mirror of
https://github.com/rancher/types.git
synced 2025-07-14 05:34:02 +00:00
Move PSP to project and cluster
PSPs will only be able to be set directly on cluster or project and only by a cluster-admin.
This commit is contained in:
Craig Jellick
Darren Shepherd
parent
b00b71962e
commit
84196a0f47
@ -14,8 +14,9 @@ type Project struct {
|
||||
}
|
||||
|
||||
type ProjectSpec struct {
|
||||
DisplayName string `json:"displayName,omitempty" norman:"required"`
|
||||
ClusterName string `json:"clusterName,omitempty" norman:"required,type=reference[cluster]"`
|
||||
DisplayName string `json:"displayName,omitempty" norman:"required"`
|
||||
ClusterName string `json:"clusterName,omitempty" norman:"required,type=reference[cluster]"`
|
||||
PodSecurityPolicyTemplateName string `json:"podSecurityPolicyTemplateName,omitempty" norman:"type=reference[podSecurityPolicyTemplate]"`
|
||||
}
|
||||
|
||||
type RoleTemplate struct {
|
||||
@ -25,8 +26,7 @@ type RoleTemplate struct {
|
||||
Rules []rbacv1.PolicyRule `json:"rules,omitempty"`
|
||||
Builtin bool `json:"builtin"`
|
||||
|
||||
RoleTemplateNames []string `json:"roleTemplateNames,omitempty" norman:"type=array[reference[roleTemplate]]"`
|
||||
PodSecurityPolicyTemplateNames []string `json:"podSecurityPolicyTemplateNames,omitempty" norman:"type=array[reference[podSecurityPolicyTemplate]]"`
|
||||
RoleTemplateNames []string `json:"roleTemplateNames,omitempty" norman:"type=array[reference[roleTemplate]]"`
|
||||
}
|
||||
|
||||
type PodSecurityPolicyTemplate struct {
|
||||
|
||||
@ -35,11 +35,12 @@ type Cluster struct {
|
||||
}
|
||||
|
||||
type ClusterSpec struct {
|
||||
Description string `json:"description"`
|
||||
Internal bool `json:"internal" norman:"nocreate,noupdate"`
|
||||
GoogleKubernetesEngineConfig *GoogleKubernetesEngineConfig `json:"googleKubernetesEngineConfig,omitempty"`
|
||||
AzureKubernetesServiceConfig *AzureKubernetesServiceConfig `json:"azureKubernetesServiceConfig,omitempty"`
|
||||
RancherKubernetesEngineConfig *RancherKubernetesEngineConfig `json:"rancherKubernetesEngineConfig,omitempty"`
|
||||
Description string `json:"description"`
|
||||
Internal bool `json:"internal" norman:"nocreate,noupdate"`
|
||||
GoogleKubernetesEngineConfig *GoogleKubernetesEngineConfig `json:"googleKubernetesEngineConfig,omitempty"`
|
||||
AzureKubernetesServiceConfig *AzureKubernetesServiceConfig `json:"azureKubernetesServiceConfig,omitempty"`
|
||||
RancherKubernetesEngineConfig *RancherKubernetesEngineConfig `json:"rancherKubernetesEngineConfig,omitempty"`
|
||||
DefaultPodSecurityPolicyTemplateName string `json:"defaultPodSecurityPolicyTemplateName,omitempty" norman:"type=reference[podSecurityPolicyTemplate]"`
|
||||
}
|
||||
|
||||
type ClusterStatus struct {
|
||||
|
||||
@ -2142,11 +2142,6 @@ func (in *RoleTemplate) DeepCopyInto(out *RoleTemplate) {
|
||||
*out = make([]string, len(*in))
|
||||
copy(*out, *in)
|
||||
}
|
||||
if in.PodSecurityPolicyTemplateNames != nil {
|
||||
