Merge pull request #4216 from wenchajun/notification

Add notification setting validation API

config/ks-core/templates/kubesphere-config.yaml

@@ -24,7 +24,8 @@ data:
 {{- end }}
     monitoring:
       endpoint: {{ .Values.config.monitoring.endpoint | default "http://prometheus-operated.kubesphere-monitoring-system.svc:9090" }}
-
+    notification:
+      endpoint: {{ .Values.config.notification.endpoint | default "http://notification-manager-svc.kubesphere-monitoring-system.svc:19093" }}
     {{- with .Values.config.servicemesh }}
     servicemesh:
       {{- toYaml . | nindent 6 }}

config/ks-core/values.yaml

@@ -43,6 +43,7 @@ config:
   jwtSecret: ""
   multicluster: {}
   monitoring: {}
+  notification: {}
 
 imagePullSecrets: []
 nameOverride: ""

pkg/apiserver/apiserver.go

@@ -77,6 +77,7 @@ import (
 	networkv1alpha2 "kubesphere.io/kubesphere/pkg/kapis/network/v1alpha2"
 	notificationv1 "kubesphere.io/kubesphere/pkg/kapis/notification/v1"
 	notificationkapisv2beta1 "kubesphere.io/kubesphere/pkg/kapis/notification/v2beta1"
+	notificationkapisv2beta2 "kubesphere.io/kubesphere/pkg/kapis/notification/v2beta2"
 	"kubesphere.io/kubesphere/pkg/kapis/oauth"
 	openpitrixv1 "kubesphere.io/kubesphere/pkg/kapis/openpitrix/v1"
 	operationsv1alpha2 "kubesphere.io/kubesphere/pkg/kapis/operations/v1alpha2"
@@ -271,6 +272,7 @@ func (s *APIServer) installKubeSphereAPIs() {
 	urlruntime.Must(kubeedgev1alpha1.AddToContainer(s.container, s.Config.KubeEdgeOptions.Endpoint))
 	urlruntime.Must(notificationkapisv2beta1.AddToContainer(s.container, s.InformerFactory, s.KubernetesClient.Kubernetes(),
 		s.KubernetesClient.KubeSphere()))
+	urlruntime.Must(notificationkapisv2beta2.AddToContainer(s.container, s.Config.NotificationOptions))
 	urlruntime.Must(gatewayv1alpha1.AddToContainer(s.container, s.Config.GatewayOptions, s.RuntimeCache, s.RuntimeClient))
 }
 

pkg/kapis/notification/v2beta2/handler.go

@@ -0,0 +1,114 @@
+package v2beta2
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net/http"
+
+	"github.com/emicklei/go-restful"
+	"kubesphere.io/api/notification/v2beta2"
+
+	nm "kubesphere.io/kubesphere/pkg/simple/client/notification"
+)
+
+const (
+	VerificationAPIPath = "/api/v2/verify"
+)
+
+type handler struct {
+	option *nm.Options
+}
+
+type Result struct {
+	Code    int    `json:"Status"`
+	Message string `json:"Message"`
+}
+type notification struct {
+	Config   v2beta2.Config   `json:"config"`
+	Receiver v2beta2.Receiver `json:"receiver"`
+}
+
+func newHandler(option *nm.Options) *handler {
+	return &handler{
+		option,
+	}
+}
+
+func (h handler) Verify(request *restful.Request, response *restful.Response) {
+	opt := h.option
+	if opt == nil || len(opt.Endpoint) == 0 {
+		response.WriteAsJson(Result{
+			http.StatusBadRequest,
+			"Cannot find Notification Manager endpoint",
+		})
+	}
+	host := opt.Endpoint
+	notification := notification{}
+	reqBody, err := ioutil.ReadAll(request.Request.Body)
+	if err != nil {
+		response.WriteHeaderAndEntity(http.StatusInternalServerError, err)
+		return
+	}
+
+	err = json.Unmarshal(reqBody, &notification)
+	if err != nil {
+		response.WriteHeaderAndEntity(http.StatusInternalServerError, err)
+		return
+	}
+
+	receiver := notification.Receiver
+	user := request.PathParameter("user")
+
+	if receiver.Labels["type"] == "tenant" {
+		if user != receiver.Labels["user"] {
+			response.WriteAsJson(Result{
+				http.StatusForbidden,
+				"Permission denied",
+			})
+			return
+		}
+	}
+	if receiver.Labels["type"] == "global" {
+		if user != "" {
+			response.WriteAsJson(Result{
+				http.StatusForbidden,
+				"Permission denied",
+			})
+			return
+		}
+	}
+
+	req, err := http.NewRequest("POST", fmt.Sprintf("%s%s", host, VerificationAPIPath), bytes.NewReader(reqBody))
+	if err != nil {
+		response.WriteHeaderAndEntity(http.StatusInternalServerError, err)
+		return
+	}
+	req.Header = request.Request.Header
+
+	client := &http.Client{}
+	resp, err := client.Do(req)
+	if err != nil {
+		response.WriteHeaderAndEntity(http.StatusInternalServerError, err)
+		return
+	}
+	defer resp.Body.Close()
+
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		// return 500
+		response.WriteHeaderAndEntity(http.StatusInternalServerError, err)
+		return
+	}
+
+	var result Result
+	err = json.Unmarshal(body, &result)
+	if err != nil {
+		response.WriteHeaderAndEntity(http.StatusInternalServerError, err)
+		return
+	}
+
+	response.WriteAsJson(result)
+}

