admin/kubesphere
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add cluster api group (#1992)

Browse Source
This commit is contained in:
zryfish
2020-04-07 19:33:45 +08:00
committed by GitHub
parent 3c73471f79
commit cfaeb10dc6
57 changed files with 22388 additions and 229 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
Makefile
View File

@@ -83,6 +83,7 @@ openapi:
go run ./vendor/k8s.io/kube-openapi/cmd/openapi-gen/openapi-gen.go -O openapi_generated -i ./vendor/k8s.io/apimachinery/pkg/apis/meta/v1,./pkg/apis/servicemesh/v1alpha2 -p kubesphere.io/kubesphere/pkg/apis/servicemesh/v1alpha2 -h ./hack/boilerplate.go.txt --report-filename ./api/api-rules/violation_exceptions.list
go run ./vendor/k8s.io/kube-openapi/cmd/openapi-gen/openapi-gen.go -O openapi_generated -i ./vendor/k8s.io/api/networking/v1,./vendor/k8s.io/apimachinery/pkg/apis/meta/v1,./vendor/k8s.io/apimachinery/pkg/util/intstr,./pkg/apis/network/v1alpha1 -p kubesphere.io/kubesphere/pkg/apis/network/v1alpha1 -h ./hack/boilerplate.go.txt --report-filename ./api/api-rules/violation_exceptions.list
go run ./vendor/k8s.io/kube-openapi/cmd/openapi-gen/openapi-gen.go -O openapi_generated -i ./vendor/k8s.io/apimachinery/pkg/apis/meta/v1,./pkg/apis/devops/v1alpha1,./vendor/k8s.io/apimachinery/pkg/runtime,./vendor/k8s.io/api/core/v1 -p kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1 -h ./hack/boilerplate.go.txt --report-filename ./api/api-rules/violation_exceptions.list
go run ./vendor/k8s.io/kube-openapi/cmd/openapi-gen/openapi-gen.go -O openapi_generated -i ./vendor/k8s.io/apimachinery/pkg/apis/meta/v1,./pkg/apis/cluster/v1alpha1,./vendor/k8s.io/apimachinery/pkg/runtime,./vendor/k8s.io/api/core/v1 -p kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1 -h ./hack/boilerplate.go.txt --report-filename ./api/api-rules/violation_exceptions.list
go run ./tools/cmd/crd-doc-gen/main.go
# Build the docker image
docker-build: all

38
api/api-rules/violation_exceptions.list
View File

@@ -141,27 +141,10 @@ API rule violation: list_type_missing,k8s.io/apimachinery/pkg/apis/meta/v1,Table
API rule violation: list_type_missing,k8s.io/apimachinery/pkg/apis/meta/v1,UpdateOptions,DryRun
API rule violation: list_type_missing,k8s.io/apimachinery/pkg/runtime,RawExtension,Raw
API rule violation: list_type_missing,k8s.io/apimachinery/pkg/runtime,Unknown,Raw
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,ContainerConfig,Env
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,ContainerInfo,BuildVolumes
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,ContainerInfo,RuntimeArtifacts
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,Parameter,OptValues
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iAutoScale,Containers
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iBinaryList,Items
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iBuildResult,ImageRepoTags
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iBuilderList,Items
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iBuilderTemplateList,Items
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iBuilderTemplateSpec,ContainerInfo
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iBuilderTemplateSpec,Parameters
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iConfig,AddHost
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iConfig,BuildVolumes
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iConfig,DropCapabilities
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iConfig,Environment
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iConfig,Injections
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iConfig,NodeAffinityValues
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iConfig,RuntimeArtifacts
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iConfig,SecurityOpt
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iRunList,Items
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,UserDefineTemplate,Parameters
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1,AgentList,Items
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1,AgentStatus,Conditions
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1,AgentStatus,KubeConfig
API rule violation: list_type_missing,kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1,ClusterList,Items
API rule violation: names_match,k8s.io/api/core/v1,AzureDiskVolumeSource,DataDiskURI
API rule violation: names_match,k8s.io/api/core/v1,ContainerStatus,LastTerminationState
API rule violation: names_match,k8s.io/api/core/v1,DaemonEndpoint,Port
@@ -198,13 +181,6 @@ API rule violation: names_match,k8s.io/apimachinery/pkg/apis/meta/v1,Time,Time
API rule violation: names_match,k8s.io/apimachinery/pkg/runtime,Unknown,ContentEncoding
API rule violation: names_match,k8s.io/apimachinery/pkg/runtime,Unknown,ContentType
API rule violation: names_match,k8s.io/apimachinery/pkg/runtime,Unknown,Raw
API rule violation: names_match,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,ContainerConfig,Env
API rule violation: names_match,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,ContainerConfig,Labels
API rule violation: names_match,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,DockerConfig,Endpoint
API rule violation: names_match,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iBinarySpec,MD5
API rule violation: names_match,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iBuilderTemplateSpec,Parameters
API rule violation: names_match,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iConfig,CGroupLimits
API rule violation: names_match,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iConfig,CallbackURL
API rule violation: names_match,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iConfig,ImageScriptsURL
API rule violation: names_match,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iConfig,ScriptsURL
API rule violation: names_match,kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1,S2iConfig,SourceURL
API rule violation: names_match,kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1,AgentSpec,KubeSphereAPIServerPort
API rule violation: names_match,kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1,AgentSpec,Paused
API rule violation: names_match,kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1,AgentStatus,KubeConfig

2205
api/openapi-spec/swagger.json
View File

File diff suppressed because it is too large Load Diff

109
config/crd/bases/cluster.kubesphere.io_agents.yaml Normal file
View File

@@ -0,0 +1,109 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: (devel)
creationTimestamp: null
name: agents.cluster.kubesphere.io
spec:
group: cluster.kubesphere.io
names:
kind: Agent
listKind: AgentList
plural: agents
singular: agent
scope: Namespaced
validation:
openAPIV3Schema:
description: Agent is the Schema for the agents API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: AgentSpec defines the desired state of Agent
properties:
kubernetesAPIServerPort:
description: KubeAPIServerPort is the port which listens for forwarding
kube-apiserver traffic
type: integer
kubesphereAPIServerPort:
description: KubeSphereAPIServerPort is the port which listens for forwarding
kubesphere apigateway traffic
type: integer
paused:
description: Indicates that the agent is paused.
type: boolean
proxy:
description: Proxy address
type: string
token:
description: Token used by agents to connect to proxy.
type: string
type: object
status:
description: AgentStatus defines the observed state of Agent
properties:
conditions:
description: Represents the latest available observations of a agent's
current state.
items:
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
lastUpdateTime:
description: The last time this condition was updated.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of AgentCondition
type: string
required:
- status
type: object
type: array
kubeconfig:
description: Issued new kubeconfig by proxy server
format: byte
type: string
ping:
description: Represents the connection quality, in ms
format: int64
type: integer
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

81
config/crd/bases/cluster.kubesphere.io_clusters.yaml Normal file
View File

@@ -0,0 +1,81 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: (devel)
creationTimestamp: null
name: clusters.cluster.kubesphere.io
spec:
group: cluster.kubesphere.io
names:
kind: Cluster
listKind: ClusterList
plural: clusters
singular: cluster
scope: Namespaced
validation:
openAPIV3Schema:
description: Cluster is the schema for the clusters API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
active:
description: Desired state of the cluster
type: boolean
federated:
description: Join cluster as kubefed cluster
type: boolean
type: object
status:
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status to
another.
format: date-time
type: string
lastUpdateTime:
description: The last time this condition was updated.
format: date-time
type: string
message:
description: A human readable message indicating details about the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of the condition
type: string
required:
- status
- type
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

86
config/crd/bases/devops.kubesphere.io_s2ibinaries.yaml Normal file
View File

@@ -0,0 +1,86 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: (devel)
creationTimestamp: null
name: s2ibinaries.devops.kubesphere.io
spec:
additionalPrinterColumns:
- JSONPath: .spec.fileName
name: FileName
type: string
- JSONPath: .spec.md5
name: MD5
type: string
- JSONPath: .spec.size
name: Size
type: string
- JSONPath: .status.phase
name: Phase
type: string
group: devops.kubesphere.io
names:
kind: S2iBinary
listKind: S2iBinaryList
plural: s2ibinaries
singular: s2ibinary
scope: Namespaced
subresources: {}
validation:
openAPIV3Schema:
description: S2iBinary is the Schema for the s2ibinaries API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: S2iBinarySpec defines the desired state of S2iBinary
properties:
downloadURL:
description: DownloadURL in KubeSphere
type: string
fileName:
description: FileName is filename of binary
type: string
md5:
description: MD5 is Binary's MD5 Hash
type: string
size:
description: Size is the file size of file
type: string
uploadTimeStamp:
description: UploadTime is last upload time
format: date-time
type: string
type: object
status:
description: S2iBinaryStatus defines the observed state of S2iBinary
properties:
phase:
description: Phase is status of S2iBinary . Possible value is "Ready","UnableToDownload"
type: string
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

578
config/crd/bases/devops.kubesphere.io_s2ibuilders.yaml Normal file
View File

@@ -0,0 +1,578 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: (devel)
creationTimestamp: null
name: s2ibuilders.devops.kubesphere.io
spec:
additionalPrinterColumns:
- JSONPath: .status.runCount
name: RunCount
type: integer
- JSONPath: .status.lastRunState
name: LastRunState
type: string
- JSONPath: .status.lastRunName
name: LastRunName
type: string
- JSONPath: .status.lastRunStartTime
name: LastRunStartTime
type: date
group: devops.kubesphere.io
names:
kind: S2iBuilder
listKind: S2iBuilderList
plural: s2ibuilders
shortNames:
- s2ib
singular: s2ibuilder
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
description: S2iBuilder is the Schema for the s2ibuilders API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: S2iBuilderSpec defines the desired state of S2iBuilder
properties:
config:
description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
Important: Run "make" to regenerate code after modifying this file'
properties:
addHost:
description: AddHost Add a line to /etc/hosts for test purpose or
private use in LAN. Its format is host:IP,muliple hosts can be
added by using multiple --add-host
items:
type: string
type: array
asDockerfile:
description: AsDockerfile indicates the path where the Dockerfile
should be written instead of building a new image.
type: string
assembleUser:
description: AssembleUser specifies the user to run the assemble
script in container
type: string
blockOnBuild:
description: BlockOnBuild prevents s2i from performing a docker
build operation if one is necessary to execute ONBUILD commands,
or to layer source code into the container for images that don't
have a tar binary available, if the image contains ONBUILD commands
that would be executed.
type: boolean
branchExpression:
description: Regular expressions, ignoring names that do not match
the provided regular expression
type: string
buildVolumes:
description: BuildVolumes specifies a list of volumes to mount to
container running the build.
items:
type: string
type: array
builderBaseImageVersion:
description: BuilderBaseImageVersion provides optional version information
about the builder base image.
type: string
builderImage:
description: BuilderImage describes which image is used for building
the result images.
type: string
builderImageVersion:
description: BuilderImageVersion provides optional version information
about the builder image.
type: string
builderPullPolicy:
description: BuilderPullPolicy specifies when to pull the builder
image
type: string
callbackUrl:
description: CallbackURL is a URL which is called upon successful
build to inform about that fact.
type: string
cgroupLimits:
description: CGroupLimits describes the cgroups limits that will
be applied to any containers run by s2i.
properties:
cpuPeriod:
format: int64
type: integer
cpuQuota:
format: int64
type: integer
cpuShares:
format: int64
type: integer
memoryLimitBytes:
format: int64
type: integer
memorySwap:
format: int64
type: integer
parent:
type: string
required:
- cpuPeriod
- cpuQuota
- cpuShares
- memoryLimitBytes
- memorySwap
- parent
type: object
contextDir:
description: Specify a relative directory inside the application
repository that should be used as a root directory for the application.
type: string
description:
description: Description is a result image description label. The
default is no description.
type: string
destination:
description: Destination specifies a location where the untar operation
will place its artifacts.
type: string
displayName:
description: DisplayName is a result image display-name label. This
defaults to the output image name.
type: string
dockerConfig:
description: DockerConfig describes how to access host docker daemon.
properties:
caFile:
description: CAFile is the certificate authority file path for
a TLS connection
type: string
certFile:
description: CertFile is the certificate file path for a TLS
connection
type: string
endPoint:
description: Endpoint is the docker network endpoint or socket
type: string
keyFile:
description: KeyFile is the key file path for a TLS connection
type: string
tlsVerify:
description: TLSVerify indicates if TLS peer must be verified
type: boolean
useTLS:
description: UseTLS indicates if TLS must be used
type: boolean
required:
- caFile
- certFile
- endPoint
- keyFile
- tlsVerify
- useTLS
type: object
dockerNetworkMode:
description: DockerNetworkMode is used to set the docker network
setting to --net=container:<id> when the builder is invoked from
a container.
type: string
dropCapabilities:
description: DropCapabilities contains a list of capabilities to
drop when executing containers
items:
type: string
type: array
environment:
description: Environment is a map of environment variables to be
passed to the image.
items:
description: EnvironmentSpec specifies a single environment variable.
properties:
name:
type: string
value:
type: string
required:
- name
- value
type: object
type: array
excludeRegExp:
description: ExcludeRegExp contains a string representation of the
regular expression desired for deciding which files to exclude
from the tar stream
type: string
export:
description: Export Push the result image to specify image registry
in tag
type: boolean
gitSecretRef:
description: GitSecretRef is the BasicAuth Secret of Git Clone
properties:
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
type: object
hasOnBuild:
description: HasOnBuild will be set to true if the builder image
contains ONBUILD instructions
type: boolean
imageName:
description: ImageName Contains the registry address and reponame,
tag should set by field tag alone
type: string
imageScriptsUrl:
description: ImageScriptsURL is the default location to find the
assemble/run scripts for a builder image. This url can be a reference
within the builder image if the scheme is specified as image://
type: string
imageWorkDir:
description: ImageWorkDir is the default working directory for the
builder image.
type: string
incremental:
description: Incremental describes whether to try to perform incremental
build.
type: boolean
incrementalAuthentication:
description: IncrementalAuthentication holds the authentication
information for pulling the previous image from private repositories
properties:
email:
type: string
password:
type: string
secretRef:
description: LocalObjectReference contains enough information
to let you locate the referenced object inside the same namespace.
properties:
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
type: object
serverAddress:
type: string
username:
type: string
type: object
incrementalFromTag:
description: IncrementalFromTag sets an alternative image tag to
look for existing artifacts. Tag is used by default if this is
not set.
type: string
injections:
description: Injections specifies a list source/destination folders
that are injected to the container that runs assemble. All files
we inject will be truncated after the assemble script finishes.
items:
description: VolumeSpec represents a single volume mount point.
properties:
destination:
description: Destination is the path to mount the volume to
- absolute or relative.
type: string
keep:
description: Keep indicates if the mounted data should be
kept in the final image.
type: boolean
source:
description: Source is a reference to the volume source.
type: string
type: object
type: array
isBinaryURL:
description: IsBinaryURL explain the type of SourceURL. If it is
IsBinaryURL, it will download the file directly without using
git.
type: boolean
keepSymlinks:
description: KeepSymlinks indicates to copy symlinks as symlinks.
Default behavior is to follow symlinks and copy files by content.
type: boolean
labelNamespace:
description: LabelNamespace provides the namespace under which the
labels will be generated.
type: string
labels:
additionalProperties:
type: string
description: Labels specify labels and their values to be applied
to the resulting image. Label keys must have non-zero length.
The labels defined here override generated labels in case they
have the same name.
type: object
layeredBuild:
description: LayeredBuild describes if this is build which layered
scripts and sources on top of BuilderImage.
type: boolean
nodeAffinityKey:
description: The key of Node Affinity.
type: string
nodeAffinityValues:
description: The values of Node Affinity.
items:
type: string
type: array
outputBuildResult:
description: Whether output build result to status.
type: boolean
outputImageName:
description: OutputImageName is a result image name without tag,
default is latest. tag will append to ImageName in the end
type: string
preserveWorkingDir:
description: PreserveWorkingDir describes if working directory should
be left after processing.
type: boolean
previousImagePullPolicy:
description: PreviousImagePullPolicy specifies when to pull the
previously build image when doing incremental build
type: string
pullAuthentication:
description: PullAuthentication holds the authentication information
for pulling the Docker images from private repositories
properties:
email:
type: string
password:
type: string
secretRef:
description: LocalObjectReference contains enough information
to let you locate the referenced object inside the same namespace.
properties:
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
type: object
serverAddress:
type: string
username:
type: string
type: object
pushAuthentication:
description: PullAuthentication holds the authentication information
for pulling the Docker images from private repositories
properties:
email:
type: string
password:
type: string
secretRef:
description: LocalObjectReference contains enough information
to let you locate the referenced object inside the same namespace.
properties:
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
type: object
serverAddress:
type: string
username:
type: string
type: object
removePreviousImage:
description: RemovePreviousImage describes if previous image should
be removed after successful build. This applies only to incremental
builds.
type: boolean
revisionId:
description: The RevisionId is a branch name or a SHA-1 hash of
every important thing about the commit
type: string
runImage:
description: RunImage will trigger a "docker run ..." invocation
of the produced image so the user can see if it operates as he
would expect
type: boolean
runtimeArtifacts:
description: RuntimeArtifacts specifies a list of source/destination
pairs that will be copied from builder to a runtime image. Source
can be a file or directory. Destination must be a directory. Regardless
whether it is an absolute or relative path, it will be placed
into image's WORKDIR. Destination also can be empty or equals
to ".", in this case it just refers to a root of WORKDIR. In case
it's empty, S2I will try to get this list from io.openshift.s2i.assemble-input-files
label on a RuntimeImage.
items:
description: VolumeSpec represents a single volume mount point.
properties:
destination:
description: Destination is the path to mount the volume to
- absolute or relative.
type: string
keep:
description: Keep indicates if the mounted data should be
kept in the final image.
type: boolean
source:
description: Source is a reference to the volume source.
type: string
type: object
type: array
runtimeAuthentication:
description: RuntimeAuthentication holds the authentication information
for pulling the runtime Docker images from private repositories.
properties:
email:
type: string
password:
type: string
secretRef:
description: LocalObjectReference contains enough information
to let you locate the referenced object inside the same namespace.
properties:
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
type: object
serverAddress:
type: string
username:
type: string
type: object
runtimeImage:
description: RuntimeImage specifies the image that will be a base
for resulting image and will be used for running an application.
By default, BuilderImage is used for building and running, but
the latter may be overridden.
type: string
runtimeImagePullPolicy:
description: RuntimeImagePullPolicy specifies when to pull a runtime
image.
type: string
scriptDownloadProxyConfig:
description: ScriptDownloadProxyConfig optionally specifies the
http and https proxy to use when downloading scripts
properties:
httpProxy:
type: string
httpsProxy:
type: string
type: object
scriptsUrl:
description: ScriptsURL is a URL describing where to fetch the S2I
scripts from during build process. This url can be a reference
within the builder image if the scheme is specified as image://
type: string
secretCode:
description: SecretCode
type: string
securityOpt:
description: SecurityOpt are passed as options to the docker containers
launched by s2i.
items:
type: string
type: array
sourceUrl:
description: SourceURL is url of the codes such as https://github.com/a/b.git
type: string
tag:
description: Tag is a result image tag name.
type: string
taintKey:
description: The name of taint.
type: string
usage:
description: Usage allows for properly shortcircuiting s2i logic
when `s2i usage` is invoked
type: boolean
workingDir:
description: WorkingDir describes temporary directory used for downloading
sources, scripts and tar operations.
type: string
workingSourceDir:
description: WorkingSourceDir describes the subdirectory off of
WorkingDir set up during the repo download that is later used
as the root for ignore processing
type: string
required:
- imageName
- sourceUrl
type: object
fromTemplate:
description: FromTemplate define some inputs from user
properties:
builderImage:
description: BaseImage specify which version of this template to
use
type: string
name:
description: Name specify a template to use, so many fields in Config
can left empty
type: string
parameters:
description: Parameters must use with `template`, fill some parameters
which template will use
items:
properties:
defaultValue:
type: string
description:
type: string
key:
type: string
optValues:
items:
type: string
type: array
required:
type: boolean
type:
type: string
value:
type: string
type: object
type: array
type: object
type: object
status:
description: S2iBuilderStatus defines the observed state of S2iBuilder
properties:
lastRunName:
description: LastRunState return the name of the newest run of this
builder
type: string
lastRunStartTime:
description: LastRunStartTime return the startTime of the newest run
of this builder
format: date-time
type: string
lastRunState:
description: LastRunState return the state of the newest run of this
builder
type: string
runCount:
description: RunCount represent the sum of s2irun of this builder
type: integer
required:
- runCount
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