in, out := &in.PodSecurityPolicyTemplateNames, &out.PodSecurityPolicyTemplateNames
|
||||
*out = make([]string, len(*in))
|
||||
copy(*out, *in)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
@ -5,63 +5,65 @@ import (
|
||||
)
|
||||
|
||||
const (
|
||||
ClusterType = "cluster"
|
||||
ClusterFieldAPIEndpoint = "apiEndpoint"
|
||||
ClusterFieldAllocatable = "allocatable"
|
||||
ClusterFieldAnnotations = "annotations"
|
||||
ClusterFieldAzureKubernetesServiceConfig = "azureKubernetesServiceConfig"
|
||||
ClusterFieldCACert = "caCert"
|
||||
ClusterFieldCapacity = "capacity"
|
||||
ClusterFieldComponentStatuses = "componentStatuses"
|
||||
ClusterFieldConditions = "conditions"
|
||||
ClusterFieldCreated = "created"
|
||||
ClusterFieldDescription = "description"
|
||||
ClusterFieldFinalizers = "finalizers"
|
||||
ClusterFieldGoogleKubernetesEngineConfig = "googleKubernetesEngineConfig"
|
||||
ClusterFieldInternal = "internal"
|
||||
ClusterFieldLabels = "labels"
|
||||
ClusterFieldLimits = "limits"
|
||||
ClusterFieldName = "name"
|
||||
ClusterFieldOwnerReferences = "ownerReferences"
|
||||
ClusterFieldRancherKubernetesEngineConfig = "rancherKubernetesEngineConfig"
|
||||
ClusterFieldRemoved = "removed"
|
||||
ClusterFieldRequested = "requested"
|
||||
ClusterFieldResourcePath = "resourcePath"
|
||||
ClusterFieldServiceAccountToken = "serviceAccountToken"
|
||||
ClusterFieldState = "state"
|
||||
ClusterFieldTransitioning = "transitioning"
|
||||
ClusterFieldTransitioningMessage = "transitioningMessage"
|
||||
ClusterFieldUuid = "uuid"
|
||||
ClusterType = "cluster"
|
||||
ClusterFieldAPIEndpoint = "apiEndpoint"
|
||||
ClusterFieldAllocatable = "allocatable"
|
||||
ClusterFieldAnnotations = "annotations"
|
||||
ClusterFieldAzureKubernetesServiceConfig = "azureKubernetesServiceConfig"
|
||||
ClusterFieldCACert = "caCert"
|
||||
ClusterFieldCapacity = "capacity"
|
||||
ClusterFieldComponentStatuses = "componentStatuses"
|
||||
ClusterFieldConditions = "conditions"
|
||||
ClusterFieldCreated = "created"
|
||||
ClusterFieldDefaultPodSecurityPolicyTemplateId = "defaultPodSecurityPolicyTemplateId"
|
||||
ClusterFieldDescription = "description"
|
||||
ClusterFieldFinalizers = "finalizers"
|
||||
ClusterFieldGoogleKubernetesEngineConfig = "googleKubernetesEngineConfig"
|
||||
ClusterFieldInternal = "internal"
|
||||
ClusterFieldLabels = "labels"
|
||||
ClusterFieldLimits = "limits"
|
||||
ClusterFieldName = "name"
|
||||
ClusterFieldOwnerReferences = "ownerReferences"
|
||||
ClusterFieldRancherKubernetesEngineConfig = "rancherKubernetesEngineConfig"
|
||||
ClusterFieldRemoved = "removed"
|
||||
ClusterFieldRequested = "requested"
|
||||
ClusterFieldResourcePath = "resourcePath"
|
||||
ClusterFieldServiceAccountToken = "serviceAccountToken"
|
||||
ClusterFieldState = "state"
|
||||
ClusterFieldTransitioning = "transitioning"
|
||||
ClusterFieldTransitioningMessage = "transitioningMessage"
|
||||
ClusterFieldUuid = "uuid"
|
||||
)
|
||||
|
||||
type Cluster struct {