pkg/kapis/notification/v2beta2/register.go

@@ -0,0 +1,50 @@
+/*
+
+  Copyright 2021 The KubeSphere Authors.
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+
+*/
+
+package v2beta2
+
+import (
+	"net/http"
+
+	nm "kubesphere.io/kubesphere/pkg/simple/client/notification"
+
+	"github.com/emicklei/go-restful"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+
+	"kubesphere.io/kubesphere/pkg/api"
+	"kubesphere.io/kubesphere/pkg/apiserver/runtime"
+)
+
+var GroupVersion = schema.GroupVersion{Group: "notification.kubesphere.io", Version: "v2beta2"}
+
+func AddToContainer(container *restful.Container, option *nm.Options) error {
+	h := newHandler(option)
+	ws := runtime.NewWebService(GroupVersion)
+	ws.Route(ws.POST("/configs/notification/verification").
+		Reads("").
+		To(h.Verify).
+		Returns(http.StatusOK, api.StatusOK, http.Response{}.Body)).
+		Doc("Provide validation for notification-manager information")
+	ws.Route(ws.POST("/configs/notification/users/{user}/verification").
+		To(h.Verify).
+		Param(ws.PathParameter("user", "user name")).
+		Returns(http.StatusOK, api.StatusOK, http.Response{}.Body)).
+		Doc("Provide validation for notification-manager information")
+	container.Add(ws)
+	return nil
+}