141
config/crd/bases/devops.kubesphere.io_s2ibuildertemplates.yaml Normal file
View File

@@ -0,0 +1,141 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: (devel)
creationTimestamp: null
name: s2ibuildertemplates.devops.kubesphere.io
spec:
additionalPrinterColumns:
- JSONPath: .spec.codeFramework
name: Framework
type: string
- JSONPath: .spec.defaultBaseImage
name: DefaultBaseImage
type: string
- JSONPath: .spec.version
name: Version
type: string
group: devops.kubesphere.io
names:
categories:
- devops
kind: S2iBuilderTemplate
listKind: S2iBuilderTemplateList
plural: s2ibuildertemplates
shortNames:
- s2ibt
singular: s2ibuildertemplate
scope: Cluster
subresources: {}
validation:
openAPIV3Schema:
description: S2iBuilderTemplate is the Schema for the s2ibuildertemplates API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: S2iBuilderTemplateSpec defines the desired state of S2iBuilderTemplate
properties:
codeFramework:
description: CodeFramework means which language this template is designed
for and which framework is using if has framework. Like Java, NodeJS
etc
type: string
containerInfo:
description: Images are the images this template will use.
items:
properties:
buildVolumes:
description: BuildVolumes specifies a list of volumes to mount
to container running the build.
items:
type: string
type: array
builderImage:
description: BaseImage are the images this template will use.
type: string
runtimeArtifacts:
items:
description: VolumeSpec represents a single volume mount point.
properties:
destination:
description: Destination is the path to mount the volume
to - absolute or relative.
type: string
keep:
description: Keep indicates if the mounted data should be
kept in the final image.
type: boolean
source:
description: Source is a reference to the volume source.
type: string
type: object
type: array
runtimeImage:
type: string
type: object
type: array
defaultBaseImage:
description: DefaultBaseImage is the image that will be used by default
type: string
description:
description: Description illustrate the purpose of this template
type: string
environment:
description: Parameters is a set of environment variables to be passed
to the image.
items:
properties:
defaultValue:
type: string
description:
type: string
key:
type: string
optValues:
items:
type: string
type: array
required:
type: boolean
type:
type: string
value:
type: string
type: object
type: array
iconPath:
description: IconPath is used for frontend display
type: string
version:
description: Version of template
type: string
type: object
status:
description: S2iBuilderTemplateStatus defines the observed state of S2iBuilderTemplate
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

181
config/crd/bases/devops.kubesphere.io_s2iruns.yaml Normal file
View File

@@ -0,0 +1,181 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: (devel)
creationTimestamp: null
name: s2iruns.devops.kubesphere.io
spec:
additionalPrinterColumns:
- JSONPath: .status.runState
name: State
type: string
- JSONPath: .status.kubernetesJobName
name: K8sJobName
type: string
- JSONPath: .status.startTime
name: StartTime
type: date
- JSONPath: .status.completionTime
name: CompletionTime
type: date
- JSONPath: .status.s2iBuildResult.imageName
name: ImageName
type: string
group: devops.kubesphere.io
names:
kind: S2iRun
listKind: S2iRunList
plural: s2iruns
shortNames:
- s2ir
singular: s2irun
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
description: S2iRun is the Schema for the s2iruns API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: S2iRunSpec defines the desired state of S2iRun
properties:
backoffLimit:
description: BackoffLimit limits the restart count of each s2irun. Default
is 0
format: int32
type: integer
builderName:
description: BuilderName specify the name of s2ibuilder, required
type: string
newRevisionId:
description: NewRevisionId override the default NewRevisionId in its
s2ibuilder.
type: string
newSourceURL:
description: NewSourceURL is used to download new binary artifacts
type: string
newTag:
description: NewTag override the default tag in its s2ibuilder, image
name cannot be changed.
type: string
secondsAfterFinished:
description: SecondsAfterFinished if is set and greater than zero, and
the job created by s2irun become successful or failed , the job will
be auto deleted after SecondsAfterFinished
format: int32
type: integer
required:
- builderName
type: object
status:
description: S2iRunStatus defines the observed state of S2iRun
properties:
completionTime:
description: Represents time when the job was completed. It is not guaranteed
to be set in happens-before order across separate operations. It is
represented in RFC3339 form and is in UTC.
format: date-time
type: string
kubernetesJobName:
description: KubernetesJobName is the job name in k8s
type: string
logURL:
description: LogURL is uesd for external log handler to let user know
where is log located in
type: string
runState:
description: RunState indicates whether this job is done or failed
type: string
s2iBuildResult:
description: S2i build result info.
properties:
commandPull:
description: Command for pull image.
type: string
imageCreated:
description: Image created time.
type: string
imageID:
description: Image ID.
type: string
imageName:
description: ImageName is the name of artifact
type: string
imageRepoTags:
description: image tags.
items:
type: string
type: array
imageSize:
description: The size in bytes of the image
format: int64
type: integer
type: object
s2iBuildSource:
description: S2i build source info.
properties:
binaryName:
description: Binary file Name
type: string
binarySize:
description: Binary file Size
format: int64
type: integer
builderImage:
description: // BuilderImage describes which image is used for building
the result images.
type: string
commitID:
description: CommitID represents an arbitrary extended object reference
in Git as SHA-1
type: string
committerEmail:
description: CommitterEmail contains the e-mail of the committer
type: string
committerName:
description: CommitterName contains the name of the committer
type: string
description:
description: Description is a result image description label. The
default is no description.
type: string
revisionId:
description: The RevisionId is a branch name or a SHA-1 hash of
every important thing about the commit
type: string
sourceUrl:
description: SourceURL is url of the codes such as https://github.com/a/b.git
type: string
type: object
startTime:
description: StartTime represent when this run began
format: date-time
type: string
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

117
config/crd/bases/iam.kubesphere.io_users.yaml Normal file
View File

@@ -0,0 +1,117 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: (devel)
creationTimestamp: null
name: users.iam.kubesphere.io
spec:
additionalPrinterColumns:
- JSONPath: .spec.email
name: Email
type: string
- JSONPath: .status.state
name: Status
type: string
group: iam.kubesphere.io
names:
categories:
- iam
kind: User
listKind: UserList
plural: users
singular: user
scope: Cluster
subresources: {}
validation:
openAPIV3Schema:
description: User is the Schema for the users API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: UserSpec defines the desired state of User
properties:
description:
description: Description of the user.
type: string
displayName:
type: string
email:
description: Unique email address.
type: string
finalizers:
description: Finalizers is an opaque list of values that must be empty
to permanently remove object from storage.
items:
type: string
type: array
groups:
items:
type: string
type: array
lang:
description: The preferred written or spoken language for the user.
type: string
password:
type: string
required:
- email
- password
type: object
status:
description: UserStatus defines the observed state of User
properties:
conditions:
description: Represents the latest available observations of a namespace's
current state.
items:
properties:
lastTransitionTime:
format: date-time
type: string
message:
type: string
reason:
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of namespace controller condition.
type: string
required:
- status
- type
type: object
type: array
state:
description: The user status
type: string
type: object
required:
- spec
type: object
version: v1alpha2
versions:
- name: v1alpha2
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

762
config/crd/bases/network.kubesphere.io_namespacenetworkpolicies.yaml Normal file
View File

