diff options
Diffstat (limited to 'vendor/github.com/openshift/api/config/v1/types.go')
-rw-r--r-- | vendor/github.com/openshift/api/config/v1/types.go | 312 |
1 files changed, 0 insertions, 312 deletions
diff --git a/vendor/github.com/openshift/api/config/v1/types.go b/vendor/github.com/openshift/api/config/v1/types.go deleted file mode 100644 index 142748423..000000000 --- a/vendor/github.com/openshift/api/config/v1/types.go +++ /dev/null @@ -1,312 +0,0 @@ -package v1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" -) - -// ConfigMapFileReference references a config map in a specific namespace. -// The namespace must be specified at the point of use. -type ConfigMapFileReference struct { - Name string `json:"name"` - // Key allows pointing to a specific key/value inside of the configmap. This is useful for logical file references. - Key string `json:"key,omitempty"` -} - -// ConfigMapNameReference references a config map in a specific namespace. -// The namespace must be specified at the point of use. -type ConfigMapNameReference struct { - // name is the metadata.name of the referenced config map - // +kubebuilder:validation:Required - // +required - Name string `json:"name"` -} - -// SecretNameReference references a secret in a specific namespace. -// The namespace must be specified at the point of use. -type SecretNameReference struct { - // name is the metadata.name of the referenced secret - // +kubebuilder:validation:Required - // +required - Name string `json:"name"` -} - -// HTTPServingInfo holds configuration for serving HTTP -type HTTPServingInfo struct { - // ServingInfo is the HTTP serving information - ServingInfo `json:",inline"` - // MaxRequestsInFlight is the number of concurrent requests allowed to the server. If zero, no limit. - MaxRequestsInFlight int64 `json:"maxRequestsInFlight"` - // RequestTimeoutSeconds is the number of seconds before requests are timed out. The default is 60 minutes, if - // -1 there is no limit on requests. - RequestTimeoutSeconds int64 `json:"requestTimeoutSeconds"` -} - -// ServingInfo holds information about serving web pages -type ServingInfo struct { - // BindAddress is the ip:port to serve on - BindAddress string `json:"bindAddress"` - // BindNetwork is the type of network to bind to - defaults to "tcp4", accepts "tcp", - // "tcp4", and "tcp6" - BindNetwork string `json:"bindNetwork"` - // CertInfo is the TLS cert info for serving secure traffic. - // this is anonymous so that we can inline it for serialization - CertInfo `json:",inline"` - // ClientCA is the certificate bundle for all the signers that you'll recognize for incoming client certificates - // +optional - ClientCA string `json:"clientCA,omitempty"` - // NamedCertificates is a list of certificates to use to secure requests to specific hostnames - NamedCertificates []NamedCertificate `json:"namedCertificates,omitempty"` - // MinTLSVersion is the minimum TLS version supported. - // Values must match version names from https://golang.org/pkg/crypto/tls/#pkg-constants - MinTLSVersion string `json:"minTLSVersion,omitempty"` - // CipherSuites contains an overridden list of ciphers for the server to support. - // Values must match cipher suite IDs from https://golang.org/pkg/crypto/tls/#pkg-constants - CipherSuites []string `json:"cipherSuites,omitempty"` -} - -// CertInfo relates a certificate with a private key -type CertInfo struct { - // CertFile is a file containing a PEM-encoded certificate - CertFile string `json:"certFile"` - // KeyFile is a file containing a PEM-encoded private key for the certificate specified by CertFile - KeyFile string `json:"keyFile"` -} - -// NamedCertificate specifies a certificate/key, and the names it should be served for -type NamedCertificate struct { - // Names is a list of DNS names this certificate should be used to secure - // A name can be a normal DNS name, or can contain leading wildcard segments. - Names []string `json:"names,omitempty"` - // CertInfo is the TLS cert info for serving secure traffic - CertInfo `json:",inline"` -} - -// LeaderElection provides information to elect a leader -type LeaderElection struct { - // disable allows leader election to be suspended while allowing a fully defaulted "normal" startup case. - Disable bool `json:"disable,omitempty"` - // namespace indicates which namespace the resource is in - Namespace string `json:"namespace,omitempty"` - // name indicates what name to use for the resource - Name string `json:"name,omitempty"` - - // leaseDuration is the duration that non-leader candidates will wait - // after observing a leadership renewal until attempting to acquire - // leadership of a led but unrenewed leader slot. This is effectively the - // maximum duration that a leader can be stopped before it is replaced - // by