Merge pull request #934 from mrajashree/nestedGoogle

Add option for nested group memberships based access

apis/management.cattle.io/v3/authn_types.go

@@ -167,11 +167,12 @@ type GoogleOauthConfig struct {
 	metav1.ObjectMeta `json:"metadata,omitempty"`
 	AuthConfig        `json:",inline" mapstructure:",squash"`
 
-	OauthCredential          string `json:"oauthCredential,omitempty" norman:"required,type=password,notnullable"`
-	ServiceAccountCredential string `json:"serviceAccountCredential,omitempty" norman:"required,type=password,notnullable"`
-	AdminEmail               string `json:"adminEmail,omitempty" norman:"required,notnullable"`
-	Hostname                 string `json:"hostname,omitempty" norman:"required,notnullable,noupdate"`
-	UserInfoEndpoint         string `json:"userInfoEndpoint" norman:"default=https://openidconnect.googleapis.com/v1/userinfo,required,notnullable"`
+	OauthCredential              string `json:"oauthCredential,omitempty" norman:"required,type=password,notnullable"`
+	ServiceAccountCredential     string `json:"serviceAccountCredential,omitempty" norman:"required,type=password,notnullable"`
+	AdminEmail                   string `json:"adminEmail,omitempty" norman:"required,notnullable"`
+	Hostname                     string `json:"hostname,omitempty" norman:"required,notnullable,noupdate"`
+	UserInfoEndpoint             string `json:"userInfoEndpoint" norman:"default=https://openidconnect.googleapis.com/v1/userinfo,required,notnullable"`
+	NestedGroupMembershipEnabled bool   `json:"nestedGroupMembershipEnabled"    norman:"default=false"`
 }
 
 type GoogleOauthConfigTestOutput struct {

client/management/v3/zz_generated_google_oauth_config.go

@@ -1,42 +1,44 @@
 package client
 
 const (
-	GoogleOauthConfigType                          = "googleOauthConfig"
-	GoogleOauthConfigFieldAccessMode               = "accessMode"
-	GoogleOauthConfigFieldAdminEmail               = "adminEmail"
-	GoogleOauthConfigFieldAllowedPrincipalIDs      = "allowedPrincipalIds"
-	GoogleOauthConfigFieldAnnotations              = "annotations"
-	GoogleOauthConfigFieldCreated                  = "created"
-	GoogleOauthConfigFieldCreatorID                = "creatorId"
-	GoogleOauthConfigFieldEnabled                  = "enabled"
-	GoogleOauthConfigFieldHostname                 = "hostname"
-	GoogleOauthConfigFieldLabels                   = "labels"
-	GoogleOauthConfigFieldName                     = "name"
-	GoogleOauthConfigFieldOauthCredential          = "oauthCredential"
-	GoogleOauthConfigFieldOwnerReferences          = "ownerReferences"
-	GoogleOauthConfigFieldRemoved                  = "removed"
-	GoogleOauthConfigFieldServiceAccountCredential = "serviceAccountCredential"
-	GoogleOauthConfigFieldType                     = "type"
-	GoogleOauthConfigFieldUUID                     = "uuid"
-	GoogleOauthConfigFieldUserInfoEndpoint         = "userInfoEndpoint"
+	GoogleOauthConfigType                              = "googleOauthConfig"
+	GoogleOauthConfigFieldAccessMode                   = "accessMode"
+	GoogleOauthConfigFieldAdminEmail                   = "adminEmail"
+	GoogleOauthConfigFieldAllowedPrincipalIDs          = "allowedPrincipalIds"
+	GoogleOauthConfigFieldAnnotations                  = "annotations"
+	GoogleOauthConfigFieldCreated                      = "created"
+	GoogleOauthConfigFieldCreatorID                    = "creatorId"
+	GoogleOauthConfigFieldEnabled                      = "enabled"
+	GoogleOauthConfigFieldHostname                     = "hostname"
+	GoogleOauthConfigFieldLabels                       = "labels"
+	GoogleOauthConfigFieldName                         = "name"
+	GoogleOauthConfigFieldNestedGroupMembershipEnabled = "nestedGroupMembershipEnabled"
+	GoogleOauthConfigFieldOauthCredential              = "oauthCredential"
+	GoogleOauthConfigFieldOwnerReferences              = "ownerReferences"
+	GoogleOauthConfigFieldRemoved                      = "removed"
+	GoogleOauthConfigFieldServiceAccountCredential     = "serviceAccountCredential"
+	GoogleOauthConfigFieldType                         = "type"
+	GoogleOauthConfigFieldUUID                         = "uuid"
+	GoogleOauthConfigFieldUserInfoEndpoint             = "userInfoEndpoint"
 )
 