@@ -0,0 +1,762 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: (devel)
creationTimestamp: null
name: namespacenetworkpolicies.network.kubesphere.io
spec:
group: network.kubesphere.io
names:
categories:
- networking
kind: NamespaceNetworkPolicy
listKind: NamespaceNetworkPolicyList
plural: namespacenetworkpolicies
shortNames:
- nsnp
singular: namespacenetworkpolicy
scope: Namespaced
validation:
openAPIV3Schema:
description: NamespaceNetworkPolicy is the Schema for the namespacenetworkpolicies
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: NamespaceNetworkPolicySpec defines the desired state of NamespaceNetworkPolicy
properties:
egress:
description: The ordered set of egress rules. Each rule contains a
set of packet match criteria and a corresponding action to apply.
items:
description: "A Rule encapsulates a set of match criteria and an action.
\ Both selector-based security Policy and security Profiles reference
rules - separated out as a list of rules for both ingress and egress
packet matching. \n Each positive match criteria has a negated version,
prefixed with ”Not”. All the match criteria within a rule must be
satisfied for a packet to match. A single rule can contain the positive
and negative version of a match and both must be satisfied for the
rule to match."
properties:
action:
type: string
destination:
description: Destination contains the match criteria that apply
to destination entity.
properties:
namespaceSelector:
description: "NamespaceSelector is an optional field that
contains a selector expression. Only traffic that originates
from (or terminates at) endpoints within the selected namespaces
will be matched. When both NamespaceSelector and Selector
are defined on the same rule, then only workload endpoints
that are matched by both selectors will be selected by the
rule. \n For NetworkPolicy, an empty NamespaceSelector implies
that the Selector is limited to selecting only workload
endpoints in the same namespace as the NetworkPolicy. \n
For GlobalNetworkPolicy, an empty NamespaceSelector implies
the Selector applies to workload endpoints across all namespaces."
type: string
nets:
description: Nets is an optional field that restricts the
rule to only apply to traffic that originates from (or terminates
at) IP addresses in any of the given subnets.
items:
type: string
type: array
notNets:
description: NotNets is the negated version of the Nets field.
items:
type: string
type: array
notPorts:
description: NotPorts is the negated version of the Ports
field. Since only some protocols have ports, if any ports
are specified it requires the Protocol match in the Rule
to be set to "TCP" or "UDP".
items:
description: "Port represents either a range of numeric
ports or a named port. \n - For a named port, set
the PortName, leaving MinPort and MaxPort as 0. -
For a port range, set MinPort and MaxPort to the (inclusive)
port numbers. Set PortName to \"\". - For a
single port, set MinPort = MaxPort and PortName = \"\"."
properties:
maxPort:
type: integer
minPort:
type: integer
portName:
type: string
type: object
type: array
notSelector:
description: NotSelector is the negated version of the Selector
field. See Selector field for subtleties with negated selectors.
type: string
ports:
description: "Ports is an optional field that restricts the
rule to only apply to traffic that has a source (destination)
port that matches one of these ranges/values. This value
is a list of integers or strings that represent ranges of
ports. \n Since only some protocols have ports, if any ports
are specified it requires the Protocol match in the Rule
to be set to \"TCP\" or \"UDP\"."
items:
description: "Port represents either a range of numeric
ports or a named port. \n - For a named port, set
the PortName, leaving MinPort and MaxPort as 0. -
For a port range, set MinPort and MaxPort to the (inclusive)
port numbers. Set PortName to \"\". - For a
single port, set MinPort = MaxPort and PortName = \"\"."
properties:
maxPort:
type: integer
minPort:
type: integer
portName:
type: string
type: object
type: array
selector:
description: "Selector is an optional field that contains
a selector expression (see Policy for sample syntax). Only
traffic that originates from (terminates at) endpoints matching
the selector will be matched. \n Note that: in addition
to the negated version of the Selector (see NotSelector
below), the selector expression syntax itself supports negation.
\ The two types of negation are subtly different. One negates
the set of matched endpoints, the other negates the whole
match: \n \tSelector = \"!has(my_label)\" matches packets
that are from other Calico-controlled \tendpoints that do
not have the label “my_label”. \n \tNotSelector = \"has(my_label)\"
matches packets that are not from Calico-controlled \tendpoints
that do have the label “my_label”. \n The effect is that
the latter will accept packets from non-Calico sources whereas
the former is limited to packets from Calico-controlled
endpoints."
type: string
serviceAccounts:
description: ServiceAccounts is an optional field that restricts
the rule to only apply to traffic that originates from (or
terminates at) a pod running as a matching service account.
properties:
names:
description: Names is an optional field that restricts
the rule to only apply to traffic that originates from
(or terminates at) a pod running as a service account
whose name is in the list.
items:
type: string
type: array
selector:
description: Selector is an optional field that restricts
the rule to only apply to traffic that originates from
(or terminates at) a pod running as a service account
that matches the given label selector. If both Names
and Selector are specified then they are AND'ed.
type: string
type: object
type: object
http:
description: HTTP contains match criteria that apply to HTTP requests.
properties:
methods:
description: Methods is an optional field that restricts the
rule to apply only to HTTP requests that use one of the
listed HTTP Methods (e.g. GET, PUT, etc.) Multiple methods
are OR'd together.
items:
type: string
type: array
paths:
description: 'Paths is an optional field that restricts the
rule to apply to HTTP requests that use one of the listed
HTTP Paths. Multiple paths are OR''d together. e.g: - exact:
/foo - prefix: /bar NOTE: Each entry may ONLY specify either
a `exact` or a `prefix` match. The validator will check
for it.'
items:
description: 'HTTPPath specifies an HTTP path to match.
It may be either of the form: exact: <path>: which matches
the path exactly or prefix: <path-prefix>: which matches
the path prefix'
properties:
exact:
type: string
prefix:
type: string
type: object
type: array
type: object
icmp:
description: ICMP is an optional field that restricts the rule
to apply to a specific type and code of ICMP traffic. This
should only be specified if the Protocol field is set to "ICMP"
or "ICMPv6".
properties:
code:
description: Match on a specific ICMP code. If specified,
the Type value must also be specified. This is a technical
limitation imposed by the kernels iptables firewall, which
Calico uses to enforce the rule.
type: integer
type:
description: Match on a specific ICMP type. For example a
value of 8 refers to ICMP Echo Request (i.e. pings).
type: integer
type: object
ipVersion:
description: IPVersion is an optional field that restricts the
rule to only match a specific IP version.
type: integer
notICMP:
description: NotICMP is the negated version of the ICMP field.
properties:
code:
description: Match on a specific ICMP code. If specified,
the Type value must also be specified. This is a technical
limitation imposed by the kernels iptables firewall, which
Calico uses to enforce the rule.
type: integer
type:
description: Match on a specific ICMP type. For example a
value of 8 refers to ICMP Echo Request (i.e. pings).
type: integer
type: object
notProtocol:
description: NotProtocol is the negated version of the Protocol
field.
type: string
protocol:
description: "Protocol is an optional field that restricts the
rule to only apply to traffic of a specific IP protocol. Required
if any of the EntityRules contain Ports (because ports only
apply to certain protocols). \n Must be one of these string
values: \"TCP\", \"UDP\", \"ICMP\", \"ICMPv6\", \"SCTP\", \"UDPLite\"
or an integer in the range 1-255."
type: string
source:
description: Source contains the match criteria that apply to
source entity.
properties:
namespaceSelector:
description: "NamespaceSelector is an optional field that
contains a selector expression. Only traffic that originates
from (or terminates at) endpoints within the selected namespaces
will be matched. When both NamespaceSelector and Selector
are defined on the same rule, then only workload endpoints
that are matched by both selectors will be selected by the
rule. \n For NetworkPolicy, an empty NamespaceSelector implies
that the Selector is limited to selecting only workload
endpoints in the same namespace as the NetworkPolicy. \n
For GlobalNetworkPolicy, an empty NamespaceSelector implies
the Selector applies to workload endpoints across all namespaces."
type: string
nets:
description: Nets is an optional field that restricts the
rule to only apply to traffic that originates from (or terminates
at) IP addresses in any of the given subnets.
items:
type: string
type: array
notNets:
description: NotNets is the negated version of the Nets field.
items:
type: string
type: array
notPorts:
description: NotPorts is the negated version of the Ports
field. Since only some protocols have ports, if any ports
are specified it requires the Protocol match in the Rule
to be set to "TCP" or "UDP".
items:
description: "Port represents either a range of numeric
ports or a named port. \n - For a named port, set
the PortName, leaving MinPort and MaxPort as 0. -
For a port range, set MinPort and MaxPort to the (inclusive)
port numbers. Set PortName to \"\". - For a
single port, set MinPort = MaxPort and PortName = \"\"."
properties:
maxPort:
type: integer
minPort:
type: integer
portName:
type: string
type: object
type: array
notSelector:
description: NotSelector is the negated version of the Selector
field. See Selector field for subtleties with negated selectors.
type: string
ports:
description: "Ports is an optional field that restricts the
rule to only apply to traffic that has a source (destination)
port that matches one of these ranges/values. This value
is a list of integers or strings that represent ranges of
ports. \n Since only some protocols have ports, if any ports
are specified it requires the Protocol match in the Rule
to be set to \"TCP\" or \"UDP\"."
items:
description: "Port represents either a range of numeric
ports or a named port. \n - For a named port, set
the PortName, leaving MinPort and MaxPort as 0. -
For a port range, set MinPort and MaxPort to the (inclusive)
port numbers. Set PortName to \"\". - For a
single port, set MinPort = MaxPort and PortName = \"\"."
properties:
maxPort:
type: integer
minPort:
type: integer
portName:
type: string
type: object
type: array
selector:
description: "Selector is an optional field that contains
a selector expression (see Policy for sample syntax). Only
traffic that originates from (terminates at) endpoints matching
the selector will be matched. \n Note that: in addition
to the negated version of the Selector (see NotSelector
below), the selector expression syntax itself supports negation.
\ The two types of negation are subtly different. One negates
the set of matched endpoints, the other negates the whole
match: \n \tSelector = \"!has(my_label)\" matches packets
that are from other Calico-controlled \tendpoints that do
not have the label “my_label”. \n \tNotSelector = \"has(my_label)\"
matches packets that are not from Calico-controlled \tendpoints
that do have the label “my_label”. \n The effect is that
the latter will accept packets from non-Calico sources whereas
the former is limited to packets from Calico-controlled
endpoints."
type: string
serviceAccounts:
description: ServiceAccounts is an optional field that restricts
the rule to only apply to traffic that originates from (or
terminates at) a pod running as a matching service account.
properties:
names:
description: Names is an optional field that restricts
the rule to only apply to traffic that originates from
(or terminates at) a pod running as a service account
whose name is in the list.
items:
type: string
type: array
selector:
description: Selector is an optional field that restricts
the rule to only apply to traffic that originates from
(or terminates at) a pod running as a service account
that matches the given label selector. If both Names
and Selector are specified then they are AND'ed.
type: string
type: object
type: object
required:
- action
type: object
type: array
ingress:
description: The ordered set of ingress rules. Each rule contains a
set of packet match criteria and a corresponding action to apply.
items:
description: "A Rule encapsulates a set of match criteria and an action.
\ Both selector-based security Policy and security Profiles reference
rules - separated out as a list of rules for both ingress and egress
packet matching. \n Each positive match criteria has a negated version,
prefixed with ”Not”. All the match criteria within a rule must be
satisfied for a packet to match. A single rule can contain the positive
and negative version of a match and both must be satisfied for the
rule to match."
properties:
action:
type: string
destination:
description: Destination contains the match criteria that apply
to destination entity.
properties:
namespaceSelector:
description: "NamespaceSelector is an optional field that
contains a selector expression. Only traffic that originates
from (or terminates at) endpoints within the selected namespaces
will be matched. When both NamespaceSelector and Selector
are defined on the same rule, then only workload endpoints
that are matched by both selectors will be selected by the
rule. \n For NetworkPolicy, an empty NamespaceSelector implies
that the Selector is limited to selecting only workload
endpoints in the same namespace as the NetworkPolicy. \n
For GlobalNetworkPolicy, an empty NamespaceSelector implies
the Selector applies to workload endpoints across all namespaces."
type: string
nets:
description: Nets is an optional field that restricts the
rule to only apply to traffic that originates from (or terminates
at) IP addresses in any of the given subnets.
items:
type: string
type: array
notNets:
description: NotNets is the negated version of the Nets field.
items:
type: string
type: array
notPorts:
description: NotPorts is the negated version of the Ports
field. Since only some protocols have ports, if any ports
are specified it requires the Protocol match in the Rule
to be set to "TCP" or "UDP".
items:
description: "Port represents either a range of numeric
ports or a named port. \n - For a named port, set
the PortName, leaving MinPort and MaxPort as 0. -
For a port range, set MinPort and MaxPort to the (inclusive)
port numbers. Set PortName to \"\". - For a
single port, set MinPort = MaxPort and PortName = \"\"."
properties:
maxPort:
type: integer
minPort:
type: integer
portName:
type: string
type: object
type: array
notSelector:
description: NotSelector is the negated version of the Selector
field. See Selector field for subtleties with negated selectors.
type: string
ports:
description: "Ports is an optional field that restricts the
rule to only apply to traffic that has a source (destination)
port that matches one of these ranges/values. This value
is a list of integers or strings that represent ranges of
ports. \n Since only some protocols have ports, if any ports
are specified it requires the Protocol match in the Rule
to be set to \"TCP\" or \"UDP\"."
items:
description: "Port represents either a range of numeric
ports or a named port. \n - For a named port, set
the PortName, leaving MinPort and MaxPort as 0. -
For a port range, set MinPort and MaxPort to the (inclusive)
port numbers. Set PortName to \"\". - For a
single port, set MinPort = MaxPort and PortName = \"\"."
properties:
maxPort:
type: integer
minPort:
type: integer
portName:
type: string
type: object
type: array
selector:
description: "Selector is an optional field that contains
a selector expression (see Policy for sample syntax). Only
traffic that originates from (terminates at) endpoints matching
the selector will be matched. \n Note that: in addition
to the negated version of the Selector (see NotSelector
below), the selector expression syntax itself supports negation.
\ The two types of negation are subtly different. One negates
the set of matched endpoints, the other negates the whole
match: \n \tSelector = \"!has(my_label)\" matches packets
that are from other Calico-controlled \tendpoints that do
not have the label “my_label”. \n \tNotSelector = \"has(my_label)\"
matches packets that are not from Calico-controlled \tendpoints
that do have the label “my_label”. \n The effect is that
the latter will accept packets from non-Calico sources whereas
the former is limited to packets from Calico-controlled
endpoints."
type: string
serviceAccounts:
description: ServiceAccounts is an optional field that restricts
the rule to only apply to traffic that originates from (or
terminates at) a pod running as a matching service account.
properties:
names:
description: Names is an optional field that restricts
the rule to only apply to traffic that originates from
(or terminates at) a pod running as a service account
whose name is in the list.
items:
type: string
type: array
selector:
description: Selector is an optional field that restricts
the rule to only apply to traffic that originates from
(or terminates at) a pod running as a service account
that matches the given label selector. If both Names
and Selector are specified then they are AND'ed.
type: string
type: object
type: object
http:
description: HTTP contains match criteria that apply to HTTP requests.
properties:
methods:
description: Methods is an optional field that restricts the
rule to apply only to HTTP requests that use one of the
listed HTTP Methods (e.g. GET, PUT, etc.) Multiple methods
are OR'd together.
items:
type: string
type: array
paths:
description: 'Paths is an optional field that restricts the
rule to apply to HTTP requests that use one of the listed
HTTP Paths. Multiple paths are OR''d together. e.g: - exact:
/foo - prefix: /bar NOTE: Each entry may ONLY specify either
a `exact` or a `prefix` match. The validator will check
for it.'
items:
description: 'HTTPPath specifies an HTTP path to match.
It may be either of the form: exact: <path>: which matches
the path exactly or prefix: <path-prefix>: which matches
the path prefix'
properties:
exact:
type: string
prefix:
type: string
type: object
type: array
type: object
icmp:
description: ICMP is an optional field that restricts the rule
to apply to a specific type and code of ICMP traffic. This
should only be specified if the Protocol field is set to "ICMP"
or "ICMPv6".
properties:
code:
description: Match on a specific ICMP code. If specified,
the Type value must also be specified. This is a technical
limitation imposed by the kernels iptables firewall, which
Calico uses to enforce the rule.
type: integer
type:
description: Match on a specific ICMP type. For example a
value of 8 refers to ICMP Echo Request (i.e. pings).
type: integer
type: object
ipVersion:
description: IPVersion is an optional field that restricts the
rule to only match a specific IP version.
type: integer
notICMP:
description: NotICMP is the negated version of the ICMP field.
properties:
code:
description: Match on a specific ICMP code. If specified,
the Type value must also be specified. This is a technical
limitation imposed by the kernels iptables firewall, which
Calico uses to enforce the rule.
type: integer
type:
description: Match on a specific ICMP type. For example a
value of 8 refers to ICMP Echo Request (i.e. pings).
type: integer
type: object
notProtocol:
description: NotProtocol is the negated version of the Protocol
field.
type: string
protocol:
description: "Protocol is an optional field that restricts the
rule to only apply to traffic of a specific IP protocol. Required
if any of the EntityRules contain Ports (because ports only
apply to certain protocols). \n Must be one of these string
values: \"TCP\", \"UDP\", \"ICMP\", \"ICMPv6\", \"SCTP\", \"UDPLite\"
or an integer in the range 1-255."
type: string
source:
description: Source contains the match criteria that apply to
source entity.
properties:
namespaceSelector:
description: "NamespaceSelector is an optional field that
contains a selector expression. Only traffic that originates
from (or terminates at) endpoints within the selected namespaces
will be matched. When both NamespaceSelector and Selector
are defined on the same rule, then only workload endpoints
that are matched by both selectors will be selected by the
rule. \n For NetworkPolicy, an empty NamespaceSelector implies
that the Selector is limited to selecting only workload
endpoints in the same namespace as the NetworkPolicy. \n
For GlobalNetworkPolicy, an empty NamespaceSelector implies
the Selector applies to workload endpoints across all namespaces."
type: string
nets:
description: Nets is an optional field that restricts the
rule to only apply to traffic that originates from (or terminates
at) IP addresses in any of the given subnets.
items:
type: string
type: array
notNets:
description: NotNets is the negated version of the Nets field.
items:
type: string
type: array
notPorts:
description: NotPorts is the negated version of the Ports
field. Since only some protocols have ports, if any ports
are specified it requires the Protocol match in the Rule
to be set to "TCP" or "UDP".
items:
description: "Port represents either a range of numeric
ports or a named port. \n - For a named port, set
the PortName, leaving MinPort and MaxPort as 0. -
For a port range, set MinPort and MaxPort to the (inclusive)
port numbers. Set PortName to \"\". - For a
single port, set MinPort = MaxPort and PortName = \"\"."
properties:
maxPort:
type: integer
minPort:
type: integer
portName:
type: string
type: object
type: array
notSelector:
description: NotSelector is the negated version of the Selector
field. See Selector field for subtleties with negated selectors.
type: string
ports:
description: "Ports is an optional field that restricts the
rule to only apply to traffic that has a source (destination)
port that matches one of these ranges/values. This value
is a list of integers or strings that represent ranges of
ports. \n Since only some protocols have ports, if any ports
are specified it requires the Protocol match in the Rule
to be set to \"TCP\" or \"UDP\"."
items:
description: "Port represents either a range of numeric
ports or a named port. \n - For a named port, set
the PortName, leaving MinPort and MaxPort as 0. -
For a port range, set MinPort and MaxPort to the (inclusive)
port numbers. Set PortName to \"\". - For a
single port, set MinPort = MaxPort and PortName = \"\"."
properties:
maxPort:
type: integer
minPort:
type: integer
portName:
type: string
type: object
type: array
selector:
description: "Selector is an optional field that contains
a selector expression (see Policy for sample syntax). Only
traffic that originates from (terminates at) endpoints matching
the selector will be matched. \n Note that: in addition
to the negated version of the Selector (see NotSelector
below), the selector expression syntax itself supports negation.
\ The two types of negation are subtly different. One negates
the set of matched endpoints, the other negates the whole
match: \n \tSelector = \"!has(my_label)\" matches packets
that are from other Calico-controlled \tendpoints that do
not have the label “my_label”. \n \tNotSelector = \"has(my_label)\"
matches packets that are not from Calico-controlled \tendpoints
that do have the label “my_label”. \n The effect is that
the latter will accept packets from non-Calico sources whereas
the former is limited to packets from Calico-controlled
endpoints."
type: string
serviceAccounts:
description: ServiceAccounts is an optional field that restricts
the rule to only apply to traffic that originates from (or
terminates at) a pod running as a matching service account.
properties:
names:
description: Names is an optional field that restricts
the rule to only apply to traffic that originates from
(or terminates at) a pod running as a service account
whose name is in the list.
items:
type: string
type: array
selector:
description: Selector is an optional field that restricts
the rule to only apply to traffic that originates from
(or terminates at) a pod running as a service account
that matches the given label selector. If both Names
and Selector are specified then they are AND'ed.
type: string
type: object
type: object
required:
- action
type: object
type: array
order:
description: Order is an optional field that specifies the order in
which the policy is applied. Policies with higher "order" are applied
after those with lower order. If the order is omitted, it may be
considered to be "infinite" - i.e. the policy will be applied last. Policies
with identical order will be applied in alphanumerical order based
on the Policy "Name".
type: integer
selector:
description: "The selector is an expression used to pick pick out the
endpoints that the policy should be applied to. \n Selector expressions
follow this syntax: \n \tlabel == \"string_literal\" -> comparison,
e.g. my_label == \"foo bar\" \tlabel != \"string_literal\" -> not
equal; also matches if label is not present \tlabel in { \"a\", \"b\",
\"c\", ... } -> true if the value of label X is one of \"a\", \"b\",
\"c\" \tlabel not in { \"a\", \"b\", \"c\", ... } -> true if the
value of label X is not one of \"a\", \"b\", \"c\" \thas(label_name)
\ -> True if that label is present \t! expr -> negation of expr \texpr
&& expr -> Short-circuit and \texpr || expr -> Short-circuit or
\t( expr ) -> parens for grouping \tall() or the empty selector ->
matches all endpoints. \n Label names are allowed to contain alphanumerics,
-, _ and /. String literals are more permissive but they do not support
escape characters. \n Examples (with made-up labels): \n \ttype ==
\"webserver\" && deployment == \"prod\" \ttype in {\"frontend\", \"backend\"}
\tdeployment != \"dev\" \t! has(label_name)"
type: string
types:
description: "Types indicates whether this policy applies to ingress,
or to egress, or to both. When not explicitly specified (and so the
value on creation is empty or nil), Calico defaults Types according
to what Ingress and Egress are present in the policy. The default
is: \n - [ PolicyTypeIngress ], if there are no Egress rules (including
the case where there are also no Ingress rules) \n - [ PolicyTypeEgress
], if there are Egress rules but no Ingress rules \n - [ PolicyTypeIngress,
PolicyTypeEgress ], if there are both Ingress and Egress rules. \n
When the policy is read back again, Types will always be one of these
values, never empty or nil."
items:
type: string
type: array
required:
- selector
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