another candidate. This is only applicable if leader election is - // enabled. - // +nullable - LeaseDuration metav1.Duration `json:"leaseDuration"` - // renewDeadline is the interval between attempts by the acting master to - // renew a leadership slot before it stops leading. This must be less - // than or equal to the lease duration. This is only applicable if leader - // election is enabled. - // +nullable - RenewDeadline metav1.Duration `json:"renewDeadline"` - // retryPeriod is the duration the clients should wait between attempting - // acquisition and renewal of a leadership. This is only applicable if - // leader election is enabled. - // +nullable - RetryPeriod metav1.Duration `json:"retryPeriod"` -} - -// StringSource allows specifying a string inline, or externally via env var or file. -// When it contains only a string value, it marshals to a simple JSON string. -type StringSource struct { - // StringSourceSpec specifies the string value, or external location - StringSourceSpec `json:",inline"` -} - -// StringSourceSpec specifies a string value, or external location -type StringSourceSpec struct { - // Value specifies the cleartext value, or an encrypted value if keyFile is specified. - Value string `json:"value"` - - // Env specifies an envvar containing the cleartext value, or an encrypted value if the keyFile is specified. - Env string `json:"env"` - - // File references a file containing the cleartext value, or an encrypted value if a keyFile is specified. - File string `json:"file"` - - // KeyFile references a file containing the key to use to decrypt the value. - KeyFile string `json:"keyFile"` -} - -// RemoteConnectionInfo holds information necessary for establishing a remote connection -type RemoteConnectionInfo struct { - // URL is the remote URL to connect to - URL string `json:"url"` - // CA is the CA for verifying TLS connections - CA string `json:"ca"` - // CertInfo is the TLS client cert information to present - // this is anonymous so that we can inline it for serialization - CertInfo `json:",inline"` -} - -type AdmissionConfig struct { - PluginConfig map[string]AdmissionPluginConfig `json:"pluginConfig,omitempty"` - - // enabledPlugins is a list of admission plugins that must be on in addition to the default list. - // Some admission plugins are disabled by default, but certain configurations require them. This is fairly uncommon - // and can result in performance penalties and unexpected behavior. - EnabledAdmissionPlugins []string `json:"enabledPlugins,omitempty"` - - // disabledPlugins is a list of admission plugins that must be off. Putting something in this list - // is almost always a mistake and likely to result in cluster instability. - DisabledAdmissionPlugins []string `json:"disabledPlugins,omitempty"` -} - -// AdmissionPluginConfig holds the necessary configuration options for admission plugins -type AdmissionPluginConfig struct { - // Location is the path to a configuration file that contains the plugin's - // configuration - Location string `json:"location"` - - // Configuration is an embedded configuration object to be used as the plugin's - // configuration. If present, it will be used instead of the path to the configuration file. - // +nullable - // +kubebuilder:pruning:PreserveUnknownFields - Configuration runtime.RawExtension `json:"configuration"` -} - -type LogFormatType string - -type WebHookModeType string - -const ( - // LogFormatLegacy saves event in 1-line text format. - LogFormatLegacy LogFormatType = "legacy" - // LogFormatJson saves event in structured json format. - LogFormatJson LogFormatType = "json" - - // WebHookModeBatch indicates that the webhook should buffer audit events - // internally, sending batch updates either once a certain number of - // events have been received or a certain amount of time has passed. - WebHookModeBatch WebHookModeType = "batch" - // WebHookModeBlocking causes the webhook to block on every attempt to process - // a set of events. This causes requests to the API server to wait for a - // round trip to the external audit service before sending a response. - WebHookModeBlocking WebHookModeType = "blocking" -) - -// AuditConfig holds configuration for the audit capabilities -type AuditConfig struct { - // If this flag is set, audit log will be printed in the logs. - // The logs contains, method, user and a requested URL. - Enabled bool `json:"enabled"` - // All requests coming to the apiserver will be logged to this file. - AuditFilePath string `json:"auditFilePath"` - // Maximum number of days to retain old log files based on the timestamp encoded in their filename. - MaximumFileRetentionDays int32 `json:"maximumFileRetentionDays"` - // Maximum number of old log files to retain. - MaximumRetainedFiles int32 `json:"maximumRetainedFiles"` - // Maximum