staging/src/kubesphere.io/api/notification/v2beta2/config_types.go

@@ -0,0 +1,209 @@
+/*
+
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v2beta2
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// DingTalkApplicationConfig it th configuration of conversation
+type DingTalkApplicationConfig struct {
+	// The key of the application with which to send messages.
+	AppKey *Credential `json:"appkey"`
+	// The key in the secret to be used. Must be a valid secret key.
+	AppSecret *Credential `json:"appsecret"`
+}
+
+type DingTalkConfig struct {
+	Labels map[string]string `json:"labels,omitempty"`
+	// Only needed when send alerts to the conversation.
+	Conversation *DingTalkApplicationConfig `json:"conversation,omitempty"`
+}
+
+type ClientCertificate struct {
+	// The client cert file for the targets.
+	Cert *Credential `json:"cert"`
+	// The client key file for the targets.
+	Key *Credential `json:"key"`
+}
+
+// TLSConfig configures the options for TLS connections.
+type TLSConfig struct {
+	// RootCA defines the root certificate authorities
+	// that clients use when verifying server certificates.
+	RootCA *Credential `json:"rootCA,omitempty"`
+	// The certificate of the client.
+	*ClientCertificate `json:"clientCertificate,omitempty"`
+	// Used to verify the hostname for the targets.
+	ServerName string `json:"serverName,omitempty"`
+	// Disable target certificate validation.
+	InsecureSkipVerify bool `json:"insecureSkipVerify,omitempty"`
+}
+
+// BasicAuth contains basic HTTP authentication credentials.
+type BasicAuth struct {
+	Username string      `json:"username"`
+	Password *Credential `json:"password,omitempty"`
+}
+
+// HTTPClientConfig configures an HTTP client.
+type HTTPClientConfig struct {
+	// The HTTP basic authentication credentials for the targets.
+	BasicAuth *BasicAuth `json:"basicAuth,omitempty"`
+	// The bearer token for the targets.
+	BearerToken *Credential `json:"bearerToken,omitempty"`
+	// HTTP proxy server to use to connect to the targets.
+	ProxyURL string `json:"proxyUrl,omitempty"`
+	// TLSConfig to use to connect to the targets.
+	TLSConfig *TLSConfig `json:"tlsConfig,omitempty"`
+}
+
+type HostPort struct {
+	Host string `json:"host"`
+	Port int    `json:"port"`
+}
+
+type EmailConfig struct {
+	Labels map[string]string `json:"labels,omitempty"`
+	// The sender address.
+	From string `json:"from"`
+	// The address of the SMTP server.
+	SmartHost HostPort `json:"smartHost"`
+	// The hostname to use when identifying to the SMTP server.
+	Hello *string `json:"hello,omitempty"`
+	// The username for CRAM-MD5, LOGIN and PLAIN authentications.
+	AuthUsername *string `json:"authUsername,omitempty"`
+	// The identity for PLAIN authentication.
+	AuthIdentify *string `json:"authIdentify,omitempty"`
+	// The secret contains the SMTP password for LOGIN and PLAIN authentications.
+	AuthPassword *Credential `json:"authPassword,omitempty"`
+	// The secret contains the SMTP secret for CRAM-MD5 authentication.
+	AuthSecret *Credential `json:"authSecret,omitempty"`
+	// The default SMTP TLS requirement.
+	RequireTLS *bool      `json:"requireTLS,omitempty"`
+	TLS        *TLSConfig `json:"tls,omitempty"`
+}
+
+type SlackConfig struct {
+	Labels map[string]string `json:"labels,omitempty"`
+	// The token of user or bot.
+	SlackTokenSecret *Credential `json:"slackTokenSecret"`
+}
+
+type WebhookConfig struct {
+	Labels map[string]string `json:"labels,omitempty"`
+}
+
+type WechatConfig struct {
+	Labels map[string]string `json:"labels,omitempty"`
+	// The WeChat API URL.
+	WechatApiUrl string `json:"wechatApiUrl,omitempty"`
+	// The corp id for authentication.
+	WechatApiCorpId string `json:"wechatApiCorpId"`
+	// The id of the application which sending message.
+	WechatApiAgentId string `json:"wechatApiAgentId"`
+	// The API key to use when talking to the WeChat API.
+	WechatApiSecret *Credential `json:"wechatApiSecret"`
+}
+
+// Sms Aliyun provider parameters
+type AliyunSMS struct {
+	SignName        string      `json:"signName"`
+	TemplateCode    string      `json:"templateCode,omitempty"`
+	AccessKeyId     *Credential `json:"accessKeyId"`
+	AccessKeySecret *Credential `json:"accessKeySecret"`
+}
+
+// Sms tencent provider parameters
+type TencentSMS struct {
+	Sign        string      `json:"sign"`
+	TemplateID  string      `json:"templateID"`
+	SmsSdkAppid string      `json:"smsSdkAppid"`
+	SecretId    *Credential `json:"secretId"`
+	SecretKey   *Credential `json:"secretKey"`
+}
+
+// Sms huawei provider parameters
+type HuaweiSMS struct {
+	Url        string      `json:"url,omitempty"`
+	Signature  string      `json:"signature"`
+	TemplateId string      `json:"templateId"`
+	Sender     string      `json:"sender"`
+	AppSecret  *Credential `json:"appSecret"`
+	AppKey     *Credential `json:"appKey"`
+}
+
+type Providers struct {
+	Aliyun  *AliyunSMS  `json:"aliyun,omitempty"`
+	Tencent *TencentSMS `json:"tencent,omitempty"`
+	Huawei  *HuaweiSMS  `json:"huawei,omitempty"`
+}
+
+type SmsConfig struct {
+	// The default sms provider, optional, use the first provider if not set
+	DefaultProvider string `json:"defaultProvider,omitempty"`
+	// All sms providers
+	Providers *Providers `json:"providers"`
+}
+
+type PushoverConfig struct {
+	Labels map[string]string `json:"labels,omitempty"`
+	// The token of a pushover application.
+	PushoverTokenSecret *Credential `json:"pushoverTokenSecret"`
+}
+
+//ConfigSpec defines the desired state of Config
+type ConfigSpec struct {
+	DingTalk *DingTalkConfig `json:"dingtalk,omitempty"`
+	Email    *EmailConfig    `json:"email,omitempty"`
+	Slack    *SlackConfig    `json:"slack,omitempty"`
+	Webhook  *WebhookConfig  `json:"webhook,omitempty"`
+	Wechat   *WechatConfig   `json:"wechat,omitempty"`
+	Sms      *SmsConfig      `json:"sms,omitempty"`
+	Pushover *PushoverConfig `json:"pushover,omitempty"`
+}
+
+// ConfigStatus defines the observed state of Config
+type ConfigStatus struct {
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:resource:scope=Cluster,shortName=nc,categories=notification-manager
+// +kubebuilder:subresource:status
+// +kubebuilder:storageversion
+
+// Config is the Schema for the dingtalkconfigs API
+type Config struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   ConfigSpec   `json:"spec,omitempty"`
+	Status ConfigStatus `json:"status,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// ConfigList contains a list of Config
+type ConfigList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []Config `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&Config{}, &ConfigList{})
+}

