/
types.go
51 lines (44 loc) · 2.22 KB
/
types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
// SPDX-FileCopyrightText: 2022 SAP SE or an SAP affiliate company and Gardener contributors
//
// SPDX-License-Identifier: Apache-2.0
package v1alpha1
import (
healthcheckconfigv1alpha1 "github.com/gardener/gardener/extensions/pkg/apis/config/v1alpha1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// Configuration contains information about the Lakom service configuration.
type Configuration struct {
metav1.TypeMeta `json:",inline"`
// HealthCheckConfig is the config for the health check controller.
// +optional
HealthCheckConfig *healthcheckconfigv1alpha1.HealthCheckConfig `json:"healthCheckConfig,omitempty"`
// CosignPublicKeys is the cosign public keys used to verify image signatures.
CosignPublicKeys []string `json:"cosignPublicKeys,omitempty"`
// DebugConfig contains debug configurations for the controller.
// +optional
DebugConfig *DebugConfig `json:"debugConfig,omitempty"`
// SeedBootstrap configures the seed bootstrap controller.
SeedBootstrap SeedBootstrap `json:"seedBootstrap"`
// UseOnlyImagePullSecrets sets lakom to use only the image pull secrets of the pod to access the OCI registry.
// Otherwise, also the node identity and docker config file are used.
UseOnlyImagePullSecrets bool `json:"useOnlyImagePullSecrets"`
// AllowUntrustedImages sets lakom webhook to allow images without trusted signature.
// Instead to deny the request, the webhook will allow it with a warning.
AllowUntrustedImages bool `json:"allowUntrustedImages"`
}
// DebugConfig contains debug configurations for the controller.
type DebugConfig struct {
// EnableProfiling enables profiling via web interface host:port/debug/pprof/.
EnableProfiling bool `json:"enableProfiling"`
// EnableContentionProfiling enables lock contention profiling, if
// enableProfiling is true.
EnableContentionProfiling bool `json:"enableContentionProfiling"`
}
// SeedBootstrap holds configurations for the seed bootstrap controller.
type SeedBootstrap struct {
// OwnerNamespace is the name of the namespace owning the resources related
// to the seed bootstrap, as well as where the managed resources are deployed.
OwnerNamespace string `json:"ownerNamespace"`
}