diff --git a/apis/concierge/authentication/doc.go.tmpl b/apis/concierge/authentication/doc.go.tmpl new file mode 100644 index 000000000..78e81bd63 --- /dev/null +++ b/apis/concierge/authentication/doc.go.tmpl @@ -0,0 +1,8 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:deepcopy-gen=package +// +groupName=authentication.concierge.pinniped.dev + +// Package authentication is the internal version of the Pinniped concierge authentication API. +package authentication diff --git a/apis/idp/v1alpha1/conversion.go.tmpl b/apis/concierge/authentication/v1alpha1/conversion.go.tmpl similarity index 100% rename from apis/idp/v1alpha1/conversion.go.tmpl rename to apis/concierge/authentication/v1alpha1/conversion.go.tmpl diff --git a/apis/idp/v1alpha1/defaults.go.tmpl b/apis/concierge/authentication/v1alpha1/defaults.go.tmpl similarity index 100% rename from apis/idp/v1alpha1/defaults.go.tmpl rename to apis/concierge/authentication/v1alpha1/defaults.go.tmpl diff --git a/apis/concierge/authentication/v1alpha1/doc.go.tmpl b/apis/concierge/authentication/v1alpha1/doc.go.tmpl new file mode 100644 index 000000000..f1ad1a869 --- /dev/null +++ b/apis/concierge/authentication/v1alpha1/doc.go.tmpl @@ -0,0 +1,11 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:conversion-gen=go.pinniped.dev/GENERATED_PKG/apis/concierge/authentication +// +k8s:defaulter-gen=TypeMeta +// +groupName=authentication.concierge.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. +package v1alpha1 diff --git a/apis/idp/v1alpha1/register.go.tmpl b/apis/concierge/authentication/v1alpha1/register.go.tmpl similarity index 91% rename from apis/idp/v1alpha1/register.go.tmpl rename to apis/concierge/authentication/v1alpha1/register.go.tmpl index 494aef367..1a5163daa 100644 --- a/apis/idp/v1alpha1/register.go.tmpl +++ b/apis/concierge/authentication/v1alpha1/register.go.tmpl @@ -9,7 +9,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" ) -const GroupName = "idp.pinniped.dev" +const GroupName = "authentication.concierge.pinniped.dev" // SchemeGroupVersion is group version used to register these objects. var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} @@ -30,8 +30,8 @@ func init() { // Adds the list of known types to the given scheme. func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, - &WebhookIdentityProvider{}, - &WebhookIdentityProviderList{}, + &WebhookAuthenticator{}, + &WebhookAuthenticatorList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/apis/idp/v1alpha1/types_meta.go.tmpl b/apis/concierge/authentication/v1alpha1/types_meta.go.tmpl similarity index 100% rename from apis/idp/v1alpha1/types_meta.go.tmpl rename to apis/concierge/authentication/v1alpha1/types_meta.go.tmpl diff --git a/apis/idp/v1alpha1/types_tls.go.tmpl b/apis/concierge/authentication/v1alpha1/types_tls.go.tmpl similarity index 84% rename from apis/idp/v1alpha1/types_tls.go.tmpl rename to apis/concierge/authentication/v1alpha1/types_tls.go.tmpl index 2f2098c91..f882f2d6c 100644 --- a/apis/idp/v1alpha1/types_tls.go.tmpl +++ b/apis/concierge/authentication/v1alpha1/types_tls.go.tmpl @@ -3,7 +3,7 @@ package v1alpha1 -// Configuration for configuring TLS on various identity providers. +// Configuration for configuring TLS on various authenticators. type TLSSpec struct { // X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. // +optional diff --git a/apis/idp/v1alpha1/types_webhook.go.tmpl b/apis/concierge/authentication/v1alpha1/types_webhook.go.tmpl similarity index 55% rename from apis/idp/v1alpha1/types_webhook.go.tmpl rename to apis/concierge/authentication/v1alpha1/types_webhook.go.tmpl index 6e4763378..8124597ab 100644 --- a/apis/idp/v1alpha1/types_webhook.go.tmpl +++ b/apis/concierge/authentication/v1alpha1/types_webhook.go.tmpl @@ -5,9 +5,9 @@ package v1alpha1 import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -// Status of a webhook identity provider. -type WebhookIdentityProviderStatus struct { - // Represents the observations of an identity provider's current state. +// Status of a webhook authenticator. +type WebhookAuthenticatorStatus struct { + // Represents the observations of the authenticator's current state. // +patchMergeKey=type // +patchStrategy=merge // +listType=map @@ -15,8 +15,8 @@ type WebhookIdentityProviderStatus struct { Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } -// Spec for configuring a webhook identity provider. -type WebhookIdentityProviderSpec struct { +// Spec for configuring a webhook authenticator. +type WebhookAuthenticatorSpec struct { // Webhook server endpoint URL. // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:Pattern=`^https://` @@ -27,27 +27,27 @@ type WebhookIdentityProviderSpec struct { TLS *TLSSpec `json:"tls,omitempty"` } -// WebhookIdentityProvider describes the configuration of a Pinniped webhook identity provider. +// WebhookAuthenticator describes the configuration of a webhook authenticator. // +genclient // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=all;idp;idps,shortName=webhookidp;webhookidps +// +kubebuilder:resource:categories=all;authenticator;authenticators // +kubebuilder:printcolumn:name="Endpoint",type=string,JSONPath=`.spec.endpoint` -type WebhookIdentityProvider struct { +type WebhookAuthenticator struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // Spec for configuring the identity provider. - Spec WebhookIdentityProviderSpec `json:"spec"` + // Spec for configuring the authenticator. + Spec WebhookAuthenticatorSpec `json:"spec"` - // Status of the identity provider. - Status WebhookIdentityProviderStatus `json:"status,omitempty"` + // Status of the authenticator. + Status WebhookAuthenticatorStatus `json:"status,omitempty"` } -// List of WebhookIdentityProvider objects. +// List of WebhookAuthenticator objects. // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type WebhookIdentityProviderList struct { +type WebhookAuthenticatorList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` - Items []WebhookIdentityProvider `json:"items"` + Items []WebhookAuthenticator `json:"items"` } diff --git a/apis/concierge/login/types_token.go.tmpl b/apis/concierge/login/types_token.go.tmpl index 91d36cfbf..a0555f85d 100644 --- a/apis/concierge/login/types_token.go.tmpl +++ b/apis/concierge/login/types_token.go.tmpl @@ -12,8 +12,8 @@ type TokenCredentialRequestSpec struct { // Bearer token supplied with the credential request. Token string - // Reference to an identity provider which can fulfill this credential request. - IdentityProvider corev1.TypedLocalObjectReference + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference } type TokenCredentialRequestStatus struct { diff --git a/apis/concierge/login/v1alpha1/types_token.go.tmpl b/apis/concierge/login/v1alpha1/types_token.go.tmpl index 9fba33694..cb5965a23 100644 --- a/apis/concierge/login/v1alpha1/types_token.go.tmpl +++ b/apis/concierge/login/v1alpha1/types_token.go.tmpl @@ -13,8 +13,8 @@ type TokenCredentialRequestSpec struct { // Bearer token supplied with the credential request. Token string `json:"token,omitempty"` - // Reference to an identity provider which can fulfill this credential request. - IdentityProvider corev1.TypedLocalObjectReference `json:"identityProvider"` + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference `json:"authenticator"` } // TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API. diff --git a/apis/idp/doc.go.tmpl b/apis/idp/doc.go.tmpl deleted file mode 100644 index 17d329436..000000000 --- a/apis/idp/doc.go.tmpl +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=idp.pinniped.dev - -// Package idp is the internal version of the Pinniped identity provider API. -package idp diff --git a/apis/idp/v1alpha1/doc.go.tmpl b/apis/idp/v1alpha1/doc.go.tmpl deleted file mode 100644 index 1837041f6..000000000 --- a/apis/idp/v1alpha1/doc.go.tmpl +++ /dev/null @@ -1,12 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/GENERATED_PKG/apis/idp -// +k8s:defaulter-gen=TypeMeta -// +groupName=idp.pinniped.dev -// +groupGoName=IDP - -// Package v1alpha1 is the v1alpha1 version of the Pinniped identity provider API. -package v1alpha1 diff --git a/cmd/pinniped/cmd/exchange_credential.go b/cmd/pinniped/cmd/exchange_credential.go index 77679b8fb..20c1d5e03 100644 --- a/cmd/pinniped/cmd/exchange_credential.go +++ b/cmd/pinniped/cmd/exchange_credential.go @@ -16,7 +16,7 @@ import ( corev1 "k8s.io/api/core/v1" clientauthenticationv1beta1 "k8s.io/client-go/pkg/apis/clientauthentication/v1beta1" - idpv1alpha1 "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" + auth1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" "go.pinniped.dev/internal/client" "go.pinniped.dev/internal/constable" "go.pinniped.dev/internal/here" @@ -60,11 +60,11 @@ func newExchangeCredentialCmd(args []string, stdout, stderr io.Writer) *exchange Requires all of the following environment variables, which are typically set in the kubeconfig: - PINNIPED_TOKEN: the token to send to Pinniped for exchange - - PINNIPED_NAMESPACE: the namespace of the identity provider to authenticate + - PINNIPED_NAMESPACE: the namespace of the authenticator to authenticate against - - PINNIPED_IDP_TYPE: the type of identity provider to authenticate + - PINNIPED_AUTHENTICATOR_TYPE: the type of authenticator to authenticate against (e.g., "webhook") - - PINNIPED_IDP_NAME: the name of the identity provider to authenticate + - PINNIPED_AUTHENTICATOR_NAME: the name of the authenticator to authenticate against - PINNIPED_CA_BUNDLE: the CA bundle to trust when calling Pinniped's HTTPS endpoint @@ -87,15 +87,15 @@ type envGetter func(string) (string, bool) type tokenExchanger func( ctx context.Context, namespace string, - idp corev1.TypedLocalObjectReference, + authenticator corev1.TypedLocalObjectReference, token string, caBundle string, apiEndpoint string, ) (*clientauthenticationv1beta1.ExecCredential, error) const ( - ErrMissingEnvVar = constable.Error("failed to get credential: environment variable not set") - ErrInvalidIDPType = constable.Error("invalid IDP type") + ErrMissingEnvVar = constable.Error("failed to get credential: environment variable not set") + ErrInvalidAuthenticatorType = constable.Error("invalid authenticator type") ) func runExchangeCredential(stdout, _ io.Writer) { @@ -115,14 +115,14 @@ func exchangeCredential(envGetter envGetter, tokenExchanger tokenExchanger, outp return envVarNotSetError("PINNIPED_NAMESPACE") } - idpType, varExists := envGetter("PINNIPED_IDP_TYPE") + authenticatorType, varExists := envGetter("PINNIPED_AUTHENTICATOR_TYPE") if !varExists { - return envVarNotSetError("PINNIPED_IDP_TYPE") + return envVarNotSetError("PINNIPED_AUTHENTICATOR_TYPE") } - idpName, varExists := envGetter("PINNIPED_IDP_NAME") + authenticatorName, varExists := envGetter("PINNIPED_AUTHENTICATOR_NAME") if !varExists { - return envVarNotSetError("PINNIPED_IDP_NAME") + return envVarNotSetError("PINNIPED_AUTHENTICATOR_NAME") } token, varExists := envGetter("PINNIPED_TOKEN") @@ -140,16 +140,16 @@ func exchangeCredential(envGetter envGetter, tokenExchanger tokenExchanger, outp return envVarNotSetError("PINNIPED_K8S_API_ENDPOINT") } - idp := corev1.TypedLocalObjectReference{Name: idpName} - switch strings.ToLower(idpType) { + authenticator := corev1.TypedLocalObjectReference{Name: authenticatorName} + switch strings.ToLower(authenticatorType) { case "webhook": - idp.APIGroup = &idpv1alpha1.SchemeGroupVersion.Group - idp.Kind = "WebhookIdentityProvider" + authenticator.APIGroup = &auth1alpha1.SchemeGroupVersion.Group + authenticator.Kind = "WebhookAuthenticator" default: - return fmt.Errorf(`%w: %q, supported values are "webhook"`, ErrInvalidIDPType, idpType) + return fmt.Errorf(`%w: %q, supported values are "webhook"`, ErrInvalidAuthenticatorType, authenticatorType) } - cred, err := tokenExchanger(ctx, namespace, idp, token, caBundle, apiEndpoint) + cred, err := tokenExchanger(ctx, namespace, authenticator, token, caBundle, apiEndpoint) if err != nil { return fmt.Errorf("failed to get credential: %w", err) } diff --git a/cmd/pinniped/cmd/exchange_credential_test.go b/cmd/pinniped/cmd/exchange_credential_test.go index b074cfc07..9c9e1c3f6 100644 --- a/cmd/pinniped/cmd/exchange_credential_test.go +++ b/cmd/pinniped/cmd/exchange_credential_test.go @@ -43,11 +43,11 @@ var ( Requires all of the following environment variables, which are typically set in the kubeconfig: - PINNIPED_TOKEN: the token to send to Pinniped for exchange - - PINNIPED_NAMESPACE: the namespace of the identity provider to authenticate + - PINNIPED_NAMESPACE: the namespace of the authenticator to authenticate against - - PINNIPED_IDP_TYPE: the type of identity provider to authenticate + - PINNIPED_AUTHENTICATOR_TYPE: the type of authenticator to authenticate against (e.g., "webhook") - - PINNIPED_IDP_NAME: the name of the identity provider to authenticate + - PINNIPED_AUTHENTICATOR_NAME: the name of the authenticator to authenticate against - PINNIPED_CA_BUNDLE: the CA bundle to trust when calling Pinniped's HTTPS endpoint @@ -142,12 +142,12 @@ func TestExchangeCredential(t *testing.T) { r = require.New(t) buffer = new(bytes.Buffer) fakeEnv = map[string]string{ - "PINNIPED_NAMESPACE": "namespace from env", - "PINNIPED_IDP_TYPE": "Webhook", - "PINNIPED_IDP_NAME": "webhook name from env", - "PINNIPED_TOKEN": "token from env", - "PINNIPED_CA_BUNDLE": "ca bundle from env", - "PINNIPED_K8S_API_ENDPOINT": "k8s api from env", + "PINNIPED_NAMESPACE": "namespace from env", + "PINNIPED_AUTHENTICATOR_TYPE": "Webhook", + "PINNIPED_AUTHENTICATOR_NAME": "webhook name from env", + "PINNIPED_TOKEN": "token from env", + "PINNIPED_CA_BUNDLE": "ca bundle from env", + "PINNIPED_K8S_API_ENDPOINT": "k8s api from env", } }) @@ -158,16 +158,16 @@ func TestExchangeCredential(t *testing.T) { r.EqualError(err, "failed to get credential: environment variable not set: PINNIPED_NAMESPACE") }) - it("returns an error when PINNIPED_IDP_TYPE is missing", func() { - delete(fakeEnv, "PINNIPED_IDP_TYPE") + it("returns an error when PINNIPED_AUTHENTICATOR_TYPE is missing", func() { + delete(fakeEnv, "PINNIPED_AUTHENTICATOR_TYPE") err := exchangeCredential(envGetter, tokenExchanger, buffer, 30*time.Second) - r.EqualError(err, "failed to get credential: environment variable not set: PINNIPED_IDP_TYPE") + r.EqualError(err, "failed to get credential: environment variable not set: PINNIPED_AUTHENTICATOR_TYPE") }) - it("returns an error when PINNIPED_IDP_NAME is missing", func() { - delete(fakeEnv, "PINNIPED_IDP_NAME") + it("returns an error when PINNIPED_AUTHENTICATOR_NAME is missing", func() { + delete(fakeEnv, "PINNIPED_AUTHENTICATOR_NAME") err := exchangeCredential(envGetter, tokenExchanger, buffer, 30*time.Second) - r.EqualError(err, "failed to get credential: environment variable not set: PINNIPED_IDP_NAME") + r.EqualError(err, "failed to get credential: environment variable not set: PINNIPED_AUTHENTICATOR_NAME") }) it("returns an error when PINNIPED_TOKEN is missing", func() { @@ -190,16 +190,16 @@ func TestExchangeCredential(t *testing.T) { }) when("env vars are invalid", func() { - it("returns an error when PINNIPED_IDP_TYPE is missing", func() { - fakeEnv["PINNIPED_IDP_TYPE"] = "invalid" + it("returns an error when PINNIPED_AUTHENTICATOR_TYPE is missing", func() { + fakeEnv["PINNIPED_AUTHENTICATOR_TYPE"] = "invalid" err := exchangeCredential(envGetter, tokenExchanger, buffer, 30*time.Second) - r.EqualError(err, `invalid IDP type: "invalid", supported values are "webhook"`) + r.EqualError(err, `invalid authenticator type: "invalid", supported values are "webhook"`) }) }) when("the token exchange fails", func() { it.Before(func() { - tokenExchanger = func(ctx