staging/src/kubesphere.io/api/notification/v2beta2/doc.go

@@ -0,0 +1,21 @@
+/*
+Copyright 2021 The KubeSphere Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package v2beta2 contains API Schema definitions for the notification v2beta2 API group
+// +groupName=notification.kubesphere.io
+// +genclient
+// +genclient:nonNamespaced
+package v2beta2

staging/src/kubesphere.io/api/notification/v2beta2/notificationmanager_types.go

@@ -0,0 +1,267 @@
+/*
+
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v2beta2
+
+import (
+	"time"
+
+	v1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+const (
+	Tenant = "tenant"
+)
+
+// SecretKeySelector selects a key of a Secret.
+type SecretKeySelector struct {
+	// The namespace of the secret, default to the `defaultSecretNamespace` of `NotificationManager` crd.
+	// If the `defaultSecretNamespace` does not set, default to the pod's namespace.
+	// +optional
+	Namespace string `json:"namespace,omitempty" protobuf:"bytes,1,opt,name=namespace"`
+	// Name of the secret.
+	Name string `json:"name" protobuf:"bytes,1,opt,name=name"`
+	// The key of the secret to select from.  Must be a valid secret key.
+	Key string `json:"key" protobuf:"bytes,2,opt,name=key"`
+}
+
+type ValueSource struct {
+	// Selects a key of a secret in the pod's namespace
+	// +optional
+	SecretKeyRef *SecretKeySelector `json:"secretKeyRef,omitempty" protobuf:"bytes,4,opt,name=secretKeyRef"`
+}
+
+type Credential struct {
+	// +optional
+	Value     string       `json:"value,omitempty" protobuf:"bytes,2,opt,name=value"`
+	ValueFrom *ValueSource `json:"valueFrom,omitempty" protobuf:"bytes,3,opt,name=valueFrom"`
+}
+
+// Sidecar defines a sidecar container which will be add to the notification manager deployment pod.
+type Sidecar struct {
+	// The type of sidecar, it can be specified to any value.
+	// Notification manager built-in sidecar for KubeSphere,
+	// It can be used with set `type` to `kubesphere`.
+	Type string `json:"type" protobuf:"bytes,2,opt,name=type"`
+	// Container of sidecar.
+	*v1.Container `json:",inline"`
+}
+
+// NotificationManagerSpec defines the desired state of NotificationManager
+type NotificationManagerSpec struct {
+	// Compute Resources required by container.
+	Resources v1.ResourceRequirements `json:"resources,omitempty"`
+	// Docker Image used to start Notification Manager container,
+	// for example kubesphere/notification-manager:v0.1.0
+	Image *string `json:"image,omitempty"`
+	// Image pull policy. One of Always, Never, IfNotPresent.
+	// Defaults to IfNotPresent if not specified
+	ImagePullPolicy *v1.PullPolicy `json:"imagePullPolicy,omitempty"`
+	// Number of instances to deploy for Notification Manager deployment.
+	Replicas *int32 `json:"replicas,omitempty"`
+	// Define which Nodes the Pods will be scheduled to.
+	NodeSelector map[string]string `json:"nodeSelector,omitempty"`
+	// Pod's scheduling constraints.
+	Affinity *v1.Affinity `json:"affinity,omitempty"`
+	// Pod's toleration.
+	Tolerations []v1.Toleration `json:"tolerations,omitempty"`
+	// ServiceAccountName is the name of the ServiceAccount to use to run Notification Manager Pods.
+	// ServiceAccount 'default' in notification manager's namespace will be used if not specified.
+	ServiceAccountName string `json:"serviceAccountName,omitempty"`
+	// Port name used for the pods and service, defaults to webhook
+	PortName string `json:"portName,omitempty"`
+	// Default Email/Wechat/Slack/Webhook Config to be selected
+	DefaultConfigSelector *metav1.LabelSelector `json:"defaultConfigSelector,omitempty"`
+	// Receivers to send notifications to
+	Receivers *ReceiversSpec `json:"receivers"`
+	// The default namespace to which notification manager secrets belong.
+	DefaultSecretNamespace string `json:"defaultSecretNamespace,omitempty"`
+	// List of volumes that can be mounted by containers belonging to the pod.
+	Volumes []v1.Volume `json:"volumes,omitempty"`
+	// Pod volumes to mount into the container's filesystem.
+	// Cannot be updated.
+	VolumeMounts []v1.VolumeMount `json:"volumeMounts,omitempty"`
+	// Arguments to the entrypoint.
+	// The docker image's CMD is used if this is not provided.
+	// +optional
+	Args []string `json:"args,omitempty"`
+	// Sidecar containers. The key is the type of sidecar, known value include: tenant.
+	// Tenant sidecar used to manage the tenants which will receive notifications.
+	// It needs to provide the API `/api/v2/tenant` at port `19094`, this api receives
+	// a parameter `namespace` and return all tenants which need to receive notifications in this namespace.
+	Sidecars map[string]*Sidecar `json:"sidecars,omitempty"`
+}
+
+type ReceiversSpec struct {
+	// Key used to identify tenant, default to be "namespace" if not specified
+	TenantKey string `json:"tenantKey"`
+	// Selector to find global notification receivers
+	// which will be used when tenant receivers cannot be found.
+	// Only matchLabels expression is allowed.
+	GlobalReceiverSelector *metav1.LabelSelector `json:"globalReceiverSelector"`
+	// Selector to find tenant notification receivers.
+	// Only matchLabels expression is allowed.
+	TenantReceiverSelector *metav1.LabelSelector `json:"tenantReceiverSelector"`
+	// Various receiver options
+	Options *Options `json:"options,omitempty"`
+}
+
+type GlobalOptions struct {
+	// Template file path, must be a absolute path.
+	TemplateFiles []string `json:"templateFile,omitempty"`
+	// The name of the template to generate message.
+	// If the receiver dose not setup template, it will use this.
+	Template string `json:"template,omitempty"`