 type GoogleOauthConfig struct {
-	AccessMode               string            `json:"accessMode,omitempty" yaml:"accessMode,omitempty"`
-	AdminEmail               string            `json:"adminEmail,omitempty" yaml:"adminEmail,omitempty"`
-	AllowedPrincipalIDs      []string          `json:"allowedPrincipalIds,omitempty" yaml:"allowedPrincipalIds,omitempty"`
-	Annotations              map[string]string `json:"annotations,omitempty" yaml:"annotations,omitempty"`
-	Created                  string            `json:"created,omitempty" yaml:"created,omitempty"`
-	CreatorID                string            `json:"creatorId,omitempty" yaml:"creatorId,omitempty"`
-	Enabled                  bool              `json:"enabled,omitempty" yaml:"enabled,omitempty"`
-	Hostname                 string            `json:"hostname,omitempty" yaml:"hostname,omitempty"`
-	Labels                   map[string]string `json:"labels,omitempty" yaml:"labels,omitempty"`
-	Name                     string            `json:"name,omitempty" yaml:"name,omitempty"`
-	OauthCredential          string            `json:"oauthCredential,omitempty" yaml:"oauthCredential,omitempty"`
-	OwnerReferences          []OwnerReference  `json:"ownerReferences,omitempty" yaml:"ownerReferences,omitempty"`
-	Removed                  string            `json:"removed,omitempty" yaml:"removed,omitempty"`
-	ServiceAccountCredential string            `json:"serviceAccountCredential,omitempty" yaml:"serviceAccountCredential,omitempty"`
-	Type                     string            `json:"type,omitempty" yaml:"type,omitempty"`
-	UUID                     string            `json:"uuid,omitempty" yaml:"uuid,omitempty"`
-	UserInfoEndpoint         string            `json:"userInfoEndpoint,omitempty" yaml:"userInfoEndpoint,omitempty"`
+	AccessMode                   string            `json:"accessMode,omitempty" yaml:"accessMode,omitempty"`
+	AdminEmail                   string            `json:"adminEmail,omitempty" yaml:"adminEmail,omitempty"`
+	AllowedPrincipalIDs          []string          `json:"allowedPrincipalIds,omitempty" yaml:"allowedPrincipalIds,omitempty"`
+	Annotations                  map[string]string `json:"annotations,omitempty" yaml:"annotations,omitempty"`
+	Created                      string            `json:"created,omitempty" yaml:"created,omitempty"`
+	CreatorID                    string            `json:"creatorId,omitempty" yaml:"creatorId,omitempty"`
+	Enabled                      bool              `json:"enabled,omitempty" yaml:"enabled,omitempty"`
+	Hostname                     string            `json:"hostname,omitempty" yaml:"hostname,omitempty"`
+	Labels                       map[string]string `json:"labels,omitempty" yaml:"labels,omitempty"`
+	Name                         string            `json:"name,omitempty" yaml:"name,omitempty"`
+	NestedGroupMembershipEnabled bool              `json:"nestedGroupMembershipEnabled,omitempty" yaml:"nestedGroupMembershipEnabled,omitempty"`
+	OauthCredential              string            `json:"oauthCredential,omitempty" yaml:"oauthCredential,omitempty"`
+	OwnerReferences              []OwnerReference  `json:"ownerReferences,omitempty" yaml:"ownerReferences,omitempty"`
+	Removed                      string            `json:"removed,omitempty" yaml:"removed,omitempty"`
+	ServiceAccountCredential     string            `json:"serviceAccountCredential,omitempty" yaml:"serviceAccountCredential,omitempty"`
+	Type                         string            `json:"type,omitempty" yaml:"type,omitempty"`
+	UUID                         string            `json:"uuid,omitempty" yaml:"uuid,omitempty"`
+	UserInfoEndpoint             string            `json:"userInfoEndpoint,omitempty" yaml:"userInfoEndpoint,omitempty"`
 }