context.Context, namespace string, idp corev1.TypedLocalObjectReference, token, caBundle, apiEndpoint string) (*clientauthenticationv1beta1.ExecCredential, error) { + tokenExchanger = func(ctx context.Context, namespace string, authenticator corev1.TypedLocalObjectReference, token, caBundle, apiEndpoint string) (*clientauthenticationv1beta1.ExecCredential, error) { return nil, fmt.Errorf("some error") } }) @@ -212,7 +212,7 @@ func TestExchangeCredential(t *testing.T) { when("the JSON encoder fails", func() { it.Before(func() { - tokenExchanger = func(ctx context.Context, namespace string, idp corev1.TypedLocalObjectReference, token, caBundle, apiEndpoint string) (*clientauthenticationv1beta1.ExecCredential, error) { + tokenExchanger = func(ctx context.Context, namespace string, authenticator corev1.TypedLocalObjectReference, token, caBundle, apiEndpoint string) (*clientauthenticationv1beta1.ExecCredential, error) { return &clientauthenticationv1beta1.ExecCredential{ Status: &clientauthenticationv1beta1.ExecCredentialStatus{ Token: "some token", @@ -229,7 +229,7 @@ func TestExchangeCredential(t *testing.T) { when("the token exchange times out", func() { it.Before(func() { - tokenExchanger = func(ctx context.Context, namespace string, idp corev1.TypedLocalObjectReference, token, caBundle, apiEndpoint string) (*clientauthenticationv1beta1.ExecCredential, error) { + tokenExchanger = func(ctx context.Context, namespace string, authenticator corev1.TypedLocalObjectReference, token, caBundle, apiEndpoint string) (*clientauthenticationv1beta1.ExecCredential, error) { select { case <-time.After(100 * time.Millisecond): return &clientauthenticationv1beta1.ExecCredential{ @@ -253,7 +253,7 @@ func TestExchangeCredential(t *testing.T) { var actualNamespace, actualToken, actualCaBundle, actualAPIEndpoint string it.Before(func() { - tokenExchanger = func(ctx context.Context, namespace string, idp corev1.TypedLocalObjectReference, token, caBundle, apiEndpoint string) (*clientauthenticationv1beta1.ExecCredential, error) { + tokenExchanger = func(ctx context.Context, namespace string, authenticator corev1.TypedLocalObjectReference, token, caBundle, apiEndpoint string) (*clientauthenticationv1beta1.ExecCredential, error) { actualNamespace, actualToken, actualCaBundle, actualAPIEndpoint = namespace, token, caBundle, apiEndpoint now := metav1.NewTime(time.Date(2020, 7, 29, 1, 2, 3, 0, time.UTC)) return &clientauthenticationv1beta1.ExecCredential{ diff --git a/cmd/pinniped/cmd/get_kubeconfig.go b/cmd/pinniped/cmd/get_kubeconfig.go index 8ed99b0d3..ad5f9f131 100644 --- a/cmd/pinniped/cmd/get_kubeconfig.go +++ b/cmd/pinniped/cmd/get_kubeconfig.go @@ -33,12 +33,12 @@ func init() { } type getKubeConfigFlags struct { - token string - kubeconfig string - contextOverride string - namespace string - idpName string - idpType string + token string + kubeconfig string + contextOverride string + namespace string + authenticatorName string + authenticatorType string } type getKubeConfigCommand struct { @@ -88,8 +88,8 @@ func (c *getKubeConfigCommand) Command() *cobra.Command { cmd.Flags().StringVar(&c.flags.kubeconfig, "kubeconfig", c.flags.kubeconfig, "Path to the kubeconfig file") cmd.Flags().StringVar(&c.flags.contextOverride, "kubeconfig-context", c.flags.contextOverride, "Kubeconfig context override") cmd.Flags().StringVar(&c.flags.namespace, "pinniped-namespace", c.flags.namespace, "Namespace in which Pinniped was installed") - cmd.Flags().StringVar(&c.flags.idpType, "idp-type", c.flags.idpType, "Identity provider type (e.g., 'webhook')") - cmd.Flags().StringVar(&c.flags.idpName, "idp-name", c.flags.idpType, "Identity provider name") + cmd.Flags().StringVar(&c.flags.authenticatorType, "authenticator-type", c.flags.authenticatorType, "Authenticator type (e.g., 'webhook')") + cmd.Flags().StringVar(&c.flags.authenticatorName, "authenticator-name", c.flags.authenticatorType, "Authenticator name") mustMarkRequired(cmd, "token") return cmd } @@ -116,9 +116,9 @@ func (c *getKubeConfigCommand) run(cmd *cobra.Command, args []string) error { return err } - idpType, idpName := c.flags.idpType, c.flags.idpName - if idpType == "" || idpName == "" { - idpType, idpName, err = getDefaultIDP(clientset, c.flags.namespace) + authenticatorType, authenticatorName := c.flags.authenticatorType, c.flags.authenticatorName + if authenticatorType == "" || authenticatorName == "" { + authenticatorType, authenticatorName, err = getDefaultAuthenticator(clientset, c.flags.namespace) if err != nil { return err } @@ -143,7 +143,7 @@ func (c *getKubeConfigCommand) run(cmd *cobra.Command, args []string) error { return err } - config := newPinnipedKubeconfig(v1Cluster, fullPathToSelf, c.flags.token, c.flags.namespace, idpType, idpName) + config := newPinnipedKubeconfig(v1Cluster, fullPathToSelf, c.flags.token, c.flags.namespace, authenticatorType, authenticatorName) err = writeConfigAsYAML(cmd.OutOrStdout(), config) if err != nil { @@ -168,43 +168,43 @@ func issueWarningForNonMatchingServerOrCA(v1Cluster v1.Cluster, credentialIssuer return nil } -type noIDPError struct{ Namespace string } +type noAuthenticatorError struct{ Namespace string } -func (e noIDPError) Error() string { - return fmt.Sprintf(`no identity providers were found in namespace %q`, e.Namespace) +func (e noAuthenticatorError) Error() string { + return fmt.Sprintf(`no authenticators were found in namespace %q`, e.Namespace) } -type indeterminateIDPError struct{ Namespace string } +type indeterminateAuthenticatorError struct{ Namespace string } -func (e indeterminateIDPError) Error() string { +func (e indeterminateAuthenticatorError) Error() string { return fmt.Sprintf( - `multiple identity providers were found in namespace %q, so --pinniped-idp-name/--pinniped-idp-type must be specified`, + `multiple authenticators were found in namespace %q, so --authenticator-name/--authenticator-type must be specified`, e.Namespace, ) } -func getDefaultIDP(clientset pinnipedclientset.Interface, namespace string) (string, string, error) { +func getDefaultAuthenticator(clientset pinnipedclientset.Interface, namespace string) (string, string, error) { ctx, cancelFunc := context.WithTimeout(context.Background(), time.Second*20) defer cancelFunc() - webhooks, err := clientset.IDPV1alpha1().WebhookIdentityProviders(namespace).List(ctx, metav1.ListOptions{}) + webhooks, err := clientset.AuthenticationV1alpha1().WebhookAuthenticators(namespace).List(ctx, metav1.ListOptions{}) if err != nil { return "", "", err } - type ref struct{ idpType, idpName string } - idps := make([]ref, 0, len(webhooks.Items)) + type ref struct{ authenticatorType, authenticatorName string } + authenticators := make([]ref, 0, len(webhooks.Items)) for _, webhook := range webhooks.Items { - idps = append(idps, ref{idpType: "webhook", idpName: webhook.Name}) + authenticators = append(authenticators, ref{authenticatorType: "webhook", authenticatorName: webhook.Name}) } - if len(idps) == 0 { - return "", "", noIDPError{namespace} + if len(authenticators) == 0 { + return "", "", noAuthenticatorError{namespace} } - if len(idps) > 1 { - return "", "", indeterminateIDPError{namespace} + if len(authenticators) > 1 { + return "", "", indeterminateAuthenticatorError{namespace} } - return idps[0].idpType, idps[0].idpName, nil + return authenticators[0].authenticatorType, authenticators[0].authenticatorName, nil } func fetchPinnipedCredentialIssuerConfig(clientset pinnipedclientset.Interface, pinnipedInstallationNamespace string) (*configv1alpha1.CredentialIssuerConfig, error) { @@ -277,7 +277,7 @@ func copyCurrentClusterFromExistingKubeConfig(currentKubeConfig clientcmdapi.Con return v1Cluster, nil } -func newPinnipedKubeconfig(v1Cluster v1.Cluster, fullPathToSelf string, token string, namespace string, idpType string, idpName string) v1.Config { +func