535
config/crd/bases/network.kubesphere.io_workspacenetworkpolicies.yaml Normal file
View File

@@ -0,0 +1,535 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: (devel)
creationTimestamp: null
name: workspacenetworkpolicies.network.kubesphere.io
spec:
group: network.kubesphere.io
names:
categories:
- networking
kind: WorkspaceNetworkPolicy
listKind: WorkspaceNetworkPolicyList
plural: workspacenetworkpolicies
shortNames:
- wsnp
singular: workspacenetworkpolicy
scope: Cluster
validation:
openAPIV3Schema:
description: WorkspaceNetworkPolicy is a set of network policies applied to
the scope to workspace
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: WorkspaceNetworkPolicySpec defines the desired state of WorkspaceNetworkPolicy
properties:
egress:
description: List of egress rules to be applied to the selected pods.
Outgoing traffic is allowed if there are no NetworkPolicies selecting
the pod (and cluster policy otherwise allows the traffic), OR if the
traffic matches at least one egress rule across all of the NetworkPolicy
objects whose podSelector matches the pod. If this field is empty
then this NetworkPolicy limits all outgoing traffic (and serves solely
to ensure that the pods it selects are isolated by default). This
field is beta-level in 1.8
items:
description: WorkspaceNetworkPolicyEgressRule describes a particular
set of traffic that is allowed out of pods matched by a WorkspaceNetworkPolicySpec's
podSelector. The traffic must match both ports and to.
properties:
from:
description: List of sources which should be able to access the
pods selected for this rule. Items in this list are combined
using a logical OR operation. If this field is empty or missing,
this rule matches all sources (traffic not restricted by source).
If this field is present and contains at least on item, this
rule allows traffic only if the traffic matches at least one
item in the from list.
items:
description: WorkspaceNetworkPolicyPeer describes a peer to
allow traffic from. Only certain combinations of fields are
allowed. It is same as 'NetworkPolicyPeer' in k8s but with
an additional field 'WorkspaceSelector'
properties:
ipBlock:
description: IPBlock defines policy on a particular IPBlock.
If this field is set then neither of the other fields
can be.
properties:
cidr:
description: CIDR is a string representing the IP Block
Valid examples are "192.168.1.1/24"
type: string
except:
description: Except is a slice of CIDRs that should
not be included within an IP Block Valid examples
are "192.168.1.1/24" Except values will be rejected
if they are outside the CIDR range
items:
type: string
type: array
required:
- cidr
type: object
namespaceSelector:
description: "Selects Namespaces using cluster-scoped labels.
This field follows standard label selector semantics;
if present but empty, it selects all namespaces. \n If
PodSelector is also set, then the NetworkPolicyPeer as
a whole selects the Pods matching PodSelector in the Namespaces
selected by NamespaceSelector. Otherwise it selects all
Pods in the Namespaces selected by NamespaceSelector."
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In,
NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists
or DoesNotExist, the values array must be empty.
This array is replaced during a strategic merge
patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field
is "key", the operator is "In", and the values array
contains only "value". The requirements are ANDed.
type: object
type: object
podSelector:
description: "This is a label selector which selects Pods.
This field follows standard label selector semantics;
if present but empty, it selects all pods. \n If NamespaceSelector
is also set, then the NetworkPolicyPeer as a whole selects
the Pods matching PodSelector in the Namespaces selected
by NamespaceSelector. Otherwise it selects the Pods matching
PodSelector in the policy's own Namespace."
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In,
NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists
or DoesNotExist, the values array must be empty.
This array is replaced during a strategic merge
patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field
is "key", the operator is "In", and the values array
contains only "value". The requirements are ANDed.
type: object
type: object
workspaceSelector:
description: A label selector is a label query over a set
of resources. The result of matchLabels and matchExpressions
are ANDed. An empty label selector matches all objects.
A null label selector matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In,
NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists
or DoesNotExist, the values array must be empty.
This array is replaced during a strategic merge
patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field
is "key", the operator is "In", and the values array
contains only "value". The requirements are ANDed.
type: object
type: object
type: object
type: array
ports:
description: List of ports which should be made accessible on
the pods selected for this rule. Each item in this list is combined
using a logical OR. If this field is empty or missing, this
rule matches all ports (traffic not restricted by port). If
this field is present and contains at least one item, then this
rule allows traffic only if the traffic matches at least one
port in the list.
items:
description: NetworkPolicyPort describes a port to allow traffic
on
properties:
port:
anyOf:
- type: integer
- type: string
description: The port on the given protocol. This can either
be a numerical or named port on a pod. If this field is
not provided, this matches all port names and numbers.
x-kubernetes-int-or-string: true
protocol:
description: The protocol (TCP, UDP, or SCTP) which traffic
must match. If not specified, this field defaults to TCP.
type: string
type: object
type: array
type: object
type: array
ingress:
description: List of ingress rules to be applied to the selected pods.
Traffic is allowed to a pod if there are no NetworkPolicies selecting
the pod (and cluster policy otherwise allows the traffic), OR if the
traffic source is the pod's local node, OR if the traffic matches
at least one ingress rule across all of the NetworkPolicy objects
whose podSelector matches the pod. If this field is empty then this
NetworkPolicy does not allow any traffic (and serves solely to ensure
that the pods it selects are isolated by default)
items:
description: WorkspaceNetworkPolicyIngressRule describes a particular
set of traffic that is allowed to the pods matched by a WorkspaceNetworkPolicySpec's
podSelector. The traffic must match both ports and from.
properties:
from:
description: List of sources which should be able to access the
pods selected for this rule. Items in this list are combined
using a logical OR operation. If this field is empty or missing,
this rule matches all sources (traffic not restricted by source).
If this field is present and contains at least on item, this
rule allows traffic only if the traffic matches at least one
item in the from list.
items:
description: WorkspaceNetworkPolicyPeer describes a peer to
allow traffic from. Only certain combinations of fields are
allowed. It is same as 'NetworkPolicyPeer' in k8s but with
an additional field 'WorkspaceSelector'
properties:
ipBlock:
description: IPBlock defines policy on a particular IPBlock.
If this field is set then neither of the other fields
can be.
properties:
cidr:
description: CIDR is a string representing the IP Block
Valid examples are "192.168.1.1/24"
type: string
except:
description: Except is a slice of CIDRs that should
not be included within an IP Block Valid examples
are "192.168.1.1/24" Except values will be rejected
if they are outside the CIDR range
items:
type: string
type: array
required:
- cidr
type: object
namespaceSelector:
description: "Selects Namespaces using cluster-scoped labels.
This field follows standard label selector semantics;
if present but empty, it selects all namespaces. \n If
PodSelector is also set, then the NetworkPolicyPeer as
a whole selects the Pods matching PodSelector in the Namespaces
selected by NamespaceSelector. Otherwise it selects all
Pods in the Namespaces selected by NamespaceSelector."
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In,
NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists
or DoesNotExist, the values array must be empty.
This array is replaced during a strategic merge
patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field
is "key", the operator is "In", and the values array
contains only "value". The requirements are ANDed.
type: object
type: object
podSelector:
description: "This is a label selector which selects Pods.
This field follows standard label selector semantics;
if present but empty, it selects all pods. \n If NamespaceSelector
is also set, then the NetworkPolicyPeer as a whole selects
the Pods matching PodSelector in the Namespaces selected
by NamespaceSelector. Otherwise it selects the Pods matching
PodSelector in the policy's own Namespace."
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In,
NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists
or DoesNotExist, the values array must be empty.
This array is replaced during a strategic merge
patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field
is "key", the operator is "In", and the values array
contains only "value". The requirements are ANDed.
type: object
type: object
workspaceSelector:
description: A label selector is a label query over a set
of resources. The result of matchLabels and matchExpressions
are ANDed. An empty label selector matches all objects.
A null label selector matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In,
NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists
or DoesNotExist, the values array must be empty.
This array is replaced during a strategic merge
patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field
is "key", the operator is "In", and the values array
contains only "value". The requirements are ANDed.
type: object
type: object
type: object
type: array
ports:
description: List of ports which should be made accessible on
the pods selected for this rule. Each item in this list is combined
using a logical OR. If this field is empty or missing, this
rule matches all ports (traffic not restricted by port). If
this field is present and contains at least one item, then this
rule allows traffic only if the traffic matches at least one
port in the list.
items:
description: NetworkPolicyPort describes a port to allow traffic
on
properties:
port:
anyOf:
- type: integer
- type: string
description: The port on the given protocol. This can either
be a numerical or named port on a pod. If this field is
not provided, this matches all port names and numbers.
x-kubernetes-int-or-string: true
protocol:
description: The protocol (TCP, UDP, or SCTP) which traffic
must match. If not specified, this field defaults to TCP.
type: string
type: object
type: array
type: object
type: array
policyTypes:
description: List of rule types that the WorkspaceNetworkPolicy relates
to. Valid options are Ingress, Egress, or Ingress,Egress. If this
field is not specified, it will default based on the existence of
Ingress or Egress rules; policies that contain an Egress section are
assumed to affect Egress, and all policies (whether or not they contain
an Ingress section) are assumed to affect Ingress. If you want to
write an egress-only policy, you must explicitly specify policyTypes
[ "Egress" ]. Likewise, if you want to write a policy that specifies
that no egress is allowed, you must specify a policyTypes value that
include "Egress" (since such a policy would not include an Egress
section and would otherwise default to just [ "Ingress" ]).
items:
description: Policy Type string describes the NetworkPolicy type This
type is beta-level in 1.8
type: string
type: array
workspace:
description: Workspace specify the name of ws to apply this workspace
network policy
type: string
type: object
status:
description: WorkspaceNetworkPolicyStatus defines the observed state of
WorkspaceNetworkPolicy
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

1605
config/crd/bases/servicemesh.kubesphere.io_servicepolicies.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

1166
config/crd/bases/servicemesh.kubesphere.io_strategies.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

54
config/crd/bases/tenant.kubesphere.io_workspaces.yaml Normal file
View File

@@ -0,0 +1,54 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: (devel)
creationTimestamp: null
name: workspaces.tenant.kubesphere.io
spec:
group: tenant.kubesphere.io
names:
kind: Workspace
listKind: WorkspaceList
plural: workspaces
singular: workspace
scope: Namespaced
validation:
openAPIV3Schema:
description: Workspace is the Schema for the workspaces API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: WorkspaceSpec defines the desired state of Workspace
properties:
manager:
type: string
type: object
status:
description: WorkspaceStatus defines the observed state of Workspace
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

2
hack/generate_client.sh
View File

@@ -1,7 +1,7 @@
#!/bin/bash
set -e
GV="network:v1alpha1 servicemesh:v1alpha2 tenant:v1alpha1 devops:v1alpha1 iam:v1alpha2 tower:v1alpha1"
GV="network:v1alpha1 servicemesh:v1alpha2 tenant:v1alpha1 devops:v1alpha1 iam:v1alpha2 cluster:v1alpha1"
rm -rf ./pkg/client
./hack/generate_group.sh "client,lister,informer" kubesphere.io/kubesphere/pkg/client kubesphere.io/kubesphere/pkg/apis "$GV" --output-base=./ -h "$PWD/hack/boilerplate.go.txt"

2
pkg/apis/addtoscheme_tower_v1alpha1.go → pkg/apis/addtoscheme_cluster_v1alpha1.go
View File

@@ -1,7 +1,7 @@
package apis
import (
"kubesphere.io/kubesphere/pkg/apis/tower/v1alpha1"
"kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1"
)
func init() {

1
pkg/apis/cluster/group.go Normal file
View File

@@ -0,0 +1 @@
package cluster

11
pkg/apis/tower/v1alpha1/agent_types.go → pkg/apis/cluster/v1alpha1/agent_types.go
View File

@@ -20,6 +20,12 @@ import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
const (
ResourceKindAgent = "Agent"
ResourcesSingularAgent = "agent"
ResourcesPluralAgent = "agents"
)
// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.
@@ -46,7 +52,7 @@ type AgentSpec struct {
// Indicates that the agent is paused.
// +optional
Paused bool
Paused bool `json:"paused,omitempty"`
}
type AgentConditionType string
@@ -86,12 +92,13 @@ type AgentStatus struct {
Ping uint64 `json:"ping,omitempty"`
// Issued new kubeconfig by proxy server
KubeConfig []byte
KubeConfig []byte `json:"kubeconfig,omitempty"`
}
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +k8s:openapi-gen=true
// +genclient:nonNamespaced
// Agent is the Schema for the agents API
type Agent struct {

75
pkg/apis/cluster/v1alpha1/cluster_types.go Normal file
View File

@@ -0,0 +1,75 @@
package v1alpha1
import (
v1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
const (
ResourceKindCluster = "Cluster"
ResourcesSingularCluster = "cluster"
ResourcesPluralCluster = "clusters"
)
type ClusterSpec struct {
// Join cluster as kubefed cluster
Federated bool `json:"federated,omitempty"`
// Desired state of the cluster
Active bool `json:"active,omitempty"`
}
type ClusterConditionType string
const (
// Cluster agent is initialized and waiting for connecting
ClusterAgentInitialized ClusterConditionType = "AgentInitialized"
// Cluster agent is available
ClusterAgentAvailable ClusterConditionType = "AgentAvailable"
//
)
type ClusterStatus struct {
// Type of the condition
Type ClusterConditionType `json:"type"`
// Status of the condition, one of True, False, Unknown.
Status v1.ConditionStatus `json:"status"`
// The last time this condition was updated.
LastUpdateTime metav1.Time `json:"lastUpdateTime,omitempty"`
// Last time the condition transitioned from one status to another.
LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
// The reason for the condition's last transition.
Reason string `json:"reason,omitempty"`
// A human readable message indicating details about the transition.
Message string `json:"message,omitempty"`
}
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +k8s:openapi-gen=true
// +genclient:nonNamespaced
// Cluster is the schema for the clusters API
type Cluster struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec ClusterSpec `json:"spec,omitempty"`
Status ClusterStatus `json:"status,omitempty"`
}
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
type ClusterList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []Cluster `json:"items"`
}
func init() {
SchemeBuilder.Register(&Cluster{}, &ClusterList{})
}

8
pkg/apis/cluster/v1alpha1/doc.go Normal file
View File

@@ -0,0 +1,8 @@
// Package v1alpha1 contains API Schema definitions for the tower v1alpha1 API group
// +k8s:openapi-gen=true
// +k8s:deepcopy-gen=package,register
// +k8s:conversion-gen=kubesphere.io/kubesphere/pkg/apis/cluster
// +k8s:defaulter-gen=TypeMeta
// +groupName=cluster.kubesphere.io
package v1alpha1

13697
pkg/apis/cluster/v1alpha1/openapi_generated.go Normal file
View File

File diff suppressed because it is too large Load Diff

4
pkg/apis/tower/v1alpha1/register.go → pkg/apis/cluster/v1alpha1/register.go
View File