|
||||
types.Resource
|
||||
APIEndpoint string `json:"apiEndpoint,omitempty"`
|
||||
Allocatable map[string]string `json:"allocatable,omitempty"`
|
||||
Annotations map[string]string `json:"annotations,omitempty"`
|
||||
AzureKubernetesServiceConfig *AzureKubernetesServiceConfig `json:"azureKubernetesServiceConfig,omitempty"`
|
||||
CACert string `json:"caCert,omitempty"`
|
||||
Capacity map[string]string `json:"capacity,omitempty"`
|
||||
ComponentStatuses []ClusterComponentStatus `json:"componentStatuses,omitempty"`
|
||||
Conditions []ClusterCondition `json:"conditions,omitempty"`
|
||||
Created string `json:"created,omitempty"`
|
||||
Description string `json:"description,omitempty"`
|
||||
Finalizers []string `json:"finalizers,omitempty"`
|
||||
GoogleKubernetesEngineConfig *GoogleKubernetesEngineConfig `json:"googleKubernetesEngineConfig,omitempty"`
|
||||
Internal *bool `json:"internal,omitempty"`
|
||||
Labels map[string]string `json:"labels,omitempty"`
|
||||
Limits map[string]string `json:"limits,omitempty"`
|
||||
Name string `json:"name,omitempty"`
|
||||
OwnerReferences []OwnerReference `json:"ownerReferences,omitempty"`
|
||||
RancherKubernetesEngineConfig *RancherKubernetesEngineConfig `json:"rancherKubernetesEngineConfig,omitempty"`
|
||||
Removed string `json:"removed,omitempty"`
|
||||
Requested map[string]string `json:"requested,omitempty"`
|
||||
ResourcePath string `json:"resourcePath,omitempty"`
|
||||
ServiceAccountToken string `json:"serviceAccountToken,omitempty"`
|
||||
State string `json:"state,omitempty"`
|
||||
Transitioning string `json:"transitioning,omitempty"`
|
||||
TransitioningMessage string `json:"transitioningMessage,omitempty"`
|
||||
Uuid string `json:"uuid,omitempty"`
|
||||
APIEndpoint string `json:"apiEndpoint,omitempty"`
|
||||
Allocatable map[string]string `json:"allocatable,omitempty"`
|
||||
Annotations map[string]string `json:"annotations,omitempty"`
|
||||
AzureKubernetesServiceConfig *AzureKubernetesServiceConfig `json:"azureKubernetesServiceConfig,omitempty"`
|
||||
CACert string `json:"caCert,omitempty"`
|
||||
Capacity map[string]string `json:"capacity,omitempty"`
|
||||
ComponentStatuses []ClusterComponentStatus `json:"componentStatuses,omitempty"`
|
||||
Conditions []ClusterCondition `json:"conditions,omitempty"`
|
||||
Created string `json:"created,omitempty"`
|
||||
DefaultPodSecurityPolicyTemplateId string `json:"defaultPodSecurityPolicyTemplateId,omitempty"`
|
||||
Description string `json:"description,omitempty"`
|
||||
Finalizers []string `json:"finalizers,omitempty"`
|
||||
GoogleKubernetesEngineConfig *GoogleKubernetesEngineConfig `json:"googleKubernetesEngineConfig,omitempty"`
|
||||
Internal *bool `json:"internal,omitempty"`
|
||||
Labels map[string]string `json:"labels,omitempty"`
|
||||
Limits map[string]string `json:"limits,omitempty"`
|
||||
Name string `json:"name,omitempty"`
|
||||
OwnerReferences []OwnerReference `json:"ownerReferences,omitempty"`
|
||||