newPinnipedKubeconfig(v1Cluster v1.Cluster, fullPathToSelf string, token string, namespace string, authenticatorType string, authenticatorName string) v1.Config { clusterName := "pinniped-cluster" userName := "pinniped-user" @@ -324,12 +324,12 @@ func newPinnipedKubeconfig(v1Cluster v1.Cluster, fullPathToSelf string, token st Value: token, }, { - Name: "PINNIPED_IDP_TYPE", - Value: idpType, + Name: "PINNIPED_AUTHENTICATOR_TYPE", + Value: authenticatorType, }, { - Name: "PINNIPED_IDP_NAME", - Value: idpName, + Name: "PINNIPED_AUTHENTICATOR_NAME", + Value: authenticatorName, }, }, APIVersion: clientauthenticationv1beta1.SchemeGroupVersion.String(), diff --git a/cmd/pinniped/cmd/get_kubeconfig_test.go b/cmd/pinniped/cmd/get_kubeconfig_test.go index 7834e1b44..6bdd262f6 100644 --- a/cmd/pinniped/cmd/get_kubeconfig_test.go +++ b/cmd/pinniped/cmd/get_kubeconfig_test.go @@ -17,8 +17,8 @@ import ( "k8s.io/client-go/rest" coretesting "k8s.io/client-go/testing" + authv1alpha "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" configv1alpha1 "go.pinniped.dev/generated/1.19/apis/config/v1alpha1" - idpv1alpha "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" pinnipedclientset "go.pinniped.dev/generated/1.19/client/clientset/versioned" pinnipedfake "go.pinniped.dev/generated/1.19/client/clientset/versioned/fake" "go.pinniped.dev/internal/here" @@ -30,9 +30,9 @@ var ( get-kubeconfig [flags] Flags: + --authenticator-name string Authenticator name + --authenticator-type string Authenticator type (e.g., 'webhook') -h, --help help for get-kubeconfig - --idp-name string Identity provider name - --idp-type string Identity provider type (e.g., 'webhook') --kubeconfig string Path to the kubeconfig file --kubeconfig-context string Kubeconfig context override --pinniped-namespace string Namespace in which Pinniped was installed (default "pinniped") @@ -61,9 +61,9 @@ var ( get-kubeconfig [flags] Flags: + --authenticator-name string Authenticator name + --authenticator-type string Authenticator type (e.g., 'webhook') -h, --help help for get-kubeconfig - --idp-name string Identity provider name - --idp-type string Identity provider type (e.g., 'webhook') --kubeconfig string Path to the kubeconfig file --kubeconfig-context string Kubeconfig context override --pinniped-namespace string Namespace in which Pinniped was installed (default "pinniped") @@ -116,15 +116,15 @@ func TestNewGetKubeConfigCmd(t *testing.T) { } type expectedKubeconfigYAML struct { - clusterCAData string - clusterServer string - command string - token string - pinnipedEndpoint string - pinnipedCABundle string - namespace string - idpType string - idpName string + clusterCAData string + clusterServer string + command string + token string + pinnipedEndpoint string + pinnipedCABundle string + namespace string + authenticatorType string + authenticatorName string } func (e expectedKubeconfigYAML) String() string { @@ -160,14 +160,14 @@ func (e expectedKubeconfigYAML) String() string { value: %s - name: PINNIPED_TOKEN value: %s - - name: PINNIPED_IDP_TYPE + - name: PINNIPED_AUTHENTICATOR_TYPE value: %s - - name: PINNIPED_IDP_NAME + - name: PINNIPED_AUTHENTICATOR_NAME value: %s installHint: |- The Pinniped CLI is required to authenticate to the current cluster. For more information, please visit https://pinniped.dev - `, e.clusterCAData, e.clusterServer, e.command, e.pinnipedEndpoint, e.pinnipedCABundle, e.namespace, e.token, e.idpType, e.idpName) + `, e.clusterCAData, e.clusterServer, e.command, e.pinnipedEndpoint, e.pinnipedCABundle, e.namespace, e.token, e.authenticatorType, e.authenticatorName) } func newCredentialIssuerConfig(name, namespace, server, certificateAuthorityData string) *configv1alpha1.CredentialIssuerConfig { @@ -224,44 +224,44 @@ func TestRun(t *testing.T) { wantError: "some error configuring clientset", }, { - name: "fail to get IDPs", + name: "fail to get authenticators", mocks: func(cmd *getKubeConfigCommand) { - cmd.flags.idpName = "" - cmd.flags.idpType = "" + cmd.flags.authenticatorName = "" + cmd.flags.authenticatorType = "" clientset := pinnipedfake.NewSimpleClientset() clientset.PrependReactor("*", "*", func(_ coretesting.Action) (bool, runtime.Object, error) { - return true, nil, fmt.Errorf("some error getting IDPs") + return true, nil, fmt.Errorf("some error getting authenticators") }) cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) { return clientset, nil } }, - wantError: "some error getting IDPs", + wantError: "some error getting authenticators", }, { - name: "zero IDPs", + name: "zero authenticators", mocks: func(cmd *getKubeConfigCommand) { - cmd.flags.idpName = "" - cmd.flags.idpType = "" + cmd.flags.authenticatorName = "" + cmd.flags.authenticatorType = "" cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) { return pinnipedfake.NewSimpleClientset(), nil } }, - wantError: `no identity providers were found in namespace "test-namespace"`, + wantError: `no authenticators were found in namespace "test-namespace"`, }, { - name: "multiple IDPs", + name: "multiple authenticators", mocks: func(cmd *getKubeConfigCommand) { - cmd.flags.idpName = "" - cmd.flags.idpType = "" + cmd.flags.authenticatorName = "" + cmd.flags.authenticatorType = "" cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) { return pinnipedfake.NewSimpleClientset( - &idpv1alpha.WebhookIdentityProvider{ObjectMeta: metav1.ObjectMeta{Namespace: "test-namespace", Name: "webhook-one"}}, - &idpv1alpha.WebhookIdentityProvider{ObjectMeta: metav1.ObjectMeta{Namespace: "test-namespace", Name: "webhook-two"}}, + &authv1alpha.WebhookAuthenticator{ObjectMeta: metav1.ObjectMeta{Namespace: "test-namespace", Name: "webhook-one"}}, + &authv1alpha.WebhookAuthenticator{ObjectMeta: metav1.ObjectMeta{Namespace: "test-namespace", Name: "webhook-two"}}, ), nil } }, - wantError: `multiple identity providers were found in namespace "test-namespace", so --pinniped-idp-name/--pinniped-idp-type must be specified`, + wantError: `multiple authenticators were found in namespace "test-namespace", so --authenticator-name/--authenticator-type must be specified`, }, { name: "fail to get CredentialIssuerConfigs", @@ -330,41 +330,41 @@ func TestRun(t *testing.T) { } }, wantStdout: expectedKubeconfigYAML{ - clusterCAData: "ZmFrZS1jZXJ0aWZpY2F0ZS1hdXRob3JpdHktZGF0YS12YWx1ZQ==", - clusterServer: "https://fake-server-url-value", - command: "/path/to/pinniped", - token: "test-token", - pinnipedEndpoint: "https://fake-server-url-value", - pinnipedCABundle: "fake-certificate-authority-data-value", - namespace: "test-namespace", - idpType: "test-idp-type", - idpName: "test-idp-name", + clusterCAData: "ZmFrZS1jZXJ0aWZpY2F0ZS1hdXRob3JpdHktZGF0YS12YWx1ZQ==", + clusterServer: "https://fake-server-url-value", + command: "/path/to/pinniped", + token: "test-token", + pinnipedEndpoint: "https://fake-server-url-value", + pinnipedCABundle: "fake-certificate-authority-data-value", + namespace: "test-namespace", + authenticatorType: "test-authenticator-type", + authenticatorName: "test-authenticator-name", }.String(), }, { - name: "success using local CA data and discovered IDP", + name: "success using local CA data and discovered authenticator", mocks: func(cmd *getKubeConfigCommand) { - cmd.flags.idpName = "" - cmd.flags.idpType = "" + cmd.flags.authenticatorName = "" + cmd.flags.authenticatorType = "" cmd.kubeClientCreator = func(_ *rest.Config) (pinnipedclientset.Interface, error) { return pinnipedfake.NewSimpleClientset( - &idpv1alpha.WebhookIdentityProvider{ObjectMeta: metav1.ObjectMeta{Namespace: "test-namespace", Name: "discovered-idp"}}, + &authv1alpha.WebhookAuthenticator{ObjectMeta: metav1.ObjectMeta{Namespace: "test-namespace", Name: "discovered-authenticator"}}, newCredentialIssuerConfig("pinniped-config", "test-namespace", "https://example.com", "test-ca"), ), nil } }, wantStderr: `WARNING: Server and certificate authority did not match between local kubeconfig and Pinniped's CredentialIssuerConfig on the cluster. Using local kubeconfig values.