+	// The name of the cluster in which the notification manager is deployed.
+	Cluster string `json:"cluster,omitempty"`
+}
+
+type EmailOptions struct {
+	// Notification Sending Timeout
+	NotificationTimeout *int32 `json:"notificationTimeout,omitempty"`
+	// Deprecated
+	DeliveryType string `json:"deliveryType,omitempty"`
+	// The maximum size of receivers in one email.
+	MaxEmailReceivers int `json:"maxEmailReceivers,omitempty"`
+	// The name of the template to generate email message.
+	// If the global template is not set, it will use default.
+	Template string `json:"template,omitempty"`
+	// The name of the template to generate email subject
+	SubjectTemplate string `json:"subjectTemplate,omitempty"`
+	// template type: text or html, default type is html
+	TmplType string `json:"tmplType,omitempty"`
+}
+
+type WechatOptions struct {
+	// Notification Sending Timeout
+	NotificationTimeout *int32 `json:"notificationTimeout,omitempty"`
+	// The name of the template to generate wechat message.
+	Template string `json:"template,omitempty"`
+	// template type: text or markdown, default type is text
+	TmplType string `json:"tmplType,omitempty"`
+	// The maximum message size that can be sent in a request.
+	MessageMaxSize int `json:"messageMaxSize,omitempty"`
+	// The time of token expired.
+	TokenExpires time.Duration `json:"tokenExpires,omitempty"`
+}
+
+type SlackOptions struct {
+	// Notification Sending Timeout
+	NotificationTimeout *int32 `json:"notificationTimeout,omitempty"`
+	// The name of the template to generate slack message.
+	// If the global template is not set, it will use default.
+	Template string `json:"template,omitempty"`
+}
+
+type WebhookOptions struct {
+	// Notification Sending Timeout
+	NotificationTimeout *int32 `json:"notificationTimeout,omitempty"`
+	// The name of the template to generate webhook message.
+	// If the global template is not set, it will use default.
+	Template string `json:"template,omitempty"`
+}
+
+// Throttle is the config of flow control.
+type Throttle struct {
+	// The maximum calls in `Unit`.
+	Threshold int           `json:"threshold,omitempty"`
+	Unit      time.Duration `json:"unit,omitempty"`
+	// The maximum tolerable waiting time when the calls trigger flow control, if the actual waiting time is more than this time, it will
+	// return a error, else it will wait for the flow restriction lifted, and send the message.
+	// Nil means do not wait, the maximum value is `Unit`.
+	MaxWaitTime time.Duration `json:"maxWaitTime,omitempty"`
+}
+
+type DingTalkOptions struct {
+	// Notification Sending Timeout
+	NotificationTimeout *int32 `json:"notificationTimeout,omitempty"`
+	// The name of the template to generate DingTalk message.
+	// If the global template is not set, it will use default.
+	Template string `json:"template,omitempty"`
+	// The name of the template to generate markdown title
+	TitleTemplate string `json:"titleTemplate,omitempty"`
+	// template type: text or markdown, default type is text
+	TmplType string `json:"tmplType,omitempty"`
+	// The time of token expired.
+	TokenExpires time.Duration `json:"tokenExpires,omitempty"`
+	// The maximum message size that can be sent to conversation in a request.
+	ConversationMessageMaxSize int `json:"conversationMessageMaxSize,omitempty"`
+	// The maximum message size that can be sent to chatbot in a request.
+	ChatbotMessageMaxSize int `json:"chatbotMessageMaxSize,omitempty"`
+	// The flow control fo chatbot.
+	ChatBotThrottle *Throttle `json:"chatBotThrottle,omitempty"`
+	// The flow control fo conversation.
+	ConversationThrottle *Throttle `json:"conversationThrottle,omitempty"`
+}
+
+type SmsOptions struct {
+	// Notification Sending Timeout
+	NotificationTimeout *int32 `json:"notificationTimeout,omitempty"`
+	// The name of the template to generate sms message.
+	// If the global template is not set, it will use default.
+	Template string `json:"template,omitempty"`
+}
+
+type PushoverOptions struct {
+	// Notification Sending Timeout
+	NotificationTimeout *int32 `json:"notificationTimeout,omitempty"`
+	// The name of the template to generate pushover message.
+	// If the global template is not set, it will use default.
+	Template string `json:"template,omitempty"`
+}
+
+type Options struct {
+	Global   *GlobalOptions   `json:"global,omitempty"`
+	Email    *EmailOptions    `json:"email,omitempty"`
+	Wechat   *WechatOptions   `json:"wechat,omitempty"`
+	Slack    *SlackOptions    `json:"slack,omitempty"`
+	Webhook  *WebhookOptions  `json:"webhook,omitempty"`
+	DingTalk *DingTalkOptions `json:"dingtalk,omitempty"`
+	Sms      *SmsOptions      `json:"sms,omitempty"`
+	Pushover *PushoverOptions `json:"pushover,omitempty"`
+}
+
+// NotificationManagerStatus defines the observed state of NotificationManager
+type NotificationManagerStatus struct {
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:resource:scope=Cluster,shortName=nm,categories=notification-manager
+// +kubebuilder:subresource:status
+// +kubebuilder:storageversion
+
+// NotificationManager is the Schema for the notificationmanagers API
+type NotificationManager struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   NotificationManagerSpec   `json:"spec,omitempty"`
+	Status NotificationManagerStatus `json:"status,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// NotificationManagerList contains a list of NotificationManager
+type NotificationManagerList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []NotificationManager `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&NotificationManager{}, &NotificationManagerList{})
+}