RancherKubernetesEngineConfig *RancherKubernetesEngineConfig `json:"rancherKubernetesEngineConfig,omitempty"`
|
||||
Removed string `json:"removed,omitempty"`
|
||||
Requested map[string]string `json:"requested,omitempty"`
|
||||
ResourcePath string `json:"resourcePath,omitempty"`
|
||||
ServiceAccountToken string `json:"serviceAccountToken,omitempty"`
|
||||
State string `json:"state,omitempty"`
|
||||
Transitioning string `json:"transitioning,omitempty"`
|
||||
TransitioningMessage string `json:"transitioningMessage,omitempty"`
|
||||
Uuid string `json:"uuid,omitempty"`
|
||||
}
|
||||
type ClusterCollection struct {
|
||||
types.Collection
|
||||
|
||||
@ -1,18 +1,20 @@
|
||||
package client
|
||||
|
||||
const (
|
||||
ClusterSpecType = "clusterSpec"
|
||||
ClusterSpecFieldAzureKubernetesServiceConfig = "azureKubernetesServiceConfig"
|
||||
ClusterSpecFieldDescription = "description"
|
||||
ClusterSpecFieldGoogleKubernetesEngineConfig = "googleKubernetesEngineConfig"
|
||||
ClusterSpecFieldInternal = "internal"
|
||||
ClusterSpecFieldRancherKubernetesEngineConfig = "rancherKubernetesEngineConfig"
|
||||
ClusterSpecType = "clusterSpec"
|
||||
ClusterSpecFieldAzureKubernetesServiceConfig = "azureKubernetesServiceConfig"
|
||||
ClusterSpecFieldDefaultPodSecurityPolicyTemplateId = "defaultPodSecurityPolicyTemplateId"
|
||||
ClusterSpecFieldDescription = "description"
|
||||
ClusterSpecFieldGoogleKubernetesEngineConfig = "googleKubernetesEngineConfig"
|
||||
ClusterSpecFieldInternal = "internal"
|
||||
ClusterSpecFieldRancherKubernetesEngineConfig = "rancherKubernetesEngineConfig"
|
||||
)
|
||||
|
||||
type ClusterSpec struct {
|
||||
AzureKubernetesServiceConfig *AzureKubernetesServiceConfig `json:"azureKubernetesServiceConfig,omitempty"`
|
||||
Description string `json:"description,omitempty"`
|
||||
GoogleKubernetesEngineConfig *GoogleKubernetesEngineConfig `json:"googleKubernetesEngineConfig,omitempty"`
|
||||
Internal *bool `json:"internal,omitempty"`
|
||||
RancherKubernetesEngineConfig *RancherKubernetesEngineConfig `json:"rancherKubernetesEngineConfig,omitempty"`
|
||||
AzureKubernetesServiceConfig *AzureKubernetesServiceConfig `json:"azureKubernetesServiceConfig,omitempty"`
|
||||
DefaultPodSecurityPolicyTemplateId string `json:"defaultPodSecurityPolicyTemplateId,omitempty"`
|
||||
Description string `json:"description,omitempty"`
|
||||
GoogleKubernetesEngineConfig *GoogleKubernetesEngineConfig `json:"googleKubernetesEngineConfig,omitempty"`
|
||||
Internal *bool `json:"internal,omitempty"`
|
||||
RancherKubernetesEngineConfig *RancherKubernetesEngineConfig `json:"rancherKubernetesEngineConfig,omitempty"`
|
||||
}
|
||||
|
||||
@ -5,33 +5,35 @@ import (
|
||||
)
|
||||
|
||||
const (
|
||||
ProjectType = "project"
|
||||
ProjectFieldAnnotations = "annotations"
|
||||
ProjectFieldClusterId = "clusterId"
|
||||
ProjectFieldCreated = "created"
|
||||
ProjectFieldFinalizers = "finalizers"
|
||||
ProjectFieldId = "id"
|
||||
ProjectFieldLabels = "labels"
