Skip to content

Commit

Permalink
fix: update Teleport CRDs (#423)
Browse files Browse the repository at this point in the history
  • Loading branch information
@xabufr
xabufr authored Nov 24, 2024
1 parent 8e21e04 commit 7f23c84
Show file tree
Hide file tree
Showing 14 changed files with 4,572 additions and 93 deletions.
272 changes: 272 additions & 0 deletions resources.teleport.dev/teleportaccesslist_v1.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,272 @@
{
"description": "AccessList is the Schema for the accesslists API",
"properties": {
"apiVersion": {
"description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
"type": "string"
},
"kind": {
"description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
"type": "string"
},
"metadata": {
"type": "object"
},
"spec": {
"description": "AccessList resource definition v1 from Teleport",
"properties": {
"audit": {
"description": "audit describes the frequency that this Access List must be audited.",
"nullable": true,
"properties": {
"next_audit_date": {
"description": "next_audit_date is when the next audit date should be done by.",
"format": "date-time",
"type": "string"
},
"notifications": {
"description": "notifications is the configuration for notifying users.",
"nullable": true,
"properties": {
"start": {
"description": "start specifies when to start notifying users that the next audit date is coming up.",
"format": "duration",
"type": "string"
}
},
"type": "object",
"additionalProperties": false
},
"recurrence": {
"description": "recurrence is the recurrence definition",
"nullable": true,
"properties": {
"day_of_month": {
"description": "day_of_month is the day of month that reviews will be scheduled on. Supported values are 0, 1, 15, and 31.",
"x-kubernetes-int-or-string": true
},
"frequency": {
"description": "frequency is the frequency of reviews. This represents the period in months between two reviews. Supported values are 0, 1, 3, 6, and 12.",
"x-kubernetes-int-or-string": true
}
},
"type": "object",
"additionalProperties": false
}
},
"type": "object",
"additionalProperties": false
},
"description": {
"description": "description is an optional plaintext description of the Access List.",
"type": "string"
},
"grants": {
"description": "grants describes the access granted by membership to this Access List.",
"nullable": true,
"properties": {
"roles": {
"description": "roles are the roles that are granted to users who are members of the Access List.",
"items": {
"type": "string"
},
"nullable": true,
"type": "array"
},
"traits": {
"additionalProperties": {
"items": {
"type": "string"
},
"type": "array"
},
"description": "traits are the traits that are granted to users who are members of the Access List.",
"type": "object"
}
},
"type": "object",
"additionalProperties": false
},
"membership_requires": {
"description": "membership_requires describes the requirements for a user to be a member of the Access List. For a membership to an Access List to be effective, the user must meet the requirements of Membership_requires and must be in the members list.",
"nullable": true,
"properties": {
"roles": {
"description": "roles are the user roles that must be present for the user to obtain access.",
"items": {
"type": "string"
},
"nullable": true,
"type": "array"
},
"traits": {
"additionalProperties": {
"items": {
"type": "string"
},
"type": "array"
},
"description": "traits are the traits that must be present for the user to obtain access.",
"type": "object"
}
},
"type": "object",
"additionalProperties": false
},
"owner_grants": {
"description": "owner_grants describes the access granted by owners to this Access List.",
"nullable": true,
"properties": {
"roles": {
"description": "roles are the roles that are granted to users who are members of the Access List.",
"items": {
"type": "string"
},
"nullable": true,
"type": "array"
},
"traits": {
"additionalProperties": {
"items": {
"type": "string"
},
"type": "array"
},
"description": "traits are the traits that are granted to users who are members of the Access List.",
"type": "object"
}
},
"type": "object",
"additionalProperties": false
},
"owners": {
"description": "owners is a list of owners of the Access List.",
"items": {
"properties": {
"description": {
"description": "description is the plaintext description of the owner and why they are an owner.",
"type": "string"
},
"ineligible_status": {
"description": "ineligible_status describes if this owner is eligible or not and if not, describes how they're lacking eligibility.",
"x-kubernetes-int-or-string": true
},
"membership_kind": {
"description": "membership_kind describes the type of membership, either `MEMBERSHIP_KIND_USER` or `MEMBERSHIP_KIND_LIST`.",
"x-kubernetes-int-or-string": true
},
"name": {
"description": "name is the username of the owner.",
"type": "string"
}
},
"type": "object",
"additionalProperties": false
},
"nullable": true,
"type": "array"
},
"ownership_requires": {
"description": "ownership_requires describes the requirements for a user to be an owner of the Access List. For ownership of an Access List to be effective, the user must meet the requirements of ownership_requires and must be in the owners list.",
"nullable": true,