`, wantStdout: expectedKubeconfigYAML{ - clusterCAData: "ZmFrZS1jZXJ0aWZpY2F0ZS1hdXRob3JpdHktZGF0YS12YWx1ZQ==", - clusterServer: "https://fake-server-url-value", - command: "/path/to/pinniped", - token: "test-token", - pinnipedEndpoint: "https://fake-server-url-value", - pinnipedCABundle: "fake-certificate-authority-data-value", - namespace: "test-namespace", - idpType: "webhook", - idpName: "discovered-idp", + clusterCAData: "ZmFrZS1jZXJ0aWZpY2F0ZS1hdXRob3JpdHktZGF0YS12YWx1ZQ==", + clusterServer: "https://fake-server-url-value", + command: "/path/to/pinniped", + token: "test-token", + pinnipedEndpoint: "https://fake-server-url-value", + pinnipedCABundle: "fake-certificate-authority-data-value", + namespace: "test-namespace", + authenticatorType: "webhook", + authenticatorName: "discovered-authenticator", }.String(), }, } @@ -377,8 +377,8 @@ func TestRun(t *testing.T) { c := newGetKubeConfigCommand() c.flags.token = "test-token" c.flags.namespace = "test-namespace" - c.flags.idpName = "test-idp-name" - c.flags.idpType = "test-idp-type" + c.flags.authenticatorName = "test-authenticator-name" + c.flags.authenticatorType = "test-authenticator-type" c.getPathToSelf = func() (string, error) { return "/path/to/pinniped", nil } c.flags.kubeconfig = "./testdata/kubeconfig.yaml" tt.mocks(c) diff --git a/generated/1.17/crds/idp.pinniped.dev_webhookidentityproviders.yaml b/deploy/concierge/authentication.concierge.pinniped.dev_webhookauthenticators.yaml similarity index 89% rename from generated/1.17/crds/idp.pinniped.dev_webhookidentityproviders.yaml rename to deploy/concierge/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index 213b7ad20..9ae6152e1 100644 --- a/generated/1.17/crds/idp.pinniped.dev_webhookidentityproviders.yaml +++ b/deploy/concierge/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -6,21 +6,18 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.4.0 creationTimestamp: null - name: webhookidentityproviders.idp.pinniped.dev + name: webhookauthenticators.authentication.concierge.pinniped.dev spec: - group: idp.pinniped.dev + group: authentication.concierge.pinniped.dev names: categories: - all - - idp - - idps - kind: WebhookIdentityProvider - listKind: WebhookIdentityProviderList - plural: webhookidentityproviders - shortNames: - - webhookidp - - webhookidps - singular: webhookidentityprovider + - authenticator + - authenticators + kind: WebhookAuthenticator + listKind: WebhookAuthenticatorList + plural: webhookauthenticators + singular: webhookauthenticator scope: Namespaced versions: - additionalPrinterColumns: @@ -30,8 +27,8 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: WebhookIdentityProvider describes the configuration of a Pinniped - webhook identity provider. + description: WebhookAuthenticator describes the configuration of a webhook + authenticator. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -46,7 +43,7 @@ spec: metadata: type: object spec: - description: Spec for configuring the identity provider. + description: Spec for configuring the authenticator. properties: endpoint: description: Webhook server endpoint URL. @@ -65,11 +62,11 @@ spec: - endpoint type: object status: - description: Status of the identity provider. + description: Status of the authenticator. properties: conditions: - description: Represents the observations of an identity provider's - current state. + description: Represents the observations of the authenticator's current + state. items: description: Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can diff --git a/deploy/concierge/rbac.yaml b/deploy/concierge/rbac.yaml index 149ca4b33..714944be6 100644 --- a/deploy/concierge/rbac.yaml +++ b/deploy/concierge/rbac.yaml @@ -59,7 +59,7 @@ rules: - apiGroups: [ "" ] resources: [ pods/exec ] verbs: [ create ] - - apiGroups: [ config.pinniped.dev, idp.pinniped.dev ] + - apiGroups: [ config.pinniped.dev, authentication.concierge.pinniped.dev ] resources: [ "*" ] verbs: [ create, get, list, update, watch ] --- diff --git a/deploy/concierge/z0_crd_overlay.yaml b/deploy/concierge/z0_crd_overlay.yaml index dfece13bb..c5050f04d 100644 --- a/deploy/concierge/z0_crd_overlay.yaml +++ b/deploy/concierge/z0_crd_overlay.yaml @@ -10,7 +10,7 @@ metadata: #@overlay/match missing_ok=True labels: #@ labels() -#@overlay/match by=overlay.subset({"kind": "CustomResourceDefinition", "metadata":{"name":"webhookidentityproviders.idp.pinniped.dev"}}), expects=1 +#@overlay/match by=overlay.subset({"kind": "CustomResourceDefinition", "metadata":{"name":"webhookauthenticators.authentication.concierge.pinniped.dev"}}), expects=1 --- metadata: #@overlay/match missing_ok=True diff --git a/doc/demo.md b/doc/demo.md index 6318988cd..1da8e392b 100644 --- a/doc/demo.md +++ b/doc/demo.md @@ -118,12 +118,12 @@ as the identity provider. If you would prefer to customize the available options, please see [deploy/concierge/README.md](../deploy/concierge/README.md) for instructions on how to deploy using `ytt`. -1. Create a `WebhookIdentityProvider` object to configure Pinniped to authenticate using local-user-authenticator. +1. Create a `WebhookAuthenticator` object to configure Pinniped to authenticate using local-user-authenticator. ```bash cat < /tmp/pinniped-kubeconfig + pinniped get-kubeconfig --token "pinny-the-seal:password123" --authenticator-type webhook --authenticator-name local-user-authenticator > /tmp/pinniped-kubeconfig ``` If you are using MacOS, you may get an error dialog that says diff --git a/generated/1.17/README.adoc b/generated/1.17/README.adoc index baf568de7..23b14014b 100644 --- a/generated/1.17/README.adoc +++ b/generated/1.17/README.adoc @@ -5,11 +5,115 @@ == API Reference .Packages +- xref:{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1[$$authentication.concierge.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-config-pinniped-dev-v1alpha1[$$config.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-idp-pinniped-dev-v1alpha1[$$idp.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1[$$login.concierge.pinniped.dev/v1alpha1$$] +[id="{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1"] +=== authentication.concierge.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-authentication-v1alpha1-condition"] +==== Condition + +Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) +| *`status`* __ConditionStatus__ | status of the condition, one of True, False, Unknown. +| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. +| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. +| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. +| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-authentication-v1alpha1-tlsspec"] +==== TLSSpec + +Configuration for configuring TLS on various authenticators. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-authentication-v1alpha1-webhookauthenticator"] +==== WebhookAuthenticator + +WebhookAuthenticator describes the configuration of a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] +==== WebhookAuthenticatorSpec + +Spec for configuring a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`endpoint`* __string__ | Webhook server endpoint URL. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] +==== WebhookAuthenticatorStatus + +Status of a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-concierge-authentication-v1alpha1-condition[$$Condition$$]__ | Represents the observations of the authenticator's current state. +|=== + + + [id="{anchor_prefix}-config-pinniped-dev-v1alpha1"] === config.pinniped.dev/v1alpha1 @@ -161,110 +265,6 @@ OIDCProviderConfigStatus is a struct that describes the actual state of an OIDC -[id="{anchor_prefix}-idp-pinniped-dev-v1alpha1"] -=== idp.