@@ -17,7 +17,7 @@ limitations under the License.
// +k8s:openapi-gen=true
// +k8s:deepcopy-gen=package,register
// +k8s:defaulter-gen=TypeMeta
// +groupName=tower.kubesphere.io
// +groupName=cluster.kubesphere.io
package v1alpha1
import (
@@ -27,7 +27,7 @@ import (
var (
// GroupVersion is group version used to register these objects
SchemeGroupVersion = schema.GroupVersion{Group: "tower.kubesphere.io", Version: "v1alpha1"}
SchemeGroupVersion = schema.GroupVersion{Group: "cluster.kubesphere.io", Version: "v1alpha1"}
// SchemeBuilder is used to add go types to the GroupVersionKind scheme
SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}

102
pkg/apis/tower/v1alpha1/zz_generated.deepcopy.go → pkg/apis/cluster/v1alpha1/zz_generated.deepcopy.go generated
View File

@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by controller-gen. DO NOT EDIT.
// Code generated by deepcopy-gen. DO NOT EDIT.
package v1alpha1
@@ -31,6 +31,7 @@ func (in *Agent) DeepCopyInto(out *Agent) {
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
out.Spec = in.Spec
in.Status.DeepCopyInto(&out.Status)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Agent.
@@ -56,6 +57,7 @@ func (in *AgentCondition) DeepCopyInto(out *AgentCondition) {
*out = *in
in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime)
in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AgentCondition.
@@ -80,6 +82,7 @@ func (in *AgentList) DeepCopyInto(out *AgentList) {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AgentList.
@@ -103,6 +106,7 @@ func (in *AgentList) DeepCopyObject() runtime.Object {
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *AgentSpec) DeepCopyInto(out *AgentSpec) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AgentSpec.
@@ -130,6 +134,7 @@ func (in *AgentStatus) DeepCopyInto(out *AgentStatus) {
*out = make([]byte, len(*in))
copy(*out, *in)
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AgentStatus.
@@ -141,3 +146,98 @@ func (in *AgentStatus) DeepCopy() *AgentStatus {
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Cluster) DeepCopyInto(out *Cluster) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
out.Spec = in.Spec
in.Status.DeepCopyInto(&out.Status)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Cluster.
func (in *Cluster) DeepCopy() *Cluster {
if in == nil {
return nil
}
out := new(Cluster)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *Cluster) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ClusterList) DeepCopyInto(out *ClusterList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]Cluster, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterList.
func (in *ClusterList) DeepCopy() *ClusterList {
if in == nil {
return nil
}
out := new(ClusterList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *ClusterList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ClusterSpec) DeepCopyInto(out *ClusterSpec) {
*out = *in
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterSpec.
func (in *ClusterSpec) DeepCopy() *ClusterSpec {
if in == nil {
return nil
}
out := new(ClusterSpec)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ClusterStatus) DeepCopyInto(out *ClusterStatus) {
*out = *in
in.LastUpdateTime.DeepCopyInto(&out.LastUpdateTime)
in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterStatus.
func (in *ClusterStatus) DeepCopy() *ClusterStatus {
if in == nil {
return nil
}
out := new(ClusterStatus)
in.DeepCopyInto(out)
return out
}

9
pkg/apis/iam/v1alpha2/user_types.go
View File

@@ -20,17 +20,15 @@ import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.
// User is the Schema for the users API
// +k8s:openapi-gen=true
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +genclient:nonNamespaced
// +k8s:openapi-gen=true
// +kubebuilder:printcolumn:name="Email",type="string",JSONPath=".spec.email"
// +kubebuilder:printcolumn:name="Status",type="string",JSONPath=".status.state"
// +kubebuilder:resource:categories="iam",scope="Cluster"
// User is the Schema for the users API
type User struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
@@ -119,7 +117,6 @@ const (
)
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +genclient:nonNamespaced
// UserList contains a list of User
type UserList struct {

7
pkg/apis/iam/v1alpha2/zz_generated.deepcopy.go generated
View File

@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by controller-gen. DO NOT EDIT.
// Code generated by deepcopy-gen. DO NOT EDIT.
package v1alpha2
@@ -31,6 +31,7 @@ func (in *User) DeepCopyInto(out *User) {
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
in.Spec.DeepCopyInto(&out.Spec)
in.Status.DeepCopyInto(&out.Status)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new User.
@@ -55,6 +56,7 @@ func (in *User) DeepCopyObject() runtime.Object {
func (in *UserCondition) DeepCopyInto(out *UserCondition) {
*out = *in
in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime)
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserCondition.
@@ -79,6 +81,7 @@ func (in *UserList) DeepCopyInto(out *UserList) {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserList.
@@ -112,6 +115,7 @@ func (in *UserSpec) DeepCopyInto(out *UserSpec) {
*out = make([]FinalizerName, len(*in))
copy(*out, *in)
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserSpec.
@@ -134,6 +138,7 @@ func (in *UserStatus) DeepCopyInto(out *UserStatus) {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserStatus.

20
pkg/apis/servicemesh/v1alpha2/servicepolicy_types.go
View File

@@ -47,7 +47,7 @@ type DestinationRuleSpecTemplate struct {
// Metadata of the virtual services created from this template
// +optional
metav1.ObjectMeta
metav1.ObjectMeta `json:"metadata,omitempty"`
// Spec indicates the behavior of a destination rule.
// +optional
@@ -68,42 +68,42 @@ const (
// StrategyCondition describes current state of a strategy.
type ServicePolicyCondition struct {
// Type of strategy condition, Complete or Failed.
Type ServicePolicyConditionType
Type ServicePolicyConditionType `json:"type,omitempty"`
// Status of the condition, one of True, False, Unknown
Status apiextensions.ConditionStatus
Status apiextensions.ConditionStatus `json:"status,omitempty"`
// Last time the condition was checked.
// +optional
LastProbeTime metav1.Time
LastProbeTime metav1.Time `json:"lastProbeTime,omitempty"`
// Last time the condition transit from one status to another
// +optional
LastTransitionTime metav1.Time
LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
// reason for the condition's last transition
Reason string
Reason string `json:"reason,omitempty"`
// Human readable message indicating details about last transition.
// +optinal
Message string
Message string `json:"message,omitempty"`
}
// ServicePolicyStatus defines the observed state of ServicePolicy
type ServicePolicyStatus struct {
// The latest available observations of an object's current state.
// +optional
Conditions []ServicePolicyCondition
Conditions []ServicePolicyCondition `json:"conditions,omitempty"`
// Represents time when the strategy was acknowledged by the controller.
// It is represented in RFC3339 form and is in UTC.
// +optional
StartTime *metav1.Time
StartTime *metav1.Time `json:"startTime,omitempty"`
// Represents time when the strategy was completed.
// It is represented in RFC3339 form and is in UTC.
// +optional
CompletionTime *metav1.Time
CompletionTime *metav1.Time `json:"completionTime,omitempty"`
}
// +genclient

18
pkg/apis/servicemesh/v1alpha2/strategy_types.go
View File

@@ -103,17 +103,17 @@ type StrategyStatus struct {
// The latest available observations of an object's current state.
// +optional
Conditions []StrategyCondition
Conditions []StrategyCondition `json:"conditions,omitempty"`
// Represents time when the strategy was acknowledged by the controller.
// It is represented in RFC3339 form and is in UTC.
// +optional
StartTime *metav1.Time
StartTime *metav1.Time `json:"startTime,omitempty"`
// Represents time when the strategy was completed.
// It is represented in RFC3339 form and is in UTC.
// +optional
CompletionTime *metav1.Time
CompletionTime *metav1.Time `json:"completionTime,omitempty"`
}
type StrategyConditionType string
@@ -130,25 +130,25 @@ const (
// StrategyCondition describes current state of a strategy.
type StrategyCondition struct {
// Type of strategy condition, Complete or Failed.
Type StrategyConditionType
Type StrategyConditionType `json:"type,omitempty"`
// Status of the condition, one of True, False, Unknown
Status apiextensions.ConditionStatus
Status apiextensions.ConditionStatus `json:"status,omitempty"`
// Last time the condition was checked.
// +optional
LastProbeTime metav1.Time
LastProbeTime metav1.Time `json:"lastProbeTime,omitempty"`
// Last time the condition transit from one status to another
// +optional
LastTransitionTime metav1.Time
LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
// reason for the condition's last transition
Reason string
Reason string `json:"reason,omitempty"`
// Human readable message indicating details about last transition.
// +optinal
Message string
Message string `json:"message,omitempty"`
}
// +genclient

1
pkg/apis/tower/group.go
View File

@@ -1 +0,0 @@
package tower

8
pkg/apis/tower/v1alpha1/doc.go
View File

@@ -1,8 +0,0 @@
// Package v1alpha2 contains API Schema definitions for the tower v1alpha1 API group
// +k8s:openapi-gen=true
// +k8s:deepcopy-gen=package,register
// +k8s:conversion-gen=kubesphere.io/tower/pkg/apis/tower
// +k8s:defaulter-gen=TypeMeta
// +groupName=tower.kubesphere.io
package v1alpha1

2
pkg/apiserver/apiserver.go
View File

@@ -182,7 +182,7 @@ func (s *APIServer) buildHandlerChain() {
handler := s.Server.Handler
handler = filters.WithKubeAPIServer(handler, s.KubernetesClient.Config(), &errorResponder{})
handler = filters.WithMultipleClusterDispatcher(handler, dispatch.NewClusterDispatch(s.InformerFactory.KubeSphereSharedInformerFactory().Tower().V1alpha1().Agents().Lister()))
handler = filters.WithMultipleClusterDispatcher(handler, dispatch.NewClusterDispatch(s.InformerFactory.KubeSphereSharedInformerFactory().Cluster().V1alpha1().Agents().Lister()))
excludedPaths := []string{"/oauth/*", "/kapis/config.kubesphere.io/*"}
pathAuthorizer, _ := path.NewAuthorizer(excludedPaths)

10
pkg/apiserver/dispatch/dispatch.go
View File

@@ -6,9 +6,9 @@ import (
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/util/proxy"
"k8s.io/apiserver/pkg/endpoints/handlers/responsewriters"
towerv1alpha1 "kubesphere.io/kubesphere/pkg/apis/tower/v1alpha1"
clusterv1alpha1 "kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1"
"kubesphere.io/kubesphere/pkg/apiserver/request"
"kubesphere.io/kubesphere/pkg/client/listers/tower/v1alpha1"
"kubesphere.io/kubesphere/pkg/client/listers/cluster/v1alpha1"
"net/http"
"strings"
)
@@ -38,7 +38,7 @@ func (c *clusterDispatch) Dispatch(w http.ResponseWriter, req *http.Request, han
return
}
agent, err := c.agentLister.Agents(defaultMultipleClusterAgentNamespace).Get(info.Cluster)
agent, err := c.agentLister.Get(info.Cluster)
if err != nil {
if errors.IsNotFound(err) {
http.Error(w, fmt.Sprintf("cluster %s not found", info.Cluster), http.StatusNotFound)
@@ -65,9 +65,9 @@ func (c *clusterDispatch) Error(w http.ResponseWriter, req *http.Request, err er
responsewriters.InternalError(w, req, err)
}
func isAgentReady(agent *towerv1alpha1.Agent) bool {
func isAgentReady(agent *clusterv1alpha1.Agent) bool {
for _, condition := range agent.Status.Conditions {
if condition.Type == towerv1alpha1.AgentConnected && condition.Status == corev1.ConditionTrue {
if condition.Type == clusterv1alpha1.AgentConnected && condition.Status == corev1.ConditionTrue {
return true
}
}

28
pkg/client/clientset/versioned/clientset.go
View File

@@ -24,34 +24,39 @@ import (
discovery "k8s.io/client-go/discovery"
rest "k8s.io/client-go/rest"
flowcontrol "k8s.io/client-go/util/flowcontrol"
clusterv1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/cluster/v1alpha1"
devopsv1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/devops/v1alpha1"
iamv1alpha2 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/iam/v1alpha2"
networkv1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/network/v1alpha1"
servicemeshv1alpha2 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2"
tenantv1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/tenant/v1alpha1"
towerv1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/tower/v1alpha1"
)
type Interface interface {
Discovery() discovery.DiscoveryInterface
ClusterV1alpha1() clusterv1alpha1.ClusterV1alpha1Interface
DevopsV1alpha1() devopsv1alpha1.DevopsV1alpha1Interface
IamV1alpha2() iamv1alpha2.IamV1alpha2Interface
NetworkV1alpha1() networkv1alpha1.NetworkV1alpha1Interface
ServicemeshV1alpha2() servicemeshv1alpha2.ServicemeshV1alpha2Interface
TenantV1alpha1() tenantv1alpha1.TenantV1alpha1Interface
TowerV1alpha1() towerv1alpha1.TowerV1alpha1Interface
}
// Clientset contains the clients for groups. Each group has exactly one
// version included in a Clientset.
type Clientset struct {
*discovery.DiscoveryClient
clusterV1alpha1 *clusterv1alpha1.ClusterV1alpha1Client
devopsV1alpha1 *devopsv1alpha1.DevopsV1alpha1Client
iamV1alpha2 *iamv1alpha2.IamV1alpha2Client
networkV1alpha1 *networkv1alpha1.NetworkV1alpha1Client
servicemeshV1alpha2 *servicemeshv1alpha2.ServicemeshV1alpha2Client
tenantV1alpha1 *tenantv1alpha1.TenantV1alpha1Client
towerV1alpha1 *towerv1alpha1.TowerV1alpha1Client
}
// ClusterV1alpha1 retrieves the ClusterV1alpha1Client
func (c *Clientset) ClusterV1alpha1() clusterv1alpha1.ClusterV1alpha1Interface {
return c.clusterV1alpha1
}
// DevopsV1alpha1 retrieves the DevopsV1alpha1Client
@@ -79,11 +84,6 @@ func (c *Clientset) TenantV1alpha1() tenantv1alpha1.TenantV1alpha1Interface {
return c.tenantV1alpha1
}
// TowerV1alpha1 retrieves the TowerV1alpha1Client
func (c *Clientset) TowerV1alpha1() towerv1alpha1.TowerV1alpha1Interface {
return c.towerV1alpha1
}
// Discovery retrieves the DiscoveryClient
func (c *Clientset) Discovery() discovery.DiscoveryInterface {
if c == nil {
@@ -105,6 +105,10 @@ func NewForConfig(c *rest.Config) (*Clientset, error) {
}
var cs Clientset
var err error
cs.clusterV1alpha1, err = clusterv1alpha1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.devopsV1alpha1, err = devopsv1alpha1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
@@ -125,10 +129,6 @@ func NewForConfig(c *rest.Config) (*Clientset, error) {
if err != nil {
return nil, err
}
cs.towerV1alpha1, err = towerv1alpha1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy)
if err != nil {
@@ -141,12 +141,12 @@ func NewForConfig(c *rest.Config) (*Clientset, error) {
// panics if there is an error in the config.
func NewForConfigOrDie(c *rest.Config) *Clientset {
var cs Clientset
cs.clusterV1alpha1 = clusterv1alpha1.NewForConfigOrDie(c)
cs.devopsV1alpha1 = devopsv1alpha1.NewForConfigOrDie(c)
cs.iamV1alpha2 = iamv1alpha2.NewForConfigOrDie(c)
cs.networkV1alpha1 = networkv1alpha1.NewForConfigOrDie(c)
cs.servicemeshV1alpha2 = servicemeshv1alpha2.NewForConfigOrDie(c)
cs.tenantV1alpha1 = tenantv1alpha1.NewForConfigOrDie(c)
cs.towerV1alpha1 = towerv1alpha1.NewForConfigOrDie(c)
cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c)
return &cs
@@ -155,12 +155,12 @@ func NewForConfigOrDie(c *rest.Config) *Clientset {
// New creates a new Clientset for the given RESTClient.
func New(c rest.Interface) *Clientset {
var cs Clientset
cs.clusterV1alpha1 = clusterv1alpha1.New(c)
cs.devopsV1alpha1 = devopsv1alpha1.New(c)
cs.iamV1alpha2 = iamv1alpha2.New(c)
cs.networkV1alpha1 = networkv1alpha1.New(c)
cs.servicemeshV1alpha2 = servicemeshv1alpha2.New(c)
cs.tenantV1alpha1 = tenantv1alpha1.New(c)
cs.towerV1alpha1 = towerv1alpha1.New(c)
cs.DiscoveryClient = discovery.NewDiscoveryClient(c)
return &cs

