1 files changed, 75 insertions, 0 deletions

diff --git a/vendor/github.com/openshift/api/config/v1/types_apiserver.go b/vendor/github.com/openshift/api/config/v1/types_apiserver.go
new file mode 100644
index 000000000..ea76aec02
--- /dev/null
+++ b/vendor/github.com/openshift/api/config/v1/types_apiserver.go
@@ -0,0 +1,75 @@
+package v1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// +genclient
+// +genclient:nonNamespaced
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// APIServer holds configuration (like serving certificates, client CA and CORS domains)
+// shared by all API servers in the system, among them especially kube-apiserver
+// and openshift-apiserver. The canonical name of an instance is 'cluster'.
+type APIServer struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+	// +kubebuilder:validation:Required
+	// +required
+	Spec APIServerSpec `json:"spec"`
+	// +optional
+	Status APIServerStatus `json:"status"`
+}
+
+type APIServerSpec struct {
+	// servingCert is the TLS cert info for serving secure traffic. If not specified, operator managed certificates
+	// will be used for serving secure traffic.
+	// +optional
+	ServingCerts APIServerServingCerts `json:"servingCerts"`
+	// clientCA references a ConfigMap containing a certificate bundle for the signers that will be recognized for
+	// incoming client certificates in addition to the operator managed signers. If this is empty, then only operator managed signers are valid.
+	// You usually only have to set this if you have your own PKI you wish to honor client certificates from.
+	// The ConfigMap must exist in the openshift-config namespace and contain the following required fields:
+	// - ConfigMap.Data["ca-bundle.crt"] - CA bundle.
+	// +optional
+	ClientCA ConfigMapNameReference `json:"clientCA"`
+	// additionalCORSAllowedOrigins lists additional, user-defined regular expressions describing hosts for which the
+	// API server allows access using the CORS headers. This may be needed to access the API and the integrated OAuth
+	// server from JavaScript applications.
+	// The values are regular expressions that correspond to the Golang regular expression language.
+	// +optional
+	AdditionalCORSAllowedOrigins []string `json:"additionalCORSAllowedOrigins,omitempty"`
+}
+
+type APIServerServingCerts struct {
+	// namedCertificates references secrets containing the TLS cert info for serving secure traffic to specific hostnames.
+	// If no named certificates are provided, or no named certificates match the server name as understood by a client,
+	// the defaultServingCertificate will be used.
+	// +optional
+	NamedCertificates []APIServerNamedServingCert `json:"namedCertificates,omitempty"`
+}
+
+// APIServerNamedServingCert maps a server DNS name, as understood by a client, to a certificate.
+type APIServerNamedServingCert struct {
+	// names is a optional list of explicit DNS names (leading wildcards allowed) that should use this certificate to
+	// serve secure traffic. If no names are provided, the implicit names will be extracted from the certificates.
+	// Exact names trump over wildcard names. Explicit names defined here trump over extracted implicit names.
+	// +optional
+	Names []string `json:"names,omitempty"`
+	// servingCertificate references a kubernetes.io/tls type secret containing the TLS cert info for serving secure traffic.
+	// The secret must exist in the openshift-config namespace and contain the following required fields:
+	// - Secret.Data["tls.key"] - TLS private key.
+	// - Secret.Data["tls.crt"] - TLS certificate.
+	ServingCertificate SecretNameReference `json:"servingCertificate"`
+}
+
+type APIServerStatus struct {
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+type APIServerList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata"`
+	Items           []APIServer `json:"items"`
+}