|
||||
ProjectFieldName = "name"
|
||||
ProjectFieldOwnerReferences = "ownerReferences"
|
||||
ProjectFieldRemoved = "removed"
|
||||
ProjectFieldResourcePath = "resourcePath"
|
||||
ProjectFieldUuid = "uuid"
|
||||
ProjectType = "project"
|
||||
ProjectFieldAnnotations = "annotations"
|
||||
ProjectFieldClusterId = "clusterId"
|
||||
ProjectFieldCreated = "created"
|
||||
ProjectFieldFinalizers = "finalizers"
|
||||
ProjectFieldId = "id"
|
||||
ProjectFieldLabels = "labels"
|
||||
ProjectFieldName = "name"
|
||||
ProjectFieldOwnerReferences = "ownerReferences"
|
||||
ProjectFieldPodSecurityPolicyTemplateId = "podSecurityPolicyTemplateId"
|
||||
ProjectFieldRemoved = "removed"
|
||||
ProjectFieldResourcePath = "resourcePath"
|
||||
ProjectFieldUuid = "uuid"
|
||||
)
|
||||
|
||||
type Project struct {
|
||||
types.Resource
|
||||
Annotations map[string]string `json:"annotations,omitempty"`
|
||||
ClusterId string `json:"clusterId,omitempty"`
|
||||
Created string `json:"created,omitempty"`
|
||||
Finalizers []string `json:"finalizers,omitempty"`
|
||||
Id string `json:"id,omitempty"`
|
||||
Labels map[string]string `json:"labels,omitempty"`
|
||||
Name string `json:"name,omitempty"`
|
||||
OwnerReferences []OwnerReference `json:"ownerReferences,omitempty"`
|
||||
Removed string `json:"removed,omitempty"`
|
||||
ResourcePath string `json:"resourcePath,omitempty"`
|
||||
Uuid string `json:"uuid,omitempty"`
|
||||
Annotations map[string]string `json:"annotations,omitempty"`
|
||||
ClusterId string `json:"clusterId,omitempty"`
|
||||
Created string `json:"created,omitempty"`
|
||||
Finalizers []string `json:"finalizers,omitempty"`
|
||||
Id string `json:"id,omitempty"`
|
||||
Labels map[string]string `json:"labels,omitempty"`
|
||||
Name string `json:"name,omitempty"`
|
||||
OwnerReferences []OwnerReference `json:"ownerReferences,omitempty"`
|
||||
PodSecurityPolicyTemplateId string `json:"podSecurityPolicyTemplateId,omitempty"`
|
||||
Removed string `json:"removed,omitempty"`
|
||||
ResourcePath string `json:"resourcePath,omitempty"`
|
||||
Uuid string `json:"uuid,omitempty"`
|
||||
}
|
||||
type ProjectCollection struct {
|
||||
types.Collection
|
||||
|
||||
@ -1,12 +1,14 @@
|
||||
package client
|
||||
|
||||
const (
|
||||
ProjectSpecType = "projectSpec"
|
||||
ProjectSpecFieldClusterId = "clusterId"
|
||||
ProjectSpecFieldDisplayName = "displayName"
|
||||
ProjectSpecType = "projectSpec"
|
||||
ProjectSpecFieldClusterId = "clusterId"
|
||||
ProjectSpecFieldDisplayName = "displayName"
|
||||
ProjectSpecFieldPodSecurityPolicyTemplateId = "podSecurityPolicyTemplateId"
|
||||
)
|
||||
|
||||
type ProjectSpec struct {
|
||||
ClusterId string `json:"clusterId,omitempty"`
|
||||
DisplayName string `json:"displayName,omitempty"`
|
||||
ClusterId string `json:"clusterId,omitempty"`
|
||||
DisplayName string `json:"displayName,omitempty"`
|
||||
PodSecurityPolicyTemplateId string `json:"podSecurityPolicyTemplateId,omitempty"`
|
||||
}
|
||||