14
pkg/client/clientset/versioned/fake/clientset_generated.go
View File

@@ -25,6 +25,8 @@ import (
fakediscovery "k8s.io/client-go/discovery/fake"
"k8s.io/client-go/testing"
clientset "kubesphere.io/kubesphere/pkg/client/clientset/versioned"
clusterv1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/cluster/v1alpha1"
fakeclusterv1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake"
devopsv1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/devops/v1alpha1"
fakedevopsv1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/devops/v1alpha1/fake"
iamv1alpha2 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/iam/v1alpha2"
@@ -35,8 +37,6 @@ import (
fakeservicemeshv1alpha2 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2/fake"
tenantv1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/tenant/v1alpha1"
faketenantv1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake"
towerv1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/tower/v1alpha1"
faketowerv1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/tower/v1alpha1/fake"
)
// NewSimpleClientset returns a clientset that will respond with the provided objects.
@@ -86,6 +86,11 @@ func (c *Clientset) Tracker() testing.ObjectTracker {
var _ clientset.Interface = &Clientset{}
// ClusterV1alpha1 retrieves the ClusterV1alpha1Client
func (c *Clientset) ClusterV1alpha1() clusterv1alpha1.ClusterV1alpha1Interface {
return &fakeclusterv1alpha1.FakeClusterV1alpha1{Fake: &c.Fake}
}
// DevopsV1alpha1 retrieves the DevopsV1alpha1Client
func (c *Clientset) DevopsV1alpha1() devopsv1alpha1.DevopsV1alpha1Interface {
return &fakedevopsv1alpha1.FakeDevopsV1alpha1{Fake: &c.Fake}
@@ -110,8 +115,3 @@ func (c *Clientset) ServicemeshV1alpha2() servicemeshv1alpha2.ServicemeshV1alpha
func (c *Clientset) TenantV1alpha1() tenantv1alpha1.TenantV1alpha1Interface {
return &faketenantv1alpha1.FakeTenantV1alpha1{Fake: &c.Fake}
}
// TowerV1alpha1 retrieves the TowerV1alpha1Client
func (c *Clientset) TowerV1alpha1() towerv1alpha1.TowerV1alpha1Interface {
return &faketowerv1alpha1.FakeTowerV1alpha1{Fake: &c.Fake}
}

4
pkg/client/clientset/versioned/fake/register.go
View File

@@ -24,24 +24,24 @@ import (
schema "k8s.io/apimachinery/pkg/runtime/schema"
serializer "k8s.io/apimachinery/pkg/runtime/serializer"
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
clusterv1alpha1 "kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1"
devopsv1alpha1 "kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1"
iamv1alpha2 "kubesphere.io/kubesphere/pkg/apis/iam/v1alpha2"
networkv1alpha1 "kubesphere.io/kubesphere/pkg/apis/network/v1alpha1"
servicemeshv1alpha2 "kubesphere.io/kubesphere/pkg/apis/servicemesh/v1alpha2"
tenantv1alpha1 "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1"
towerv1alpha1 "kubesphere.io/kubesphere/pkg/apis/tower/v1alpha1"
)
var scheme = runtime.NewScheme()
var codecs = serializer.NewCodecFactory(scheme)
var parameterCodec = runtime.NewParameterCodec(scheme)
var localSchemeBuilder = runtime.SchemeBuilder{
clusterv1alpha1.AddToScheme,
devopsv1alpha1.AddToScheme,
iamv1alpha2.AddToScheme,
networkv1alpha1.AddToScheme,
servicemeshv1alpha2.AddToScheme,
tenantv1alpha1.AddToScheme,
towerv1alpha1.AddToScheme,
}
// AddToScheme adds all types of this clientset into the given scheme. This allows composition

4
pkg/client/clientset/versioned/scheme/register.go
View File

@@ -24,24 +24,24 @@ import (
schema "k8s.io/apimachinery/pkg/runtime/schema"
serializer "k8s.io/apimachinery/pkg/runtime/serializer"
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
clusterv1alpha1 "kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1"
devopsv1alpha1 "kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1"
iamv1alpha2 "kubesphere.io/kubesphere/pkg/apis/iam/v1alpha2"
networkv1alpha1 "kubesphere.io/kubesphere/pkg/apis/network/v1alpha1"
servicemeshv1alpha2 "kubesphere.io/kubesphere/pkg/apis/servicemesh/v1alpha2"
tenantv1alpha1 "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1"
towerv1alpha1 "kubesphere.io/kubesphere/pkg/apis/tower/v1alpha1"
)
var Scheme = runtime.NewScheme()
var Codecs = serializer.NewCodecFactory(Scheme)
var ParameterCodec = runtime.NewParameterCodec(Scheme)
var localSchemeBuilder = runtime.SchemeBuilder{
clusterv1alpha1.AddToScheme,
devopsv1alpha1.AddToScheme,
iamv1alpha2.AddToScheme,
networkv1alpha1.AddToScheme,
servicemeshv1alpha2.AddToScheme,
tenantv1alpha1.AddToScheme,
towerv1alpha1.AddToScheme,
}
// AddToScheme adds all types of this clientset into the given scheme. This allows composition

17
pkg/client/clientset/versioned/typed/tower/v1alpha1/agent.go → pkg/client/clientset/versioned/typed/cluster/v1alpha1/agent.go
View File

@@ -25,14 +25,14 @@ import (
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
v1alpha1 "kubesphere.io/kubesphere/pkg/apis/tower/v1alpha1"
v1alpha1 "kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1"
scheme "kubesphere.io/kubesphere/pkg/client/clientset/versioned/scheme"
)
// AgentsGetter has a method to return a AgentInterface.
// A group's client should implement this interface.
type AgentsGetter interface {
Agents(namespace string) AgentInterface
Agents() AgentInterface
}
// AgentInterface has methods to work with Agent resources.
@@ -52,14 +52,12 @@ type AgentInterface interface {
// agents implements AgentInterface
type agents struct {
client rest.Interface
ns string
}
// newAgents returns a Agents
func newAgents(c *TowerV1alpha1Client, namespace string) *agents {
func newAgents(c *ClusterV1alpha1Client) *agents {
return &agents{
client: c.RESTClient(),
ns: namespace,
}
}
@@ -67,7 +65,6 @@ func newAgents(c *TowerV1alpha1Client, namespace string) *agents {
func (c *agents) Get(name string, options v1.GetOptions) (result *v1alpha1.Agent, err error) {
result = &v1alpha1.Agent{}
err = c.client.Get().
Namespace(c.ns).
Resource("agents").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
@@ -84,7 +81,6 @@ func (c *agents) List(opts v1.ListOptions) (result *v1alpha1.AgentList, err erro
}
result = &v1alpha1.AgentList{}
err = c.client.Get().
Namespace(c.ns).
Resource("agents").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
@@ -101,7 +97,6 @@ func (c *agents) Watch(opts v1.ListOptions) (watch.Interface, error) {
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("agents").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
@@ -112,7 +107,6 @@ func (c *agents) Watch(opts v1.ListOptions) (watch.Interface, error) {
func (c *agents) Create(agent *v1alpha1.Agent) (result *v1alpha1.Agent, err error) {
result = &v1alpha1.Agent{}
err = c.client.Post().
Namespace(c.ns).
Resource("agents").
Body(agent).
Do().
@@ -124,7 +118,6 @@ func (c *agents) Create(agent *v1alpha1.Agent) (result *v1alpha1.Agent, err erro
func (c *agents) Update(agent *v1alpha1.Agent) (result *v1alpha1.Agent, err error) {
result = &v1alpha1.Agent{}
err = c.client.Put().
Namespace(c.ns).
Resource("agents").
Name(agent.Name).
Body(agent).
@@ -139,7 +132,6 @@ func (c *agents) Update(agent *v1alpha1.Agent) (result *v1alpha1.Agent, err erro
func (c *agents) UpdateStatus(agent *v1alpha1.Agent) (result *v1alpha1.Agent, err error) {
result = &v1alpha1.Agent{}
err = c.client.Put().
Namespace(c.ns).
Resource("agents").
Name(agent.Name).
SubResource("status").
@@ -152,7 +144,6 @@ func (c *agents) UpdateStatus(agent *v1alpha1.Agent) (result *v1alpha1.Agent, er
// Delete takes name of the agent and deletes it. Returns an error if one occurs.
func (c *agents) Delete(name string, options *v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("agents").
Name(name).
Body(options).
@@ -167,7 +158,6 @@ func (c *agents) DeleteCollection(options *v1.DeleteOptions, listOptions v1.List
timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("agents").
VersionedParams(&listOptions, scheme.ParameterCodec).
Timeout(timeout).
@@ -180,7 +170,6 @@ func (c *agents) DeleteCollection(options *v1.DeleteOptions, listOptions v1.List
func (c *agents) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Agent, err error) {
result = &v1alpha1.Agent{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("agents").
SubResource(subresources...).
Name(name).

180
pkg/client/clientset/versioned/typed/cluster/v1alpha1/cluster.go Normal file
View File

@@ -0,0 +1,180 @@
/*
Copyright 2019 The KubeSphere authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"time"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
v1alpha1 "kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1"
scheme "kubesphere.io/kubesphere/pkg/client/clientset/versioned/scheme"
)
// ClustersGetter has a method to return a ClusterInterface.
// A group's client should implement this interface.
type ClustersGetter interface {
Clusters() ClusterInterface
}
// ClusterInterface has methods to work with Cluster resources.
type ClusterInterface interface {
Create(*v1alpha1.Cluster) (*v1alpha1.Cluster, error)
Update(*v1alpha1.Cluster) (*v1alpha1.Cluster, error)
UpdateStatus(*v1alpha1.Cluster) (*v1alpha1.Cluster, error)
Delete(name string, options *v1.DeleteOptions) error
DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
Get(name string, options v1.GetOptions) (*v1alpha1.Cluster, error)
List(opts v1.ListOptions) (*v1alpha1.ClusterList, error)
Watch(opts v1.ListOptions) (watch.Interface, error)
Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Cluster, err error)
ClusterExpansion
}
// clusters implements ClusterInterface
type clusters struct {
client rest.Interface
}
// newClusters returns a Clusters
func newClusters(c *ClusterV1alpha1Client) *clusters {
return &clusters{
client: c.RESTClient(),
}
}
// Get takes name of the cluster, and returns the corresponding cluster object, and an error if there is any.
func (c *clusters) Get(name string, options v1.GetOptions) (result *v1alpha1.Cluster, err error) {
result = &v1alpha1.Cluster{}
err = c.client.Get().
Resource("clusters").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do().
Into(result)
return
}
// List takes label and field selectors, and returns the list of Clusters that match those selectors.
func (c *clusters) List(opts v1.ListOptions) (result *v1alpha1.ClusterList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.ClusterList{}
err = c.client.Get().
Resource("clusters").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do().
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested clusters.
func (c *clusters) Watch(opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Resource("clusters").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch()
}
// Create takes the representation of a cluster and creates it. Returns the server's representation of the cluster, and an error, if there is any.
func (c *clusters) Create(cluster *v1alpha1.Cluster) (result *v1alpha1.Cluster, err error) {
result = &v1alpha1.Cluster{}
err = c.client.Post().
Resource("clusters").
Body(cluster).
Do().
Into(result)
return
}
// Update takes the representation of a cluster and updates it. Returns the server's representation of the cluster, and an error, if there is any.
func (c *clusters) Update(cluster *v1alpha1.Cluster) (result *v1alpha1.Cluster, err error) {
result = &v1alpha1.Cluster{}
err = c.client.Put().
Resource("clusters").
Name(cluster.Name).
Body(cluster).
Do().
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *clusters) UpdateStatus(cluster *v1alpha1.Cluster) (result *v1alpha1.Cluster, err error) {
result = &v1alpha1.Cluster{}
err = c.client.Put().
Resource("clusters").
Name(cluster.Name).
SubResource("status").
Body(cluster).
Do().
Into(result)
return
}
// Delete takes name of the cluster and deletes it. Returns an error if one occurs.
func (c *clusters) Delete(name string, options *v1.DeleteOptions) error {
return c.client.Delete().
Resource("clusters").
Name(name).
Body(options).
Do().
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *clusters) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
var timeout time.Duration
if listOptions.TimeoutSeconds != nil {
timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Resource("clusters").
VersionedParams(&listOptions, scheme.ParameterCodec).
Timeout(timeout).
Body(options).
Do().
Error()
}
// Patch applies the patch and returns the patched cluster.
func (c *clusters) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Cluster, err error) {
result = &v1alpha1.Cluster{}
err = c.client.Patch(pt).
Resource("clusters").
SubResource(subresources...).
Name(name).
Body(data).
Do().
Into(result)
return
}

35
pkg/client/clientset/versioned/typed/tower/v1alpha1/tower_client.go → pkg/client/clientset/versioned/typed/cluster/v1alpha1/cluster_client.go
View File

@@ -20,26 +20,31 @@ package v1alpha1
import (
rest "k8s.io/client-go/rest"
v1alpha1 "kubesphere.io/kubesphere/pkg/apis/tower/v1alpha1"
v1alpha1 "kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1"
"kubesphere.io/kubesphere/pkg/client/clientset/versioned/scheme"
)
type TowerV1alpha1Interface interface {
type ClusterV1alpha1Interface interface {
RESTClient() rest.Interface
AgentsGetter
ClustersGetter
}
// TowerV1alpha1Client is used to interact with features provided by the tower.kubesphere.io group.
type TowerV1alpha1Client struct {
// ClusterV1alpha1Client is used to interact with features provided by the cluster.kubesphere.io group.
type ClusterV1alpha1Client struct {
restClient rest.Interface
}
func (c *TowerV1alpha1Client) Agents(namespace string) AgentInterface {
return newAgents(c, namespace)
func (c *ClusterV1alpha1Client) Agents() AgentInterface {
return newAgents(c)
}
// NewForConfig creates a new TowerV1alpha1Client for the given config.
func NewForConfig(c *rest.Config) (*TowerV1alpha1Client, error) {
func (c *ClusterV1alpha1Client) Clusters() ClusterInterface {
return newClusters(c)
}
// NewForConfig creates a new ClusterV1alpha1Client for the given config.
func NewForConfig(c *rest.Config) (*ClusterV1alpha1Client, error) {
config := *c
if err := setConfigDefaults(&config); err != nil {
return nil, err
@@ -48,12 +53,12 @@ func NewForConfig(c *rest.Config) (*TowerV1alpha1Client, error) {
if err != nil {
return nil, err
}
return &TowerV1alpha1Client{client}, nil
return &ClusterV1alpha1Client{client}, nil
}
// NewForConfigOrDie creates a new TowerV1alpha1Client for the given config and
// NewForConfigOrDie creates a new ClusterV1alpha1Client for the given config and
// panics if there is an error in the config.
func NewForConfigOrDie(c *rest.Config) *TowerV1alpha1Client {
func NewForConfigOrDie(c *rest.Config) *ClusterV1alpha1Client {
client, err := NewForConfig(c)
if err != nil {
panic(err)
@@ -61,9 +66,9 @@ func NewForConfigOrDie(c *rest.Config) *TowerV1alpha1Client {
return client
}
// New creates a new TowerV1alpha1Client for the given RESTClient.
func New(c rest.Interface) *TowerV1alpha1Client {
return &TowerV1alpha1Client{c}
// New creates a new ClusterV1alpha1Client for the given RESTClient.
func New(c rest.Interface) *ClusterV1alpha1Client {
return &ClusterV1alpha1Client{c}
}
func setConfigDefaults(config *rest.Config) error {
@@ -81,7 +86,7 @@ func setConfigDefaults(config *rest.Config) error {
// RESTClient returns a RESTClient that is used to communicate
// with API server by this client implementation.
func (c *TowerV1alpha1Client) RESTClient() rest.Interface {
func (c *ClusterV1alpha1Client) RESTClient() rest.Interface {
if c == nil {
return nil
}

0
pkg/client/clientset/versioned/typed/tower/v1alpha1/doc.go → pkg/client/clientset/versioned/typed/cluster/v1alpha1/doc.go
View File

0
pkg/client/clientset/versioned/typed/tower/v1alpha1/fake/doc.go → pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake/doc.go
View File

35
pkg/client/clientset/versioned/typed/tower/v1alpha1/fake/fake_agent.go → pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake/fake_agent.go
View File

