-
Notifications
You must be signed in to change notification settings - Fork 463
/
types_project.go
150 lines (135 loc) · 6.55 KB
/
types_project.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
// Copyright 2018 SAP SE or an SAP affiliate company. All rights reserved. This file is licensed under the Apache Software License, v. 2 except as noted otherwise in the LICENSE file
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package core
import (
rbacv1 "k8s.io/api/rbac/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
// +genclient
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// Project holds certain properties about a Gardener project.
type Project struct {
metav1.TypeMeta
// Standard object metadata.
metav1.ObjectMeta
// Spec defines the project properties.
Spec ProjectSpec
// Most recently observed status of the Project.
Status ProjectStatus
}
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// ProjectList is a collection of Projects.
type ProjectList struct {
metav1.TypeMeta
// Standard list object metadata.
metav1.ListMeta
// Items is the list of Projects.
Items []Project
}
// ProjectSpec is the specification of a Project.
type ProjectSpec struct {
// CreatedBy is a subject representing a user name, an email address, or any other identifier of a user
// who created the project. This field is immutable.
CreatedBy *rbacv1.Subject
// Description is a human-readable description of what the project is used for.
Description *string
// Owner is a subject representing a user name, an email address, or any other identifier of a user owning
// the project.
Owner *rbacv1.Subject
// Purpose is a human-readable explanation of the project's purpose.
Purpose *string
// Members is a list of subjects representing a user name, an email address, or any other identifier of a user,
// group, or service account that has a certain role.
Members []ProjectMember
// Namespace is the name of the namespace that has been created for the Project object.
// A nil value means that Gardener will determine the name of the namespace.
// This field is immutable.
Namespace *string
// Tolerations contains the default tolerations and a list for allowed taints on seed clusters.
Tolerations *ProjectTolerations
}
// ProjectStatus holds the most recently observed status of the project.
type ProjectStatus struct {
// ObservedGeneration is the most recent generation observed for this project.
ObservedGeneration int64
// Phase is the current phase of the project.
Phase ProjectPhase
// StaleSinceTimestamp contains the timestamp when the project was first discovered to be stale/unused.
StaleSinceTimestamp *metav1.Time
// StaleAutoDeleteTimestamp contains the timestamp when the project will be garbage-collected/automatically deleted
// because it's stale/unused.
StaleAutoDeleteTimestamp *metav1.Time
// LastActivityTimestamp contains the timestamp from the last activity performed in this project.
LastActivityTimestamp *metav1.Time
}
// ProjectMember is a member of a project.
type ProjectMember struct {
// Subject is representing a user name, an email address, or any other identifier of a user, group, or service
// account that has a certain role.
rbacv1.Subject
// Roles is a list of roles of this member.
Roles []string
}
// ProjectTolerations contains the tolerations for taints on seed clusters.
type ProjectTolerations struct {
// Defaults contains a list of tolerations that are added to the shoots in this project by default.
Defaults []Toleration
// Whitelist contains a list of tolerations that are allowed to be added to the shoots in this project. Please note
// that this list may only be added by users having the `spec-tolerations-whitelist` verb for project resources.
Whitelist []Toleration
}
// Toleration is a toleration for a seed taint.
type Toleration struct {
// Key is the toleration key to be applied to a project or shoot.
Key string
// Value is the toleration value corresponding to the toleration key.
Value *string
}
const (
// ProjectMemberAdmin is a const for a role that provides full admin access.
ProjectMemberAdmin = "admin"
// ProjectMemberOwner is a const for a role that provides full owner access.
ProjectMemberOwner = "owner"
// ProjectMemberViewer is a const for a role that provides limited permissions to only view some resources.
ProjectMemberViewer = "viewer"
// ProjectMemberUserAccessManager is a const for a role that provides permissions to manage human user(s, (groups)).
ProjectMemberUserAccessManager = "uam"
// ProjectMemberServiceAccountManager is a const for a role that provides permissions to manage service accounts and request tokens for them.
ProjectMemberServiceAccountManager = "serviceaccountmanager"
// ProjectMemberExtensionPrefix is a prefix for custom roles that are not known by Gardener.
ProjectMemberExtensionPrefix = "extension:"
)
// ProjectPhase is a label for the condition of a project at the current time.
type ProjectPhase string
const (
// ProjectPending indicates that the project reconciliation is pending.
ProjectPending ProjectPhase = "Pending"
// ProjectReady indicates that the project reconciliation was successful.
ProjectReady ProjectPhase = "Ready"
// ProjectFailed indicates that the project reconciliation failed.
ProjectFailed ProjectPhase = "Failed"
// ProjectTerminating indicates that the project is in termination process.
ProjectTerminating ProjectPhase = "Terminating"
// ProjectEventNamespaceReconcileFailed indicates that the namespace reconciliation has failed.
ProjectEventNamespaceReconcileFailed = "NamespaceReconcileFailed"
// ProjectEventNamespaceReconcileSuccessful indicates that the namespace reconciliation has succeeded.
ProjectEventNamespaceReconcileSuccessful = "NamespaceReconcileSuccessful"
// ProjectEventNamespaceNotEmpty indicates that the namespace cannot be released because it is not empty.
ProjectEventNamespaceNotEmpty = "NamespaceNotEmpty"
// ProjectEventNamespaceDeletionFailed indicates that the namespace deletion failed.
ProjectEventNamespaceDeletionFailed = "NamespaceDeletionFailed"
// ProjectEventNamespaceMarkedForDeletion indicates that the namespace has been successfully marked for deletion.
ProjectEventNamespaceMarkedForDeletion = "NamespaceMarkedForDeletion"
)