staging/src/kubesphere.io/api/notification/v2beta2/receiver_types.go

@@ -0,0 +1,271 @@
+/*
+
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v2beta2
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// DingTalkChatBot is the configuration of ChatBot
+type DingTalkChatBot struct {
+	// The webhook of ChatBot which the message will send to.
+	Webhook *Credential `json:"webhook"`
+
+	// Custom keywords of ChatBot
+	Keywords []string `json:"keywords,omitempty"`
+
+	// Secret of ChatBot, you can get it after enabled Additional Signature of ChatBot.
+	Secret *Credential `json:"secret,omitempty"`
+	// The phone numbers of the users which will be @.
+	AtMobiles []string `json:"atMobiles,omitempty"`
+	// The users who will be @.
+	AtUsers []string `json:"atUsers,omitempty"`
+	// Whether @everyone.
+	AtAll bool `json:"atAll,omitempty"`
+}
+
+// DingTalkConversation of conversation
+type DingTalkConversation struct {
+	ChatIDs []string `json:"chatids"`
+}
+
+type DingTalkReceiver struct {
+	// whether the receiver is enabled
+	Enabled *bool `json:"enabled,omitempty"`
+	// DingTalkConfig to be selected for this receiver
+	DingTalkConfigSelector *metav1.LabelSelector `json:"dingtalkConfigSelector,omitempty"`
+	// Selector to filter alerts.
+	AlertSelector *metav1.LabelSelector `json:"alertSelector,omitempty"`
+	// Be careful, a ChatBot only can send 20 message per minute.
+	ChatBot *DingTalkChatBot `json:"chatbot,omitempty"`
+	// The conversation which message will send to.
+	Conversation *DingTalkConversation `json:"conversation,omitempty"`
+	// The name of the template to generate DingTalk message.
+	// If the global template is not set, it will use default.
+	Template *string `json:"template,omitempty"`
+	// The name of the template to generate markdown title
+	TitleTemplate *string `json:"titleTemplate,omitempty"`
+	// template type: text or markdown
+	TmplType *string `json:"tmplType,omitempty"`
+}
+
+type EmailReceiver struct {
+	// whether the receiver is enabled
+	Enabled *bool `json:"enabled,omitempty"`
+	// Receivers' email addresses
+	To []string `json:"to"`
+	// EmailConfig to be selected for this receiver
+	EmailConfigSelector *metav1.LabelSelector `json:"emailConfigSelector,omitempty"`
+	// Selector to filter alerts.
+	AlertSelector *metav1.LabelSelector `json:"alertSelector,omitempty"`
+	// The name of the template to generate DingTalk message.
+	// If the global template is not set, it will use default.
+	Template *string `json:"template,omitempty"`
+	// The name of the template to generate email subject
+	SubjectTemplate *string `json:"subjectTemplate,omitempty"`
+	// template type: text or html, default type is html
+	TmplType *string `json:"tmplType,omitempty"`
+}
+
+type SlackReceiver struct {
+	// whether the receiver is enabled
+	Enabled *bool `json:"enabled,omitempty"`
+	// SlackConfig to be selected for this receiver
+	SlackConfigSelector *metav1.LabelSelector `json:"slackConfigSelector,omitempty"`
+	// Selector to filter alerts.
+	AlertSelector *metav1.LabelSelector `json:"alertSelector,omitempty"`
+	// The channel or user to send notifications to.
+	Channels []string `json:"channels"`
+	// The name of the template to generate DingTalk message.
+	// If the global template is not set, it will use default.
+	Template *string `json:"template,omitempty"`
+}
+
+// ServiceReference holds a reference to Service.legacy.k8s.io
+type ServiceReference struct {
+	// `namespace` is the namespace of the service.
+	// Required
+	Namespace string `json:"namespace"`
+
+	// `name` is the name of the service.
+	// Required
+	Name string `json:"name"`
+
+	// `path` is an optional URL path which will be sent in any request to
+	// this service.
+	// +optional
+	Path *string `json:"path,omitempty"`
+
+	// If specified, the port on the service that hosting webhook.
+	// Default to 443 for backward compatibility.
+	// `port` should be a valid port number (1-65535, inclusive).
+	// +optional
+	Port *int32 `json:"port,omitempty"`
+
+	// Http scheme, default is http.
+	// +optional
+	Scheme *string `json:"scheme,omitempty"`
+}
+
+type WebhookReceiver struct {
+	// whether the receiver is enabled
+	Enabled *bool `json:"enabled,omitempty"`
+	// WebhookConfig to be selected for this receiver
+	WebhookConfigSelector *metav1.LabelSelector `json:"webhookConfigSelector,omitempty"`
+	// Selector to filter alerts.
+	AlertSelector *metav1.LabelSelector `json:"alertSelector,omitempty"`
+	// `url` gives the location of the webhook, in standard URL form
+	// (`scheme://host:port/path`). Exactly one of `url` or `service`
+	// must be specified.
+	//
+	// The `host` should not refer to a service running in the cluster; use
+	// the `service` field instead. The host might be resolved via external
+	// DNS in some api servers (e.g., `kube-apiserver` cannot resolve
+	// in-cluster DNS as that would be a layering violation). `host` may
+	// also be an IP address.
+	//
+	// Please note that using `localhost` or `127.0.0.1` as a `host` is