@@ -25,24 +25,22 @@ import (
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
v1alpha1 "kubesphere.io/kubesphere/pkg/apis/tower/v1alpha1"
v1alpha1 "kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1"
)
// FakeAgents implements AgentInterface
type FakeAgents struct {
Fake *FakeTowerV1alpha1
ns string
Fake *FakeClusterV1alpha1
}
var agentsResource = schema.GroupVersionResource{Group: "tower.kubesphere.io", Version: "v1alpha1", Resource: "agents"}
var agentsResource = schema.GroupVersionResource{Group: "cluster.kubesphere.io", Version: "v1alpha1", Resource: "agents"}
var agentsKind = schema.GroupVersionKind{Group: "tower.kubesphere.io", Version: "v1alpha1", Kind: "Agent"}
var agentsKind = schema.GroupVersionKind{Group: "cluster.kubesphere.io", Version: "v1alpha1", Kind: "Agent"}
// Get takes name of the agent, and returns the corresponding agent object, and an error if there is any.
func (c *FakeAgents) Get(name string, options v1.GetOptions) (result *v1alpha1.Agent, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(agentsResource, c.ns, name), &v1alpha1.Agent{})
Invokes(testing.NewRootGetAction(agentsResource, name), &v1alpha1.Agent{})
if obj == nil {
return nil, err
}
@@ -52,8 +50,7 @@ func (c *FakeAgents) Get(name string, options v1.GetOptions) (result *v1alpha1.A
// List takes label and field selectors, and returns the list of Agents that match those selectors.
func (c *FakeAgents) List(opts v1.ListOptions) (result *v1alpha1.AgentList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(agentsResource, agentsKind, c.ns, opts), &v1alpha1.AgentList{})
Invokes(testing.NewRootListAction(agentsResource, agentsKind, opts), &v1alpha1.AgentList{})
if obj == nil {
return nil, err
}
@@ -74,15 +71,13 @@ func (c *FakeAgents) List(opts v1.ListOptions) (result *v1alpha1.AgentList, err
// Watch returns a watch.Interface that watches the requested agents.
func (c *FakeAgents) Watch(opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(agentsResource, c.ns, opts))
InvokesWatch(testing.NewRootWatchAction(agentsResource, opts))
}
// Create takes the representation of a agent and creates it. Returns the server's representation of the agent, and an error, if there is any.
func (c *FakeAgents) Create(agent *v1alpha1.Agent) (result *v1alpha1.Agent, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(agentsResource, c.ns, agent), &v1alpha1.Agent{})
Invokes(testing.NewRootCreateAction(agentsResource, agent), &v1alpha1.Agent{})
if obj == nil {
return nil, err
}
@@ -92,8 +87,7 @@ func (c *FakeAgents) Create(agent *v1alpha1.Agent) (result *v1alpha1.Agent, err
// Update takes the representation of a agent and updates it. Returns the server's representation of the agent, and an error, if there is any.
func (c *FakeAgents) Update(agent *v1alpha1.Agent) (result *v1alpha1.Agent, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(agentsResource, c.ns, agent), &v1alpha1.Agent{})
Invokes(testing.NewRootUpdateAction(agentsResource, agent), &v1alpha1.Agent{})
if obj == nil {
return nil, err
}
@@ -104,8 +98,7 @@ func (c *FakeAgents) Update(agent *v1alpha1.Agent) (result *v1alpha1.Agent, err
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeAgents) UpdateStatus(agent *v1alpha1.Agent) (*v1alpha1.Agent, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(agentsResource, "status", c.ns, agent), &v1alpha1.Agent{})
Invokes(testing.NewRootUpdateSubresourceAction(agentsResource, "status", agent), &v1alpha1.Agent{})
if obj == nil {
return nil, err
}
@@ -115,14 +108,13 @@ func (c *FakeAgents) UpdateStatus(agent *v1alpha1.Agent) (*v1alpha1.Agent, error
// Delete takes name of the agent and deletes it. Returns an error if one occurs.
func (c *FakeAgents) Delete(name string, options *v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(agentsResource, c.ns, name), &v1alpha1.Agent{})
Invokes(testing.NewRootDeleteAction(agentsResource, name), &v1alpha1.Agent{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeAgents) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(agentsResource, c.ns, listOptions)
action := testing.NewRootDeleteCollectionAction(agentsResource, listOptions)
_, err := c.Fake.Invokes(action, &v1alpha1.AgentList{})
return err
@@ -131,8 +123,7 @@ func (c *FakeAgents) DeleteCollection(options *v1.DeleteOptions, listOptions v1.
// Patch applies the patch and returns the patched agent.
func (c *FakeAgents) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Agent, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(agentsResource, c.ns, name, pt, data, subresources...), &v1alpha1.Agent{})
Invokes(testing.NewRootPatchSubresourceAction(agentsResource, name, pt, data, subresources...), &v1alpha1.Agent{})
if obj == nil {
return nil, err
}

131
pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake/fake_cluster.go Normal file
View File

@@ -0,0 +1,131 @@
/*
Copyright 2019 The KubeSphere authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
v1alpha1 "kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1"
)
// FakeClusters implements ClusterInterface
type FakeClusters struct {
Fake *FakeClusterV1alpha1
}
var clustersResource = schema.GroupVersionResource{Group: "cluster.kubesphere.io", Version: "v1alpha1", Resource: "clusters"}
var clustersKind = schema.GroupVersionKind{Group: "cluster.kubesphere.io", Version: "v1alpha1", Kind: "Cluster"}
// Get takes name of the cluster, and returns the corresponding cluster object, and an error if there is any.
func (c *FakeClusters) Get(name string, options v1.GetOptions) (result *v1alpha1.Cluster, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootGetAction(clustersResource, name), &v1alpha1.Cluster{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.Cluster), err
}
// List takes label and field selectors, and returns the list of Clusters that match those selectors.
func (c *FakeClusters) List(opts v1.ListOptions) (result *v1alpha1.ClusterList, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootListAction(clustersResource, clustersKind, opts), &v1alpha1.ClusterList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.ClusterList{ListMeta: obj.(*v1alpha1.ClusterList).ListMeta}
for _, item := range obj.(*v1alpha1.ClusterList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested clusters.
func (c *FakeClusters) Watch(opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewRootWatchAction(clustersResource, opts))
}
// Create takes the representation of a cluster and creates it. Returns the server's representation of the cluster, and an error, if there is any.
func (c *FakeClusters) Create(cluster *v1alpha1.Cluster) (result *v1alpha1.Cluster, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootCreateAction(clustersResource, cluster), &v1alpha1.Cluster{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.Cluster), err
}
// Update takes the representation of a cluster and updates it. Returns the server's representation of the cluster, and an error, if there is any.
func (c *FakeClusters) Update(cluster *v1alpha1.Cluster) (result *v1alpha1.Cluster, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootUpdateAction(clustersResource, cluster), &v1alpha1.Cluster{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.Cluster), err
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeClusters) UpdateStatus(cluster *v1alpha1.Cluster) (*v1alpha1.Cluster, error) {
obj, err := c.Fake.
Invokes(testing.NewRootUpdateSubresourceAction(clustersResource, "status", cluster), &v1alpha1.Cluster{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.Cluster), err
}
// Delete takes name of the cluster and deletes it. Returns an error if one occurs.
func (c *FakeClusters) Delete(name string, options *v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewRootDeleteAction(clustersResource, name), &v1alpha1.Cluster{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeClusters) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
action := testing.NewRootDeleteCollectionAction(clustersResource, listOptions)
_, err := c.Fake.Invokes(action, &v1alpha1.ClusterList{})
return err
}
// Patch applies the patch and returns the patched cluster.
func (c *FakeClusters) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Cluster, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootPatchSubresourceAction(clustersResource, name, pt, data, subresources...), &v1alpha1.Cluster{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.Cluster), err
}

14
pkg/client/clientset/versioned/typed/tower/v1alpha1/fake/fake_tower_client.go → pkg/client/clientset/versioned/typed/cluster/v1alpha1/fake/fake_cluster_client.go
View File

@@ -21,20 +21,24 @@ package fake
import (
rest "k8s.io/client-go/rest"
testing "k8s.io/client-go/testing"
v1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/tower/v1alpha1"
v1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/cluster/v1alpha1"
)
type FakeTowerV1alpha1 struct {
type FakeClusterV1alpha1 struct {
*testing.Fake
}
func (c *FakeTowerV1alpha1) Agents(namespace string) v1alpha1.AgentInterface {
return &FakeAgents{c, namespace}
func (c *FakeClusterV1alpha1) Agents() v1alpha1.AgentInterface {
return &FakeAgents{c}
}
func (c *FakeClusterV1alpha1) Clusters() v1alpha1.ClusterInterface {
return &FakeClusters{c}
}
// RESTClient returns a RESTClient that is used to communicate
// with API server by this client implementation.
func (c *FakeTowerV1alpha1) RESTClient() rest.Interface {
func (c *FakeClusterV1alpha1) RESTClient() rest.Interface {
var ret *rest.RESTClient
return ret
}

2
pkg/client/clientset/versioned/typed/tower/v1alpha1/generated_expansion.go → pkg/client/clientset/versioned/typed/cluster/v1alpha1/generated_expansion.go
View File

@@ -19,3 +19,5 @@ limitations under the License.
package v1alpha1
type AgentExpansion interface{}
type ClusterExpansion interface{}

4
pkg/client/informers/externalversions/tower/interface.go → pkg/client/informers/externalversions/cluster/interface.go
View File

@@ -16,11 +16,11 @@ limitations under the License.
// Code generated by informer-gen. DO NOT EDIT.
package tower
package cluster
import (
v1alpha1 "kubesphere.io/kubesphere/pkg/client/informers/externalversions/cluster/v1alpha1"
internalinterfaces "kubesphere.io/kubesphere/pkg/client/informers/externalversions/internalinterfaces"
v1alpha1 "kubesphere.io/kubesphere/pkg/client/informers/externalversions/tower/v1alpha1"
)
// Interface provides access to each of this group's versions.

21
pkg/client/informers/externalversions/tower/v1alpha1/agent.go → pkg/client/informers/externalversions/cluster/v1alpha1/agent.go
View File

@@ -25,10 +25,10 @@ import (
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
towerv1alpha1 "kubesphere.io/kubesphere/pkg/apis/tower/v1alpha1"
clusterv1alpha1 "kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1"
versioned "kubesphere.io/kubesphere/pkg/client/clientset/versioned"
internalinterfaces "kubesphere.io/kubesphere/pkg/client/informers/externalversions/internalinterfaces"
v1alpha1 "kubesphere.io/kubesphere/pkg/client/listers/tower/v1alpha1"
v1alpha1 "kubesphere.io/kubesphere/pkg/client/listers/cluster/v1alpha1"
)
// AgentInformer provides access to a shared informer and lister for
@@ -41,47 +41,46 @@ type AgentInformer interface {
type agentInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewAgentInformer constructs a new informer for Agent type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewAgentInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredAgentInformer(client, namespace, resyncPeriod, indexers, nil)
func NewAgentInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredAgentInformer(client, resyncPeriod, indexers, nil)
}
// NewFilteredAgentInformer constructs a new informer for Agent type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredAgentInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
func NewFilteredAgentInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.TowerV1alpha1().Agents(namespace).List(options)
return client.ClusterV1alpha1().Agents().List(options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.TowerV1alpha1().Agents(namespace).Watch(options)
return client.ClusterV1alpha1().Agents().Watch(options)
},
},
&towerv1alpha1.Agent{},
&clusterv1alpha1.Agent{},
resyncPeriod,
indexers,
)
}
func (f *agentInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredAgentInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
return NewFilteredAgentInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *agentInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&towerv1alpha1.Agent{}, f.defaultInformer)
return f.factory.InformerFor(&clusterv1alpha1.Agent{}, f.defaultInformer)
}
func (f *agentInformer) Lister() v1alpha1.AgentLister {

88
pkg/client/informers/externalversions/cluster/v1alpha1/cluster.go Normal file
View File

@@ -0,0 +1,88 @@
/*
Copyright 2019 The KubeSphere authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
time "time"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
clusterv1alpha1 "kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1"
versioned "kubesphere.io/kubesphere/pkg/client/clientset/versioned"
internalinterfaces "kubesphere.io/kubesphere/pkg/client/informers/externalversions/internalinterfaces"
v1alpha1 "kubesphere.io/kubesphere/pkg/client/listers/cluster/v1alpha1"
)
// ClusterInformer provides access to a shared informer and lister for
// Clusters.
type ClusterInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.ClusterLister
}
type clusterInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
}
// NewClusterInformer constructs a new informer for Cluster type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewClusterInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredClusterInformer(client, resyncPeriod, indexers, nil)
}
// NewFilteredClusterInformer constructs a new informer for Cluster type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredClusterInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ClusterV1alpha1().Clusters().List(options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.ClusterV1alpha1().Clusters().Watch(options)
},
},
&clusterv1alpha1.Cluster{},
resyncPeriod,
indexers,
)
}
func (f *clusterInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredClusterInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *clusterInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&clusterv1alpha1.Cluster{}, f.defaultInformer)
}
func (f *clusterInformer) Lister() v1alpha1.ClusterLister {
return v1alpha1.NewClusterLister(f.Informer().GetIndexer())
}

9
pkg/client/informers/externalversions/tower/v1alpha1/interface.go → pkg/client/informers/externalversions/cluster/v1alpha1/interface.go
View File

@@ -26,6 +26,8 @@ import (
type Interface interface {
// Agents returns a AgentInformer.
Agents() AgentInformer
// Clusters returns a ClusterInformer.
Clusters() ClusterInformer
}
type version struct {
@@ -41,5 +43,10 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
// Agents returns a AgentInformer.
func (v *version) Agents() AgentInformer {
return &agentInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
return &agentInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
}
// Clusters returns a ClusterInformer.
func (v *version) Clusters() ClusterInformer {
return &clusterInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
}

12
pkg/client/informers/externalversions/factory.go
View File

@@ -28,13 +28,13 @@ import (
schema "k8s.io/apimachinery/pkg/runtime/schema"
cache "k8s.io/client-go/tools/cache"
versioned "kubesphere.io/kubesphere/pkg/client/clientset/versioned"
cluster "kubesphere.io/kubesphere/pkg/client/informers/externalversions/cluster"
devops "kubesphere.io/kubesphere/pkg/client/informers/externalversions/devops"
iam "kubesphere.io/kubesphere/pkg/client/informers/externalversions/iam"
internalinterfaces "kubesphere.io/kubesphere/pkg/client/informers/externalversions/internalinterfaces"
network "kubesphere.io/kubesphere/pkg/client/informers/externalversions/network"
servicemesh "kubesphere.io/kubesphere/pkg/client/informers/externalversions/servicemesh"
tenant "kubesphere.io/kubesphere/pkg/client/informers/externalversions/tenant"
tower "kubesphere.io/kubesphere/pkg/client/informers/externalversions/tower"
)
// SharedInformerOption defines the functional option type for SharedInformerFactory.
@@ -177,12 +177,16 @@ type SharedInformerFactory interface {
ForResource(resource schema.GroupVersionResource) (GenericInformer, error)
WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool
Cluster() cluster.Interface
Devops() devops.Interface
Iam() iam.Interface
Network() network.Interface
Servicemesh() servicemesh.Interface
Tenant() tenant.Interface
Tower() tower.Interface
}
func (f *sharedInformerFactory) Cluster() cluster.Interface {
return cluster.New(f, f.namespace, f.tweakListOptions)
}
func (f *sharedInformerFactory) Devops() devops.Interface {
@@ -204,7 +208,3 @@ func (f *sharedInformerFactory) Servicemesh() servicemesh.Interface {
func (f *sharedInformerFactory) Tenant() tenant.Interface {
return tenant.New(f, f.namespace, f.tweakListOptions)
}
func (f *sharedInformerFactory) Tower() tower.Interface {
return tower.New(f, f.namespace, f.tweakListOptions)
}