size in megabytes of the log file before it gets rotated. Defaults to 100MB. - MaximumFileSizeMegabytes int32 `json:"maximumFileSizeMegabytes"` - - // PolicyFile is a path to the file that defines the audit policy configuration. - PolicyFile string `json:"policyFile"` - // PolicyConfiguration is an embedded policy configuration object to be used - // as the audit policy configuration. If present, it will be used instead of - // the path to the policy file. - // +nullable - // +kubebuilder:pruning:PreserveUnknownFields - PolicyConfiguration runtime.RawExtension `json:"policyConfiguration"` - - // Format of saved audits (legacy or json). - LogFormat LogFormatType `json:"logFormat"` - - // Path to a .kubeconfig formatted file that defines the audit webhook configuration. - WebHookKubeConfig string `json:"webHookKubeConfig"` - // Strategy for sending audit events (block or batch). - WebHookMode WebHookModeType `json:"webHookMode"` -} - -// EtcdConnectionInfo holds information necessary for connecting to an etcd server -type EtcdConnectionInfo struct { - // URLs are the URLs for etcd - URLs []string `json:"urls,omitempty"` - // CA is a file containing trusted roots for the etcd server certificates - CA string `json:"ca"` - // CertInfo is the TLS client cert information for securing communication to etcd - // this is anonymous so that we can inline it for serialization - CertInfo `json:",inline"` -} - -type EtcdStorageConfig struct { - EtcdConnectionInfo `json:",inline"` - - // StoragePrefix is the path within etcd that the OpenShift resources will - // be rooted under. This value, if changed, will mean existing objects in etcd will - // no longer be located. - StoragePrefix string `json:"storagePrefix"` -} - -// GenericAPIServerConfig is an inline-able struct for aggregated apiservers that need to store data in etcd -type GenericAPIServerConfig struct { - // servingInfo describes how to start serving - ServingInfo HTTPServingInfo `json:"servingInfo"` - - // corsAllowedOrigins - CORSAllowedOrigins []string `json:"corsAllowedOrigins"` - - // auditConfig describes how to configure audit information - AuditConfig AuditConfig `json:"auditConfig"` - - // storageConfig contains information about how to use - StorageConfig EtcdStorageConfig `json:"storageConfig"` - - // admissionConfig holds information about how to configure admission. - AdmissionConfig AdmissionConfig `json:"admission"` - - KubeClientConfig KubeClientConfig `json:"kubeClientConfig"` -} - -type KubeClientConfig struct { - // kubeConfig is a .kubeconfig filename for going to the owning kube-apiserver. Empty uses an in-cluster-config - KubeConfig string `json:"kubeConfig"` - - // connectionOverrides specifies client overrides for system components to loop back to this master. - ConnectionOverrides ClientConnectionOverrides `json:"connectionOverrides"` -} - -type ClientConnectionOverrides struct { - // acceptContentTypes defines the Accept header sent by clients when connecting to a server, overriding the - // default value of 'application/json'. This field will control all connections to the server used by a particular - // client. - AcceptContentTypes string `json:"acceptContentTypes"` - // contentType is the content type used when sending data to the server from this client. - ContentType string `json:"contentType"` - - // qps controls the number of queries per second allowed for this connection. - QPS float32 `json:"qps"` - // burst allows extra queries to accumulate when a client is exceeding its rate. - Burst int32 `json:"burst"` -} - -// GenericControllerConfig provides information to configure a controller -type GenericControllerConfig struct { - // ServingInfo is the HTTP serving information for the controller's endpoints - ServingInfo HTTPServingInfo `json:"servingInfo"` - - // leaderElection provides information to elect a leader. Only override this if you have a specific need - LeaderElection LeaderElection `json:"leaderElection"` - - // authentication allows configuration of authentication for the endpoints - Authentication DelegatedAuthentication `json:"authentication"` - // authorization allows configuration of authentication for the endpoints - Authorization DelegatedAuthorization `json:"authorization"` -} - -// DelegatedAuthentication allows authentication to be disabled. -type DelegatedAuthentication struct { - // disabled indicates that authentication should be disabled. By default it will use delegated authentication. - Disabled bool `json:"disabled,omitempty"` -} - -// DelegatedAuthorization allows authorization to be disabled. -type DelegatedAuthorization struct { - // disabled indicates that authorization should be disabled. By default it will use delegated authorization. - Disabled bool `json:"disabled,omitempty"` -} |