+	// risky unless you take great care to run this webhook on all hosts
+	// which run an apiserver which might need to make calls to this
+	// webhook. Such installs are likely to be non-portable, i.e., not easy
+	// to turn up in a new cluster.
+	//
+	// A path is optional, and if present may be any string permissible in
+	// a URL. You may use the path to pass an arbitrary string to the
+	// webhook, for example, a cluster identifier.
+	//
+	// Attempting to use a user or basic auth e.g. "user:password@" is not
+	// allowed. Fragments ("#...") and query parameters ("?...") are not
+	// allowed, either.
+	//
+	// +optional
+	URL *string `json:"url,omitempty"`
+
+	// `service` is a reference to the service for this webhook. Either
+	// `service` or `url` must be specified.
+	//
+	// If the webhook is running within the cluster, then you should use `service`.
+	//
+	// +optional
+	Service *ServiceReference `json:"service,omitempty"`
+
+	HTTPConfig *HTTPClientConfig `json:"httpConfig,omitempty"`
+	// The name of the template to generate DingTalk message.
+	// If the global template is not set, it will use default.
+	Template *string `json:"template,omitempty"`
+}
+
+type WechatReceiver struct {
+	// whether the receiver is enabled
+	Enabled *bool `json:"enabled,omitempty"`
+	// WechatConfig to be selected for this receiver
+	WechatConfigSelector *metav1.LabelSelector `json:"wechatConfigSelector,omitempty"`
+	// Selector to filter alerts.
+	AlertSelector *metav1.LabelSelector `json:"alertSelector,omitempty"`
+	// +optional
+	ToUser  []string `json:"toUser,omitempty"`
+	ToParty []string `json:"toParty,omitempty"`
+	ToTag   []string `json:"toTag,omitempty"`
+	// The name of the template to generate DingTalk message.
+	// If the global template is not set, it will use default.
+	Template *string `json:"template,omitempty"`
+	// template type: text or markdown, default type is text
+	TmplType *string `json:"tmplType,omitempty"`
+}
+
+type SmsReceiver struct {
+	// whether the receiver is enabled
+	Enabled *bool `json:"enabled,omitempty"`
+	// SmsConfig to be selected for this receiver
+	SmsConfigSelector *metav1.LabelSelector `json:"smsConfigSelector,omitempty"`
+	// Selector to filter alerts.
+	AlertSelector *metav1.LabelSelector `json:"alertSelector,omitempty"`
+	// Receivers' phone numbers
+	PhoneNumbers []string `json:"phoneNumbers"`
+	// The name of the template to generate Sms message.
+	// If the global template is not set, it will use default.
+	Template *string `json:"template,omitempty"`
+}
+
+// PushoverUserProfile includes userKey and other preferences
+type PushoverUserProfile struct {
+	// UserKey is the user (Pushover User Key) to send notifications to.
+	// +kubebuilder:validation:Pattern=`^[A-Za-z0-9]{30}$`
+	UserKey *string `json:"userKey"`
+	// Devices refers to device name to send the message directly to that device, rather than all of the user's devices
+	Devices []string `json:"devices,omitempty"`
+	// Title refers to message's title, otherwise your app's name is used.
+	Title *string `json:"title,omitempty"`
+	// Sound refers to the name of one of the sounds (https://pushover.net/api#sounds) supported by device clients
+	Sound *string `json:"sound,omitempty"`
+}
+
+type PushoverReceiver struct {
+	// whether the receiver is enabled
+	Enabled *bool `json:"enabled,omitempty"`
+	// PushoverConfig to be selected for this receiver
+	PushoverConfigSelector *metav1.LabelSelector `json:"pushoverConfigSelector,omitempty"`
+	// Selector to filter alerts.
+	AlertSelector *metav1.LabelSelector `json:"alertSelector,omitempty"`
+	// The name of the template to generate DingTalk message.
+	// If the global template is not set, it will use default.
+	Template *string `json:"template,omitempty"`
+	// The users profile.
+	Profiles []*PushoverUserProfile `json:"profiles"`
+}
+
+//ReceiverSpec defines the desired state of Receiver
+type ReceiverSpec struct {
+	DingTalk *DingTalkReceiver `json:"dingtalk,omitempty"`
+	Email    *EmailReceiver    `json:"email,omitempty"`
+	Slack    *SlackReceiver    `json:"slack,omitempty"`
+	Webhook  *WebhookReceiver  `json:"webhook,omitempty"`
+	Wechat   *WechatReceiver   `json:"wechat,omitempty"`
+	Sms      *SmsReceiver      `json:"sms,omitempty"`
+	Pushover *PushoverReceiver `json:"pushover,omitempty"`
+}
+
+// ReceiverStatus defines the observed state of Receiver
+type ReceiverStatus struct {
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:resource:scope=Cluster,shortName=nr,categories=notification-manager
+// +kubebuilder:subresource:status
+// +kubebuilder:storageversion
+
+// Receiver is the Schema for the receivers API
+type Receiver struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   ReceiverSpec   `json:"spec,omitempty"`
+	Status ReceiverStatus `json:"status,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// ReceiverList contains a list of Receiver
+type ReceiverList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []Receiver `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&Receiver{}, &ReceiverList{})
+}