|
||||
@ -5,37 +5,35 @@ import (
|
||||
)
|
||||
|
||||
const (
|
||||
RoleTemplateType = "roleTemplate"
|
||||
RoleTemplateFieldAnnotations = "annotations"
|
||||
RoleTemplateFieldBuiltin = "builtin"
|
||||
RoleTemplateFieldCreated = "created"
|
||||
RoleTemplateFieldFinalizers = "finalizers"
|
||||
RoleTemplateFieldLabels = "labels"
|
||||
RoleTemplateFieldName = "name"
|
||||
RoleTemplateFieldOwnerReferences = "ownerReferences"
|
||||
RoleTemplateFieldPodSecurityPolicyTemplateIds = "podSecurityPolicyTemplateIds"
|
||||
RoleTemplateFieldRemoved = "removed"
|
||||
RoleTemplateFieldResourcePath = "resourcePath"
|
||||
RoleTemplateFieldRoleTemplateIds = "roleTemplateIds"
|
||||
RoleTemplateFieldRules = "rules"
|
||||
RoleTemplateFieldUuid = "uuid"
|
||||
RoleTemplateType = "roleTemplate"
|
||||
RoleTemplateFieldAnnotations = "annotations"
|
||||
RoleTemplateFieldBuiltin = "builtin"
|
||||
RoleTemplateFieldCreated = "created"
|
||||
RoleTemplateFieldFinalizers = "finalizers"
|
||||
RoleTemplateFieldLabels = "labels"
|
||||
RoleTemplateFieldName = "name"
|
||||
RoleTemplateFieldOwnerReferences = "ownerReferences"
|
||||
RoleTemplateFieldRemoved = "removed"
|
||||
RoleTemplateFieldResourcePath = "resourcePath"
|
||||
RoleTemplateFieldRoleTemplateIds = "roleTemplateIds"
|
||||
RoleTemplateFieldRules = "rules"
|
||||
RoleTemplateFieldUuid = "uuid"
|
||||
)
|
||||
|
||||
type RoleTemplate struct {
|
||||
types.Resource
|
||||
Annotations map[string]string `json:"annotations,omitempty"`
|
||||
Builtin *bool `json:"builtin,omitempty"`
|
||||
Created string `json:"created,omitempty"`
|
||||
Finalizers []string `json:"finalizers,omitempty"`
|
||||
Labels map[string]string `json:"labels,omitempty"`
|
||||
Name string `json:"name,omitempty"`
|
||||
OwnerReferences []OwnerReference `json:"ownerReferences,omitempty"`
|
||||
PodSecurityPolicyTemplateIds []string `json:"podSecurityPolicyTemplateIds,omitempty"`
|
||||
Removed string `json:"removed,omitempty"`
|
||||
ResourcePath string `json:"resourcePath,omitempty"`
|
||||
RoleTemplateIds []string `json:"roleTemplateIds,omitempty"`
|
||||
Rules []PolicyRule `json:"rules,omitempty"`
|
||||
Uuid string `json:"uuid,omitempty"`
|
||||
Annotations map[string]string `json:"annotations,omitempty"`
|
||||
Builtin *bool `json:"builtin,omitempty"`
|
||||
Created string `json:"created,omitempty"`
|
||||
Finalizers []string `json:"finalizers,omitempty"`
|
||||
Labels map[string]string `json:"labels,omitempty"`
|
||||
Name string `json:"name,omitempty"`
|
||||
OwnerReferences []OwnerReference `json:"ownerReferences,omitempty"`
|
||||
Removed string `json:"removed,omitempty"`
|
||||
ResourcePath string `json:"resourcePath,omitempty"`
|
||||
RoleTemplateIds []string `json:"roleTemplateIds,omitempty"`
|
||||
Rules []PolicyRule `json:"rules,omitempty"`
|
||||
Uuid string `json:"uuid,omitempty"`
|
||||
}
|
||||
type RoleTemplateCollection struct {
|
||||
types.Collection
|
||||
|
||||
Loading…
Reference in New Issue
Block a user