"properties": {
"roles": {
"description": "roles are the user roles that must be present for the user to obtain access.",
"items": {
"type": "string"
},
"nullable": true,
"type": "array"
},
"traits": {
"additionalProperties": {
"items": {
"type": "string"
},
"type": "array"
},
"description": "traits are the traits that must be present for the user to obtain access.",
"type": "object"
}
},
"type": "object",
"additionalProperties": false
},
"title": {
"description": "title is a plaintext short description of the Access List.",
"type": "string"
}
},
"type": "object",
"additionalProperties": false
},
"status": {
"description": "Status defines the observed state of the Teleport resource",
"properties": {
"conditions": {
"description": "Conditions represent the latest available observations of an object's state",
"items": {
"description": "Condition contains details for one aspect of the current state of this API Resource.",
"properties": {
"lastTransitionTime": {
"description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.",
"format": "date-time",
"type": "string"
},
"message": {
"description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.",
"maxLength": 32768,
"type": "string"
},
"observedGeneration": {
"description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.",
"format": "int64",
"minimum": 0,
"type": "integer"
},
"reason": {
"description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.",
"maxLength": 1024,
"minLength": 1,
"pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$",
"type": "string"
},
"status": {
"description": "status of the condition, one of True, False, Unknown.",
"enum": [
"True",
"False",
"Unknown"
],
"type": "string"
},
"type": {
"description": "type of condition in CamelCase or in foo.example.com/CamelCase.",
"maxLength": 316,
"pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$",
"type": "string"
}
},
"required": [
"lastTransitionTime",
"message",
"reason",
"status",
"type"
],
"type": "object",
"additionalProperties": false
},
"type": "array"
},
"teleportResourceID": {
"format": "int64",
"type": "integer"
}
},
"type": "object",
"additionalProperties": false
}
},
"type": "object"
}
40 changes: 32 additions & 8 deletions resources.teleport.dev/teleportgithubconnector_v3.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,32 @@
"description": "ClientID is the Github OAuth app client ID.",
"type": "string"
},
"client_redirect_settings": {
"description": "ClientRedirectSettings defines which client redirect URLs are allowed for non-browser SSO logins other than the standard localhost ones.",
"nullable": true,
"properties": {
"allowed_https_hostnames": {
"description": "a list of hostnames allowed for https client redirect URLs",
"items": {
"type": "string"
},
"nullable": true,
"type": "array"
},
"insecure_allowed_cidr_ranges": {
"description": "a list of CIDRs allowed for HTTP or HTTPS client redirect URLs",
"items": {
"type": "string"
},
"nullable": true,
"type": "array"
}
},
"type": "object",
"additionalProperties": false
},
"client_secret": {
"description": "ClientSecret is the Github OAuth app client secret.",
"description": "ClientSecret is the Github OAuth app client secret. This field supports secret lookup. See the operator documentation for more details.",
"type": "string"
},
"display": {
Expand Down Expand Up @@ -70,31 +94,31 @@
"additionalProperties": false
},
"status": {
"description": "TeleportGithubConnectorStatus defines the observed state of TeleportGithubConnector",
"description": "Status defines the observed state of the Teleport resource",
"properties": {
"conditions": {
"description": "Conditions represent the latest available observations of an object's state",
"items": {
"description": "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }",
"description": "Condition contains details for one aspect of the current state of this API Resource.",
"properties": {
"lastTransitionTime": {
"description": "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.",
"description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.",
"format": "date-time",
"type": "string"
},
"message": {
"description": "message is a human readable message indicating details about the transition. This may be an empty string.",
"description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.",
"maxLength": 32768,
"type": "string"
},
"observedGeneration": {
"description": "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.",
"description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.",
"format": "int64",
"minimum": 0,
"type": "integer"
},
"reason": {
"description": "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.",
"description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.",
"maxLength": 1024,
"minLength": 1,
"pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$",
Expand All @@ -110,7 +134,7 @@
"type": "string"
},
"type": {
"description": "type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)",
"description": "type of condition in CamelCase or in foo.example.com/CamelCase.",
"maxLength": 316,
"pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$",
"type": "string"
Expand Down
Loading

0 comments on commit 7f23c84

Please sign in to comment.