login record CRD (#2565)
* Signed-off-by: hongming <talonwan@yunify.com> support ldap identity provider Signed-off-by: hongming <talonwan@yunify.com> * add login record Signed-off-by: Jeff <zw0948@gmail.com> Co-authored-by: hongming <talonwan@yunify.com>
This commit is contained in:
zryfish
@@ -51,6 +51,8 @@ func addKnownTypes(scheme *runtime.Scheme) error {
|
||||
scheme.AddKnownTypes(SchemeGroupVersion,
|
||||
&User{},
|
||||
&UserList{},
|
||||
&LoginRecord{},
|
||||
&LoginRecordList{},
|
||||
&GlobalRole{},
|
||||
&GlobalRoleList{},
|
||||
&GlobalRoleBinding{},
|
||||
|
||||
@@ -26,6 +26,9 @@ const (
|
||||
ResourceKindUser = "User"
|
||||
ResourcesSingularUser = "user"
|
||||
ResourcesPluralUser = "users"
|
||||
ResourceKindLoginRecord = "LoginRecord"
|
||||
ResourcesSingularLoginRecord = "loginrecord"
|
||||
ResourcesPluralLoginRecord = "loginrecords"
|
||||
ResourceKindGlobalRoleBinding = "GlobalRoleBinding"
|
||||
ResourcesSingularGlobalRoleBinding = "globalrolebinding"
|
||||
ResourcesPluralGlobalRoleBinding = "globalrolebindings"
|
||||
@@ -119,6 +122,13 @@ const (
|
||||
UserActive UserState = "Active"
|
||||
// UserDisabled means the user is disabled.
|
||||
UserDisabled UserState = "Disabled"
|
||||
// UserDisabled means the user is disabled.
|
||||
UserAuthLimitExceeded UserState = "AuthLimitExceeded"
|
||||
|
||||
LoginFailure LoginRecordType = "LoginFailure"
|
||||
LoginSuccess LoginRecordType = "LoginSuccess"
|
||||
|
||||
AuthenticatedSuccessfully = "authenticated successfully"
|
||||
)
|
||||
|
||||
// UserStatus defines the observed state of User
|
||||
@@ -126,43 +136,12 @@ type UserStatus struct {
|
||||
// The user status
|
||||
// +optional
|
||||
State UserState `json:"state,omitempty"`
|
||||
// Represents the latest available observations of a user's current state.
|
||||
// +optional
|
||||
Conditions []UserCondition `json:"conditions,omitempty"`
|
||||
}
|
||||
|
||||
type UserCondition struct {
|
||||
// Type of user controller condition.
|
||||
Type UserConditionType `json:"type"`
|
||||
// Status of the condition, one of True, False, Unknown.
|
||||
Status ConditionStatus `json:"status"`
|
||||
// +optional
|
||||
LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
|
||||
// +optional
|
||||
Reason string `json:"reason,omitempty"`
|
||||
// +optional
|
||||
Message string `json:"message,omitempty"`
|
||||
LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"`
|
||||
}
|
||||
|
||||
type UserConditionType string
|
||||
|
||||
// These are valid conditions of a user.
|
||||
const (
|
||||
// UserLoginFailure contains information about user login.
|
||||
LoginFailure UserConditionType = "LoginFailure"
|
||||
)
|
||||
|
||||
type ConditionStatus string
|
||||
|
||||
// These are valid condition statuses. "ConditionTrue" means a resource is in the condition.
|
||||
// "ConditionFalse" means a resource is not in the condition. "ConditionUnknown" means kubernetes
|
||||
// can't decide if a resource is in the condition or not. In the future, we could add other
|
||||
// intermediate conditions, e.g. ConditionDegraded.