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped identity provider API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-idp-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-idp-v1alpha1-webhookidentityproviderstatus[$$WebhookIdentityProviderStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __ConditionStatus__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-idp-v1alpha1-tlsspec"] -==== TLSSpec - -Configuration for configuring TLS on various identity providers. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-idp-v1alpha1-webhookidentityproviderspec[$$WebhookIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-idp-v1alpha1-webhookidentityprovider"] -==== WebhookIdentityProvider - -WebhookIdentityProvider describes the configuration of a Pinniped webhook identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-idp-v1alpha1-webhookidentityproviderlist[$$WebhookIdentityProviderList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-idp-v1alpha1-webhookidentityproviderspec[$$WebhookIdentityProviderSpec$$]__ | Spec for configuring the identity provider. -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-idp-v1alpha1-webhookidentityproviderstatus[$$WebhookIdentityProviderStatus$$]__ | Status of the identity provider. -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-idp-v1alpha1-webhookidentityproviderspec"] -==== WebhookIdentityProviderSpec - -Spec for configuring a webhook identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-idp-v1alpha1-webhookidentityprovider[$$WebhookIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`endpoint`* __string__ | Webhook server endpoint URL. -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-idp-v1alpha1-webhookidentityproviderstatus"] -==== WebhookIdentityProviderStatus - -Status of a webhook identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-idp-v1alpha1-webhookidentityprovider[$$WebhookIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-idp-v1alpha1-condition[$$Condition$$]__ | Represents the observations of an identity provider's current state. -|=== - - - [id="{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1"] === login.concierge.pinniped.dev/v1alpha1 @@ -328,7 +328,7 @@ TokenCredentialRequestSpec is the specification of a TokenCredentialRequest, exp |=== | Field | Description | *`token`* __string__ | Bearer token supplied with the credential request. -| *`identityProvider`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an identity provider which can fulfill this credential request. +| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. |=== diff --git a/generated/1.17/apis/concierge/authentication/doc.go b/generated/1.17/apis/concierge/authentication/doc.go new file mode 100644 index 000000000..78e81bd63 --- /dev/null +++ b/generated/1.17/apis/concierge/authentication/doc.go @@ -0,0 +1,8 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:deepcopy-gen=package +// +groupName=authentication.concierge.pinniped.dev + +// Package authentication is the internal version of the Pinniped concierge authentication API. +package authentication diff --git a/generated/1.17/apis/idp/v1alpha1/conversion.go b/generated/1.17/apis/concierge/authentication/v1alpha1/conversion.go similarity index 100% rename from generated/1.17/apis/idp/v1alpha1/conversion.go rename to generated/1.17/apis/concierge/authentication/v1alpha1/conversion.go diff --git a/generated/1.17/apis/idp/v1alpha1/defaults.go b/generated/1.17/apis/concierge/authentication/v1alpha1/defaults.go similarity index 100% rename from generated/1.17/apis/idp/v1alpha1/defaults.go rename to generated/1.17/apis/concierge/authentication/v1alpha1/defaults.go diff --git a/generated/1.17/apis/concierge/authentication/v1alpha1/doc.go b/generated/1.17/apis/concierge/authentication/v1alpha1/doc.go new file mode 100644 index 000000000..52b71edd0 --- /dev/null +++ b/generated/1.17/apis/concierge/authentication/v1alpha1/doc.go @@ -0,0 +1,11 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:conversion-gen=go.pinniped.dev/generated/1.17/apis/concierge/authentication +// +k8s:defaulter-gen=TypeMeta +// +groupName=authentication.concierge.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. +package v1alpha1 diff --git a/generated/1.17/apis/idp/v1alpha1/register.go b/generated/1.17/apis/concierge/authentication/v1alpha1/register.go similarity index 91% rename from generated/1.17/apis/idp/v1alpha1/register.go rename to generated/1.17/apis/concierge/authentication/v1alpha1/register.go index 494aef367..1a5163daa 100644 --- a/generated/1.17/apis/idp/v1alpha1/register.go +++ b/generated/1.17/apis/concierge/authentication/v1alpha1/register.go @@ -9,7 +9,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" ) -const GroupName = "idp.pinniped.dev" +const GroupName = "authentication.concierge.pinniped.dev" // SchemeGroupVersion is group version used to register these objects. var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} @@ -30,8 +30,8 @@ func init() { // Adds the list of known types to the given scheme. func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, - &WebhookIdentityProvider{}, - &WebhookIdentityProviderList{}, + &WebhookAuthenticator{}, + &WebhookAuthenticatorList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.17/apis/idp/v1alpha1/types_meta.go b/generated/1.17/apis/concierge/authentication/v1alpha1/types_meta.go similarity index 100% rename from generated/1.17/apis/idp/v1alpha1/types_meta.go rename to generated/1.17/apis/concierge/authentication/v1alpha1/types_meta.go diff --git a/generated/1.17/apis/idp/v1alpha1/types_tls.go b/generated/1.17/apis/concierge/authentication/v1alpha1/types_tls.go similarity index 84% rename from generated/1.17/apis/idp/v1alpha1/types_tls.go rename to generated/1.17/apis/concierge/authentication/v1alpha1/types_tls.go index 2f2098c91..f882f2d6c 100644 --- a/generated/1.17/apis/idp/v1alpha1/types_tls.go +++ b/generated/1.17/apis/concierge/authentication/v1alpha1/types_tls.go @@ -3,7 +3,7 @@ package v1alpha1 -// Configuration for configuring TLS on various identity providers. +// Configuration for configuring TLS on various authenticators. type TLSSpec struct { // X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. // +optional diff --git a/generated/1.18/apis/idp/v1alpha1/types_webhook.go b/generated/1.17/apis/concierge/authentication/v1alpha1/types_webhook.go similarity index 55% rename from generated/1.18/apis/idp/v1alpha1/types_webhook.go rename to generated/1.17/apis/concierge/authentication/v1alpha1/types_webhook.go index 6e4763378..8124597ab 100644 --- a/generated/1.18/apis/idp/v1alpha1/types_webhook.go +++ b/generated/1.17/apis/concierge/authentication/v1alpha1/types_webhook.go @@ -5,9 +5,9 @@ package v1alpha1 import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -// Status of a webhook identity provider. -type WebhookIdentityProviderStatus struct { - // Represents the observations of an identity provider's current state. +// Status of a webhook authenticator. +type WebhookAuthenticatorStatus struct { + // Represents the observations of the authenticator's current state. // +patchMergeKey=type // +patchStrategy=merge // +listType=map @@ -15,8 +15,8 @@ type WebhookIdentityProviderStatus struct { Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } -// Spec for configuring a webhook identity provider. -type WebhookIdentityProviderSpec struct { +// Spec for configuring a webhook authenticator. +type WebhookAuthenticatorSpec struct { // Webhook server endpoint URL. // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:Pattern=`^https://` @@ -27,27 +27,27 @@ type WebhookIdentityProviderSpec struct { TLS *TLSSpec `json:"tls,omitempty"` } -// WebhookIdentityProvider describes the configuration of a Pinniped webhook identity provider. +// WebhookAuthenticator describes the configuration of a webhook