staging/src/kubesphere.io/api/notification/v2beta2/register.go

@@ -0,0 +1,40 @@
+/*
+
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package v2beta2 contains API Schema definitions for the notification v1alpha1 API group
+// +kubebuilder:object:generate=true
+// +groupName=notification.kubesphere.io
+package v2beta2
+
+import (
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"sigs.k8s.io/controller-runtime/pkg/scheme"
+)
+
+var (
+	// GroupVersion is group version used to register these objects
+	GroupVersion = schema.GroupVersion{Group: "notification.kubesphere.io", Version: "v2beta2"}
+
+	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
+	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
+
+	// AddToScheme adds the types in this group-version to the given scheme.
+	AddToScheme = SchemeBuilder.AddToScheme
+)
+
+func Resource(resource string) schema.GroupResource {
+	return GroupVersion.WithResource(resource).GroupResource()
+}

staging/src/kubesphere.io/api/notification/v2beta2/types.go

@@ -0,0 +1,27 @@
+/*
+Copyright 2021 The KubeSphere Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v2beta2
+
+const (
+	ResourceKindConfig      = "Configs"
+	ResourcesSingularConfig = "config"
+	ResourcesPluralConfig   = "configs"
+
+	ResourceKindReceiver      = "Receiver"
+	ResourcesSingularReceiver = "receiver"
+	ResourcesPluralReceiver   = "receivers"
+)

vendor/modules.txt

@@ -1977,6 +1977,7 @@ kubesphere.io/api/constants
 kubesphere.io/api/devops/crdinstall
 kubesphere.io/api/devops/v1alpha1
 kubesphere.io/api/devops/v1alpha3
+kubesphere.io/api/gateway/v1alpha1
 kubesphere.io/api/iam/v1alpha2
 kubesphere.io/api/network/calicov3
 kubesphere.io/api/network/crdinstall