24
pkg/client/informers/externalversions/generic.go
View File

@@ -23,12 +23,12 @@ import (
schema "k8s.io/apimachinery/pkg/runtime/schema"
cache "k8s.io/client-go/tools/cache"
v1alpha1 "kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1"
v1alpha1 "kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1"
devopsv1alpha1 "kubesphere.io/kubesphere/pkg/apis/devops/v1alpha1"
v1alpha2 "kubesphere.io/kubesphere/pkg/apis/iam/v1alpha2"
networkv1alpha1 "kubesphere.io/kubesphere/pkg/apis/network/v1alpha1"
servicemeshv1alpha2 "kubesphere.io/kubesphere/pkg/apis/servicemesh/v1alpha2"
tenantv1alpha1 "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1"
towerv1alpha1 "kubesphere.io/kubesphere/pkg/apis/tower/v1alpha1"
)
// GenericInformer is type of SharedIndexInformer which will locate and delegate to other
@@ -57,14 +57,20 @@ func (f *genericInformer) Lister() cache.GenericLister {
// TODO extend this to unknown resources with a client pool
func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) {
switch resource {
// Group=devops.kubesphere.io, Version=v1alpha1
case v1alpha1.SchemeGroupVersion.WithResource("s2ibinaries"):
// Group=cluster.kubesphere.io, Version=v1alpha1
case v1alpha1.SchemeGroupVersion.WithResource("agents"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Cluster().V1alpha1().Agents().Informer()}, nil
case v1alpha1.SchemeGroupVersion.WithResource("clusters"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Cluster().V1alpha1().Clusters().Informer()}, nil
// Group=devops.kubesphere.io, Version=v1alpha1
case devopsv1alpha1.SchemeGroupVersion.WithResource("s2ibinaries"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Devops().V1alpha1().S2iBinaries().Informer()}, nil
case v1alpha1.SchemeGroupVersion.WithResource("s2ibuilders"):
case devopsv1alpha1.SchemeGroupVersion.WithResource("s2ibuilders"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Devops().V1alpha1().S2iBuilders().Informer()}, nil
case v1alpha1.SchemeGroupVersion.WithResource("s2ibuildertemplates"):
case devopsv1alpha1.SchemeGroupVersion.WithResource("s2ibuildertemplates"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Devops().V1alpha1().S2iBuilderTemplates().Informer()}, nil
case v1alpha1.SchemeGroupVersion.WithResource("s2iruns"):
case devopsv1alpha1.SchemeGroupVersion.WithResource("s2iruns"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Devops().V1alpha1().S2iRuns().Informer()}, nil
// Group=iam.kubesphere.io, Version=v1alpha2
@@ -87,10 +93,6 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
case tenantv1alpha1.SchemeGroupVersion.WithResource("workspaces"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Tenant().V1alpha1().Workspaces().Informer()}, nil
// Group=tower.kubesphere.io, Version=v1alpha1
case towerv1alpha1.SchemeGroupVersion.WithResource("agents"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Tower().V1alpha1().Agents().Informer()}, nil
}
return nil, fmt.Errorf("no informer found for %v", resource)

41
pkg/client/listers/tower/v1alpha1/agent.go → pkg/client/listers/cluster/v1alpha1/agent.go
View File

@@ -22,15 +22,15 @@ import (
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
v1alpha1 "kubesphere.io/kubesphere/pkg/apis/tower/v1alpha1"
v1alpha1 "kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1"
)
// AgentLister helps list Agents.
type AgentLister interface {
// List lists all Agents in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.Agent, err error)
// Agents returns an object that can list and get Agents.
Agents(namespace string) AgentNamespaceLister
// Get retrieves the Agent from the index for a given name.
Get(name string) (*v1alpha1.Agent, error)
AgentListerExpansion
}
@@ -52,38 +52,9 @@ func (s *agentLister) List(selector labels.Selector) (ret []*v1alpha1.Agent, err
return ret, err
}
// Agents returns an object that can list and get Agents.
func (s *agentLister) Agents(namespace string) AgentNamespaceLister {
return agentNamespaceLister{indexer: s.indexer, namespace: namespace}
}
// AgentNamespaceLister helps list and get Agents.
type AgentNamespaceLister interface {
// List lists all Agents in the indexer for a given namespace.
List(selector labels.Selector) (ret []*v1alpha1.Agent, err error)
// Get retrieves the Agent from the indexer for a given namespace and name.
Get(name string) (*v1alpha1.Agent, error)
AgentNamespaceListerExpansion
}
// agentNamespaceLister implements the AgentNamespaceLister
// interface.
type agentNamespaceLister struct {
indexer cache.Indexer
namespace string
}
// List lists all Agents in the indexer for a given namespace.
func (s agentNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.Agent, err error) {
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.Agent))
})
return ret, err
}
// Get retrieves the Agent from the indexer for a given namespace and name.
func (s agentNamespaceLister) Get(name string) (*v1alpha1.Agent, error) {
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
// Get retrieves the Agent from the index for a given name.
func (s *agentLister) Get(name string) (*v1alpha1.Agent, error) {
obj, exists, err := s.indexer.GetByKey(name)
if err != nil {
return nil, err
}

65
pkg/client/listers/cluster/v1alpha1/cluster.go Normal file
View File

@@ -0,0 +1,65 @@
/*
Copyright 2019 The KubeSphere authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by lister-gen. DO NOT EDIT.
package v1alpha1
import (
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/tools/cache"
v1alpha1 "kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1"
)
// ClusterLister helps list Clusters.
type ClusterLister interface {
// List lists all Clusters in the indexer.
List(selector labels.Selector) (ret []*v1alpha1.Cluster, err error)
// Get retrieves the Cluster from the index for a given name.
Get(name string) (*v1alpha1.Cluster, error)
ClusterListerExpansion
}
// clusterLister implements the ClusterLister interface.
type clusterLister struct {
indexer cache.Indexer
}
// NewClusterLister returns a new ClusterLister.
func NewClusterLister(indexer cache.Indexer) ClusterLister {
return &clusterLister{indexer: indexer}
}
// List lists all Clusters in the indexer.
func (s *clusterLister) List(selector labels.Selector) (ret []*v1alpha1.Cluster, err error) {
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
ret = append(ret, m.(*v1alpha1.Cluster))
})
return ret, err
}
// Get retrieves the Cluster from the index for a given name.
func (s *clusterLister) Get(name string) (*v1alpha1.Cluster, error) {
obj, exists, err := s.indexer.GetByKey(name)
if err != nil {
return nil, err
}
if !exists {
return nil, errors.NewNotFound(v1alpha1.Resource("cluster"), name)
}
return obj.(*v1alpha1.Cluster), nil
}

6
pkg/client/listers/tower/v1alpha1/expansion_generated.go → pkg/client/listers/cluster/v1alpha1/expansion_generated.go
View File

@@ -22,6 +22,6 @@ package v1alpha1
// AgentLister.
type AgentListerExpansion interface{}
// AgentNamespaceListerExpansion allows custom methods to be added to
// AgentNamespaceLister.
type AgentNamespaceListerExpansion interface{}
// ClusterListerExpansion allows custom methods to be added to
// ClusterLister.
type ClusterListerExpansion interface{}

230
pkg/controller/cluster/cluster_controller.go Normal file
View File

@@ -0,0 +1,230 @@
package cluster
import (
"fmt"
v1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
"k8s.io/apimachinery/pkg/util/wait"
"k8s.io/client-go/kubernetes"
"k8s.io/client-go/kubernetes/scheme"
v1core "k8s.io/client-go/kubernetes/typed/core/v1"
"k8s.io/client-go/tools/cache"
"k8s.io/client-go/tools/record"
"k8s.io/client-go/util/retry"
"k8s.io/client-go/util/workqueue"
"k8s.io/klog"
clusterv1alpha1 "kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1"
clusterclient "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/cluster/v1alpha1"
clusterinformer "kubesphere.io/kubesphere/pkg/client/informers/externalversions/cluster/v1alpha1"
clusterlister "kubesphere.io/kubesphere/pkg/client/listers/cluster/v1alpha1"
"time"
)
const (
// maxRetries is the number of times a service will be retried before it is dropped out of the queue.
// With the current rate-limiter in use (5ms*2^(maxRetries-1)) the following numbers represent the
// sequence of delays between successive queuings of a service.
//
// 5ms, 10ms, 20ms, 40ms, 80ms, 160ms, 320ms, 640ms, 1.3s, 2.6s, 5.1s, 10.2s, 20.4s, 41s, 82s
maxRetries = 15
)
type ClusterController struct {
eventBroadcaster record.EventBroadcaster
eventRecorder record.EventRecorder
agentClient clusterclient.AgentInterface
clusterClient clusterclient.ClusterInterface
agentLister clusterlister.AgentLister
agentHasSynced cache.InformerSynced
clusterLister clusterlister.ClusterLister
clusterHasSynced cache.InformerSynced
queue workqueue.RateLimitingInterface
workerLoopPeriod time.Duration
}
func NewClusterController(
client kubernetes.Interface,
clusterInformer clusterinformer.ClusterInformer,
agentInformer clusterinformer.AgentInformer,
agentClient clusterclient.AgentInterface,
clusterClient clusterclient.ClusterInterface,
) *ClusterController {
broadcaster := record.NewBroadcaster()
broadcaster.StartLogging(func(format string, args ...interface{}) {
klog.Info(fmt.Sprintf(format, args))
})
broadcaster.StartRecordingToSink(&v1core.EventSinkImpl{Interface: client.CoreV1().Events("")})
recorder := broadcaster.NewRecorder(scheme.Scheme, v1.EventSource{Component: "cluster-controller"})
c := &ClusterController{
eventBroadcaster: broadcaster,
eventRecorder: recorder,
agentClient: agentClient,
clusterClient: clusterClient,
queue: workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "cluster"),
workerLoopPeriod: time.Second,
}
c.agentLister = agentInformer.Lister()
c.agentHasSynced = agentInformer.Informer().HasSynced
c.clusterLister = clusterInformer.Lister()
c.clusterHasSynced = clusterInformer.Informer().HasSynced
clusterInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
AddFunc: c.addCluster,
UpdateFunc: func(oldObj, newObj interface{}) {
c.addCluster(newObj)
},
DeleteFunc: c.addCluster,
})
return c
}
func (c *ClusterController) Start(stopCh <-chan struct{}) error {
return c.Run(5, stopCh)
}
func (c *ClusterController) Run(workers int, stopCh <-chan struct{}) error {
defer utilruntime.HandleCrash()
defer c.queue.ShutDown()
klog.V(0).Info("starting cluster controller")
defer klog.Info("shutting down cluster controller")
if !cache.WaitForCacheSync(stopCh, c.clusterHasSynced, c.agentHasSynced) {
return fmt.Errorf("failed to wait for caches to sync")
}
for i := 0; i < workers; i++ {
go wait.Until(c.worker, c.workerLoopPeriod, stopCh)
}
<-stopCh
return nil
}
func (c *ClusterController) worker() {
for c.processNextItem() {
}
}
func (c *ClusterController) processNextItem() bool {
key, quit := c.queue.Get()
if quit {
return false
}
defer c.queue.Done(key)
err := c.syncCluster(key.(string))
c.handleErr(err, key)
return true
}
func (c *ClusterController) syncCluster(key string) error {
startTime := time.Now()
_, name, err := cache.SplitMetaNamespaceKey(key)
if err != nil {
klog.Errorf("not a valid controller key %s, %#v", key, err)
return err
}
defer func() {
klog.V(4).Info("Finished syncing cluster.", "name", name, "duration", time.Since(startTime))
}()
cluster, err := c.clusterLister.Get(name)
if err != nil {
// cluster not found, possibly been deleted
// need to do the cleanup
if errors.IsNotFound(err) {
_, err = c.agentLister.Get(name)
if err != nil && errors.IsNotFound(err) {
return nil
}
if err != nil {
klog.Errorf("Failed to get cluster agent %s, %#v", name, err)
return err
}
// do the real cleanup work
err = c.agentClient.Delete(name, &metav1.DeleteOptions{})
return err
}
klog.Errorf("Failed to get cluster with name %s, %#v", name, err)
return err
}
newAgent := &clusterv1alpha1.Agent{
ObjectMeta: metav1.ObjectMeta{
Name: name,
Labels: map[string]string{
"app.kubernetes.io/name": "tower",
"cluster.kubesphere.io/name": name,
},
},
Spec: clusterv1alpha1.AgentSpec{
Token: "",
KubeSphereAPIServerPort: 0,
KubernetesAPIServerPort: 0,
Proxy: "",
Paused: !cluster.Spec.Active,
},
}
agent, err := c.agentLister.Get(name)
if err != nil && errors.IsNotFound(err) {
agent, err = c.agentClient.Create(newAgent)
if err != nil {
klog.Errorf("Failed to create agent %s, %#v", name, err)
return err
}
return nil
}
if err != nil {
klog.Errorf("Failed to get agent %s, %#v", name, err)
return err
}
if agent.Spec.Paused != newAgent.Spec.Paused {
agent.Spec.Paused = newAgent.Spec.Paused
return retry.RetryOnConflict(retry.DefaultBackoff, func() error {
_, err = c.agentClient.Update(agent)
return err
})
}
return nil
}
func (c *ClusterController) addCluster(obj interface{}) {
cluster := obj.(*clusterv1alpha1.Cluster)
key, err := cache.MetaNamespaceKeyFunc(obj)
if err != nil {
utilruntime.HandleError(fmt.Errorf("get cluster key %s/%s failed", cluster.Namespace, cluster.Name))
return
}
c.queue.Add(key)
}
func (c *ClusterController) handleErr(err error, key interface{}) {
}

1
pkg/controller/cluster/cluster_controller_test.go Normal file
View File

@@ -0,0 +1 @@
package cluster

16
tools/cmd/crd-doc-gen/main.go
View File

@@ -4,6 +4,8 @@ import (
"flag"
"io/ioutil"
"k8s.io/apimachinery/pkg/api/meta"
urlruntime "k8s.io/apimachinery/pkg/util/runtime"
clusterv1alpha1 "kubesphere.io/kubesphere/pkg/apis/cluster/v1alpha1"
"kubesphere.io/kubesphere/tools/lib"
"log"
"os"
@@ -42,6 +44,9 @@ func main() {
networkinstall.Install(Scheme)
devopsinstall.Install(Scheme)
urlruntime.Must(clusterv1alpha1.AddToScheme(Scheme))
urlruntime.Must(Scheme.SetVersionPriority(clusterv1alpha1.SchemeGroupVersion))
mapper := meta.NewDefaultRESTMapper(nil)
mapper.AddSpecific(servicemeshv1alpha2.SchemeGroupVersion.WithKind(servicemeshv1alpha2.ResourceKindServicePolicy),
@@ -75,6 +80,14 @@ func main() {
networkv1alpha1.SchemeGroupVersion.WithResource(networkv1alpha1.ResourcePluralWorkspaceNetworkPolicy),
networkv1alpha1.SchemeGroupVersion.WithResource(networkv1alpha1.ResourceSingularWorkspaceNetworkPolicy), meta.RESTScopeRoot)
mapper.AddSpecific(clusterv1alpha1.SchemeGroupVersion.WithKind(clusterv1alpha1.ResourceKindCluster),
clusterv1alpha1.SchemeGroupVersion.WithResource(clusterv1alpha1.ResourcesPluralCluster),
clusterv1alpha1.SchemeGroupVersion.WithResource(clusterv1alpha1.ResourcesSingularCluster), meta.RESTScopeRoot)
mapper.AddSpecific(clusterv1alpha1.SchemeGroupVersion.WithKind(clusterv1alpha1.ResourceKindAgent),
clusterv1alpha1.SchemeGroupVersion.WithResource(clusterv1alpha1.ResourcesPluralAgent),
clusterv1alpha1.SchemeGroupVersion.WithResource(clusterv1alpha1.ResourcesSingularAgent), meta.RESTScopeRoot)
spec, err := lib.RenderOpenAPISpec(lib.Config{
Scheme: Scheme,
Codecs: Codecs,
@@ -96,6 +109,7 @@ func main() {
tenantv1alpha1.GetOpenAPIDefinitions,
networkv1alpha1.GetOpenAPIDefinitions,
devopsv1alpha1.GetOpenAPIDefinitions,
clusterv1alpha1.GetOpenAPIDefinitions,
},
Resources: []schema.GroupVersionResource{
//TODOrunzexia At present, the document generation requires the openapi structure of the go language,
@@ -109,6 +123,8 @@ func main() {
devopsv1alpha1.SchemeGroupVersion.WithResource(devopsv1alpha1.ResourcePluralS2iBuilderTemplate),
devopsv1alpha1.SchemeGroupVersion.WithResource(devopsv1alpha1.ResourcePluralS2iBuilder),
networkv1alpha1.SchemeGroupVersion.WithResource(networkv1alpha1.ResourcePluralWorkspaceNetworkPolicy),
clusterv1alpha1.SchemeGroupVersion.WithResource(clusterv1alpha1.ResourcesPluralAgent),
clusterv1alpha1.SchemeGroupVersion.WithResource(clusterv1alpha1.ResourcesPluralCluster),
},
Mapper: mapper,
})