authenticator. // +genclient // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=all;idp;idps,shortName=webhookidp;webhookidps +// +kubebuilder:resource:categories=all;authenticator;authenticators // +kubebuilder:printcolumn:name="Endpoint",type=string,JSONPath=`.spec.endpoint` -type WebhookIdentityProvider struct { +type WebhookAuthenticator struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // Spec for configuring the identity provider. - Spec WebhookIdentityProviderSpec `json:"spec"` + // Spec for configuring the authenticator. + Spec WebhookAuthenticatorSpec `json:"spec"` - // Status of the identity provider. - Status WebhookIdentityProviderStatus `json:"status,omitempty"` + // Status of the authenticator. + Status WebhookAuthenticatorStatus `json:"status,omitempty"` } -// List of WebhookIdentityProvider objects. +// List of WebhookAuthenticator objects. // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type WebhookIdentityProviderList struct { +type WebhookAuthenticatorList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` - Items []WebhookIdentityProvider `json:"items"` + Items []WebhookAuthenticator `json:"items"` } diff --git a/generated/1.17/apis/idp/v1alpha1/zz_generated.conversion.go b/generated/1.17/apis/concierge/authentication/v1alpha1/zz_generated.conversion.go similarity index 100% rename from generated/1.17/apis/idp/v1alpha1/zz_generated.conversion.go rename to generated/1.17/apis/concierge/authentication/v1alpha1/zz_generated.conversion.go diff --git a/generated/1.17/apis/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go similarity index 72% rename from generated/1.17/apis/idp/v1alpha1/zz_generated.deepcopy.go rename to generated/1.17/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index cb0f46c85..a4e27af74 100644 --- a/generated/1.17/apis/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -45,7 +45,7 @@ func (in *TLSSpec) DeepCopy() *TLSSpec { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookIdentityProvider) DeepCopyInto(out *WebhookIdentityProvider) { +func (in *WebhookAuthenticator) DeepCopyInto(out *WebhookAuthenticator) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) @@ -54,18 +54,18 @@ func (in *WebhookIdentityProvider) DeepCopyInto(out *WebhookIdentityProvider) { return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookIdentityProvider. -func (in *WebhookIdentityProvider) DeepCopy() *WebhookIdentityProvider { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticator. +func (in *WebhookAuthenticator) DeepCopy() *WebhookAuthenticator { if in == nil { return nil } - out := new(WebhookIdentityProvider) + out := new(WebhookAuthenticator) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WebhookIdentityProvider) DeepCopyObject() runtime.Object { +func (in *WebhookAuthenticator) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -73,13 +73,13 @@ func (in *WebhookIdentityProvider) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookIdentityProviderList) DeepCopyInto(out *WebhookIdentityProviderList) { +func (in *WebhookAuthenticatorList) DeepCopyInto(out *WebhookAuthenticatorList) { *out = *in out.TypeMeta = in.TypeMeta in.ListMeta.DeepCopyInto(&out.ListMeta) if in.Items != nil { in, out := &in.Items, &out.Items - *out = make([]WebhookIdentityProvider, len(*in)) + *out = make([]WebhookAuthenticator, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -87,18 +87,18 @@ func (in *WebhookIdentityProviderList) DeepCopyInto(out *WebhookIdentityProvider return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookIdentityProviderList. -func (in *WebhookIdentityProviderList) DeepCopy() *WebhookIdentityProviderList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorList. +func (in *WebhookAuthenticatorList) DeepCopy() *WebhookAuthenticatorList { if in == nil { return nil } - out := new(WebhookIdentityProviderList) + out := new(WebhookAuthenticatorList) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WebhookIdentityProviderList) DeepCopyObject() runtime.Object { +func (in *WebhookAuthenticatorList) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -106,7 +106,7 @@ func (in *WebhookIdentityProviderList) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookIdentityProviderSpec) DeepCopyInto(out *WebhookIdentityProviderSpec) { +func (in *WebhookAuthenticatorSpec) DeepCopyInto(out *WebhookAuthenticatorSpec) { *out = *in if in.TLS != nil { in, out := &in.TLS, &out.TLS @@ -116,18 +116,18 @@ func (in *WebhookIdentityProviderSpec) DeepCopyInto(out *WebhookIdentityProvider return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookIdentityProviderSpec. -func (in *WebhookIdentityProviderSpec) DeepCopy() *WebhookIdentityProviderSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorSpec. +func (in *WebhookAuthenticatorSpec) DeepCopy() *WebhookAuthenticatorSpec { if in == nil { return nil } - out := new(WebhookIdentityProviderSpec) + out := new(WebhookAuthenticatorSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookIdentityProviderStatus) DeepCopyInto(out *WebhookIdentityProviderStatus) { +func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions @@ -139,12 +139,12 @@ func (in *WebhookIdentityProviderStatus) DeepCopyInto(out *WebhookIdentityProvid return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookIdentityProviderStatus. -func (in *WebhookIdentityProviderStatus) DeepCopy() *WebhookIdentityProviderStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorStatus. +func (in *WebhookAuthenticatorStatus) DeepCopy() *WebhookAuthenticatorStatus { if in == nil { return nil } - out := new(WebhookIdentityProviderStatus) + out := new(WebhookAuthenticatorStatus) in.DeepCopyInto(out) return out } diff --git a/generated/1.17/apis/idp/v1alpha1/zz_generated.defaults.go b/generated/1.17/apis/concierge/authentication/v1alpha1/zz_generated.defaults.go similarity index 100% rename from generated/1.17/apis/idp/v1alpha1/zz_generated.defaults.go rename to generated/1.17/apis/concierge/authentication/v1alpha1/zz_generated.defaults.go diff --git a/generated/1.18/apis/idp/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/authentication/zz_generated.deepcopy.go similarity index 89% rename from generated/1.18/apis/idp/zz_generated.deepcopy.go rename to generated/1.17/apis/concierge/authentication/zz_generated.deepcopy.go index 0b9642eaf..3a7a0f4b4 100644 --- a/generated/1.18/apis/idp/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/authentication/zz_generated.deepcopy.go @@ -5,4 +5,4 @@ // Code generated by deepcopy-gen. DO NOT EDIT. -package idp +package authentication diff --git a/generated/1.17/apis/concierge/login/types_token.go b/generated/1.17/apis/concierge/login/types_token.go index 91d36cfbf..a0555f85d 100644 --- a/generated/1.17/apis/concierge/login/types_token.go +++ b/generated/1.17/apis/concierge/login/types_token.go @@ -12,8 +12,8 @@ type TokenCredentialRequestSpec struct { // Bearer token supplied with the credential request. Token string - // Reference to an identity provider which can fulfill this credential request. - IdentityProvider corev1.TypedLocalObjectReference + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference } type TokenCredentialRequestStatus struct { diff --git a/generated/1.17/apis/concierge/login/v1alpha1/types_token.go b/generated/1.17/apis/concierge/login/v1alpha1/types_token.go index 9fba33694..cb5965a23 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/types_token.