resource:categories="iam",scope="Cluster"
func (*User) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new User.
func (*User) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*User) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type UserList ¶
type UserList struct {
metav1.TypeMeta `json:",inline"`
// Standard object's metadata.
// +optional
metav1.ListMeta `json:"metadata,omitempty"`
Items []User `json:"items"`
}
UserList contains a list of User
func (*UserList) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserList.
func (*UserList) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*UserList) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type UserSpec ¶
type UserSpec struct {
// Unique email address(https://www.ietf.org/rfc/rfc5322.txt).
Email string `json:"email"`
// The preferred written or spoken language for the user.
// +optional
Lang string `json:"lang,omitempty"`
// Description of the user.
// +optional
Description string `json:"description,omitempty"`
// +optional
DisplayName string `json:"displayName,omitempty"`
// +optional
Groups []string `json:"groups,omitempty"`
// password will be encrypted by mutating admission webhook
EncryptedPassword string `json:"password,omitempty"`
}
UserSpec defines the desired state of User
func (*UserSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserSpec.
func (*UserSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type UserState ¶
type UserState string
const ( // UserActive means the user is available. UserActive UserState = "Active" // UserDisabled means the user is disabled. UserDisabled UserState = "Disabled" // UserDisabled means the user is disabled. UserAuthLimitExceeded UserState = "AuthLimitExceeded" AuthenticatedSuccessfully = "authenticated successfully" )
These are the valid phases of a user.
type UserStatus ¶
type UserStatus struct {
// The user status
// +optional
State UserState `json:"state,omitempty"`
// +optional
Reason string `json:"reason,omitempty"`
// +optional
LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"`
// Last login attempt timestamp
// +optional
LastLoginTime *metav1.Time `json:"lastLoginTime,omitempty"`
}
UserStatus defines the observed state of User
func (*UserStatus) DeepCopy ¶
func (in *UserStatus) DeepCopy() *UserStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserStatus.
func (*UserStatus) DeepCopyInto ¶
func (in *UserStatus) DeepCopyInto(out *UserStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type WorkspaceRole ¶
type WorkspaceRole struct {
metav1.TypeMeta `json:",inline"`
// Standard object's metadata.
// +optional
metav1.ObjectMeta `json:"metadata,omitempty"`
// Rules holds all the PolicyRules for this WorkspaceRole
// +optional
Rules []rbacv1.PolicyRule `json:"rules" protobuf:"bytes,2,rep,name=rules"`
}
+kubebuilder:printcolumn:name="Workspace",type="string",JSONPath=".metadata.labels.kubesphere\\.io/workspace" +kubebuilder:printcolumn:name="Alias",type="string",JSONPath=".metadata.annotations.kubesphere\\.io/alias-name" +kubebuilder:resource:categories="iam",scope="Cluster"
func (*WorkspaceRole) DeepCopy ¶
func (in *WorkspaceRole) DeepCopy() *WorkspaceRole
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkspaceRole.
func (*WorkspaceRole) DeepCopyInto ¶
func (in *WorkspaceRole) DeepCopyInto(out *WorkspaceRole)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*WorkspaceRole) DeepCopyObject ¶
func (in *WorkspaceRole) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type WorkspaceRoleBinding ¶
type WorkspaceRoleBinding struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// Subjects holds references to the objects the role applies to.
// +optional
Subjects []rbacv1.Subject `json:"subjects,omitempty" protobuf:"bytes,2,rep,name=subjects"`
// RoleRef can only reference a WorkspaceRole.
// If the RoleRef cannot be resolved, the Authorizer must return an error.
RoleRef rbacv1.RoleRef `json:"roleRef" protobuf:"bytes,3,opt,name=roleRef"`
}
WorkspaceRoleBinding is the Schema for the workspacerolebindings API +kubebuilder:printcolumn:name="Workspace",type="string",JSONPath=".metadata.labels.kubesphere\\.io/workspace" +kubebuilder:resource:categories="iam",scope="Cluster"
func (*WorkspaceRoleBinding) DeepCopy ¶
func (in *WorkspaceRoleBinding) DeepCopy() *WorkspaceRoleBinding
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkspaceRoleBinding.
func (*WorkspaceRoleBinding) DeepCopyInto ¶
func (in *WorkspaceRoleBinding) DeepCopyInto(out *WorkspaceRoleBinding)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*WorkspaceRoleBinding) DeepCopyObject ¶
func (in *WorkspaceRoleBinding) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type WorkspaceRoleBindingList ¶
type WorkspaceRoleBindingList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []WorkspaceRoleBinding `json:"items"`
}
WorkspaceRoleBindingList contains a list of WorkspaceRoleBinding
func (*WorkspaceRoleBindingList) DeepCopy ¶
func (in *WorkspaceRoleBindingList) DeepCopy() *WorkspaceRoleBindingList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkspaceRoleBindingList.
func (*WorkspaceRoleBindingList) DeepCopyInto ¶
func (in *WorkspaceRoleBindingList) DeepCopyInto(out *WorkspaceRoleBindingList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*WorkspaceRoleBindingList) DeepCopyObject ¶
func (in *WorkspaceRoleBindingList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type WorkspaceRoleList ¶
type WorkspaceRoleList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []WorkspaceRole `json:"items"`
}
WorkspaceRoleList contains a list of WorkspaceRole
func (*WorkspaceRoleList) DeepCopy ¶
func (in *WorkspaceRoleList) DeepCopy() *WorkspaceRoleList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkspaceRoleList.
func (*WorkspaceRoleList) DeepCopyInto ¶
func (in *WorkspaceRoleList) DeepCopyInto(out *WorkspaceRoleList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*WorkspaceRoleList) DeepCopyObject ¶
func (in *WorkspaceRoleList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
Source Files