|
||||
const (
|
||||
ConditionTrue ConditionStatus = "True"
|
||||
ConditionFalse ConditionStatus = "False"
|
||||
)
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
||||
// UserList contains a list of User
|
||||
@@ -306,3 +285,33 @@ type RoleBaseList struct {
|
||||
metav1.ListMeta `json:"metadata,omitempty"`
|
||||
Items []RoleBase `json:"items"`
|
||||
}
|
||||
|
||||
// +genclient
|
||||
// +genclient:nonNamespaced
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
// +kubebuilder:printcolumn:name="Type",type="string",JSONPath=".spec.type"
|
||||
// +kubebuilder:printcolumn:name="Reason",type="string",JSONPath=".status.reason"
|
||||
// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
|
||||
// +kubebuilder:resource:categories="iam",scope="Cluster"
|
||||
type LoginRecord struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ObjectMeta `json:"metadata,omitempty"`
|
||||
Spec LoginRecordSpec `json:"spec"`
|
||||
}
|
||||
|
||||
type LoginRecordSpec struct {
|
||||
SourceIP string `json:"sourceIP"`
|
||||
Type LoginRecordType `json:"type"`
|
||||
Reason string `json:"reason"`
|
||||
}
|
||||
|
||||
type LoginRecordType string
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
||||
// LoginRecordList contains a list of LoginRecord
|
||||
type LoginRecordList struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ListMeta `json:"metadata,omitempty"`
|
||||
Items []LoginRecord `json:"items"`
|
||||
}
|
||||
|
||||
98
pkg/apis/iam/v1alpha2/zz_generated.deepcopy.go
generated
98
pkg/apis/iam/v1alpha2/zz_generated.deepcopy.go
generated
@@ -294,6 +294,79 @@ func (in *GlobalRoleList) DeepCopyObject() runtime.Object {
|
||||
return nil
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *LoginRecord) DeepCopyInto(out *LoginRecord) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
out.Spec = in.Spec
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoginRecord.
|
||||
func (in *LoginRecord) DeepCopy() *LoginRecord {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(LoginRecord)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||
func (in *LoginRecord) DeepCopyObject() runtime.Object {
|
||||
if c := in.DeepCopy(); c != nil {
|
||||
return c
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *LoginRecordList) DeepCopyInto(out *LoginRecordList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
in, out := &in.Items, &out.Items
|
||||
*out = make([]LoginRecord, len(*in))
|
||||
for i := range *in {
|
||||
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoginRecordList.
|
||||
func (in *LoginRecordList) DeepCopy() *LoginRecordList {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(LoginRecordList)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||
func (in *LoginRecordList) DeepCopyObject() runtime.Object {
|
||||
if c := in.DeepCopy(); c != nil {
|
||||
return c
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *LoginRecordSpec) DeepCopyInto(out *LoginRecordSpec) {
|
||||
*out = *in
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoginRecordSpec.
|
||||
func (in *LoginRecordSpec) DeepCopy() *LoginRecordSpec {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(LoginRecordSpec)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *Placement) DeepCopyInto(out *Placement) {
|
||||
*out = *in
|
||||
@@ -445,22 +518,6 @@ func (in *User) DeepCopyObject() runtime.Object {
|
||||
return nil
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *UserCondition) DeepCopyInto(out *UserCondition) {
|
||||
*out = *in
|
||||
in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime)
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserCondition.
|
||||
func (in *UserCondition) DeepCopy() *UserCondition {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(UserCondition)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *UserList) DeepCopyInto(out *UserList) {
|
||||
*out = *in
|
||||
@@ -516,12 +573,9 @@ func (in *UserSpec) DeepCopy() *UserSpec {
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *UserStatus) DeepCopyInto(out *UserStatus) {
|
||||
*out = *in
|
||||
if in.Conditions != nil {
|
||||
in, out := &in.Conditions, &out.Conditions
|
||||
*out = make([]UserCondition, len(*in))
|
||||
for i := range *in {
|
||||
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||
}
|
||||
if in.LastTransitionTime != nil {
|
||||
in, out := &in.LastTransitionTime, &out.LastTransitionTime
|
||||
*out = (*in).DeepCopy()
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user