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/types_token.go @@ -13,8 +13,8 @@ type TokenCredentialRequestSpec struct { // Bearer token supplied with the credential request. Token string `json:"token,omitempty"` - // Reference to an identity provider which can fulfill this credential request. - IdentityProvider corev1.TypedLocalObjectReference `json:"identityProvider"` + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference `json:"authenticator"` } // TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API. diff --git a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.conversion.go index 93defe45d..999cd6d3a 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -157,7 +157,7 @@ func Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequest func autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error { out.Token = in.Token - out.IdentityProvider = in.IdentityProvider + out.Authenticator = in.Authenticator return nil } @@ -168,7 +168,7 @@ func Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequest func autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error { out.Token = in.Token - out.IdentityProvider = in.IdentityProvider + out.Authenticator = in.Authenticator return nil } diff --git a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go index 2001aa609..4160d6692 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { *out = *in - in.IdentityProvider.DeepCopyInto(&out.IdentityProvider) + in.Authenticator.DeepCopyInto(&out.Authenticator) return } diff --git a/generated/1.17/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/login/zz_generated.deepcopy.go index d92ad253c..f43661bc6 100644 --- a/generated/1.17/apis/concierge/login/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/login/zz_generated.deepcopy.go @@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { *out = *in - in.IdentityProvider.DeepCopyInto(&out.IdentityProvider) + in.Authenticator.DeepCopyInto(&out.Authenticator) return } diff --git a/generated/1.17/apis/idp/doc.go b/generated/1.17/apis/idp/doc.go deleted file mode 100644 index 17d329436..000000000 --- a/generated/1.17/apis/idp/doc.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=idp.pinniped.dev - -// Package idp is the internal version of the Pinniped identity provider API. -package idp diff --git a/generated/1.17/apis/idp/v1alpha1/doc.go b/generated/1.17/apis/idp/v1alpha1/doc.go deleted file mode 100644 index 915de628e..000000000 --- a/generated/1.17/apis/idp/v1alpha1/doc.go +++ /dev/null @@ -1,12 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.17/apis/idp -// +k8s:defaulter-gen=TypeMeta -// +groupName=idp.pinniped.dev -// +groupGoName=IDP - -// Package v1alpha1 is the v1alpha1 version of the Pinniped identity provider API. -package v1alpha1 diff --git a/generated/1.17/client/clientset/versioned/clientset.go b/generated/1.17/client/clientset/versioned/clientset.go index 9fdf9233b..99230a877 100644 --- a/generated/1.17/client/clientset/versioned/clientset.go +++ b/generated/1.17/client/clientset/versioned/clientset.go @@ -8,8 +8,8 @@ package versioned import ( "fmt" + authenticationv1alpha1 "go.pinniped.dev/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1" configv1alpha1 "go.pinniped.dev/generated/1.17/client/clientset/versioned/typed/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1" loginv1alpha1 "go.pinniped.dev/generated/1.17/client/clientset/versioned/typed/login/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" @@ -18,8 +18,8 @@ import ( type Interface interface { Discovery() discovery.DiscoveryInterface + AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface - IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface } @@ -27,9 +27,14 @@ type Interface interface { // version included in a Clientset. type Clientset struct { *discovery.DiscoveryClient - configV1alpha1 *configv1alpha1.ConfigV1alpha1Client - iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client - loginV1alpha1 *loginv1alpha1.LoginV1alpha1Client + authenticationV1alpha1 *authenticationv1alpha1.AuthenticationV1alpha1Client + configV1alpha1 *configv1alpha1.ConfigV1alpha1Client + loginV1alpha1 *loginv1alpha1.LoginV1alpha1Client +} + +// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client +func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { + return c.authenticationV1alpha1 } // ConfigV1alpha1 retrieves the ConfigV1alpha1Client @@ -37,11 +42,6 @@ func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { return c.configV1alpha1 } -// IDPV1alpha1 retrieves the IDPV1alpha1Client -func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { - return c.iDPV1alpha1 -} - // LoginV1alpha1 retrieves the LoginV1alpha1Client func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface { return c.loginV1alpha1 @@ -68,11 +68,11 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { } var cs Clientset var err error - cs.configV1alpha1, err = configv1alpha1.NewForConfig(&configShallowCopy) + cs.authenticationV1alpha1, err = authenticationv1alpha1.NewForConfig(&configShallowCopy) if err != nil { return nil, err } - cs.iDPV1alpha1, err = idpv1alpha1.NewForConfig(&configShallowCopy) + cs.configV1alpha1, err = configv1alpha1.NewForConfig(&configShallowCopy) if err != nil { return nil, err } @@ -92,8 +92,8 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { // panics if there is an error in the config. func NewForConfigOrDie(c *rest.Config) *Clientset { var cs Clientset + cs.authenticationV1alpha1 = authenticationv1alpha1.NewForConfigOrDie(c) cs.configV1alpha1 = configv1alpha1.NewForConfigOrDie(c) - cs.iDPV1alpha1 = idpv1alpha1.NewForConfigOrDie(c) cs.loginV1alpha1 = loginv1alpha1.NewForConfigOrDie(c) cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) @@ -103,8 +103,8 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { // New creates a new Clientset for the given RESTClient. func New(c rest.Interface) *Clientset { var cs Clientset + cs.authenticationV1alpha1 = authenticationv1alpha1.New(c) cs.configV1alpha1 = configv1alpha1.New(c) - cs.iDPV1alpha1 = idpv1alpha1.New(c) cs.loginV1alpha1 = loginv1alpha1.New(c) cs.DiscoveryClient = discovery.NewDiscoveryClient(c) diff --git a/generated/1.17/client/clientset/versioned/fake/clientset_generated.go b/generated/1.17/client/clientset/versioned/fake/clientset_generated.go index 5ce3436b8..b8c4ba162 100644 --- a/generated/1.17/client/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.17/client/clientset/versioned/fake/clientset_generated.go @@ -7,10 +7,10 @@ package fake import ( clientset "go.pinniped.dev/generated/1.17/client/clientset/versioned" + authenticationv1alpha1 "go.pinniped.dev/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1" + fakeauthenticationv1alpha1 "go.pinniped.dev/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/fake" configv1alpha1 "go.pinniped.dev/generated/1.17/client/clientset/versioned/typed/config/v1alpha1" fakeconfigv1alpha1 "go.pinniped.dev/generated/1.17/client/clientset/versioned/typed/config/v1alpha1/fake" - idpv1alpha1 "go.pinniped.dev/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1" - fakeidpv1alpha1 "go.pinniped.dev/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/fake" loginv1alpha1 "go.pinniped.dev/generated/1.17/client/clientset/versioned/typed/login/v1alpha1" fakeloginv1alpha1 "go.pinniped.dev/generated/1.17/client/clientset/versioned/typed/login/v1alpha1/fake" "k8s.io/apimachinery/pkg/runtime" @@ -67,16 +67,16 @@ func (c *Clientset) Tracker() testing.ObjectTracker { var _ clientset.Interface = &Clientset{} +// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client +func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { + return &fakeauthenticationv1alpha1.FakeAuthenticationV1alpha1{Fake: &c.Fake} +} + // ConfigV1alpha1 retrieves the ConfigV1alpha1Client func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { return &fakeconfigv1alpha1.FakeConfigV1alpha1{Fake: &c.Fake} } -// IDPV1alpha1 retrieves the IDPV1alpha1Client -func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { - return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} -} - // LoginV1alpha1 retrieves the LoginV1alpha1Client func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface { return &fakeloginv1alpha1.FakeLoginV1alpha1{Fake: &c.Fake} diff --git a/generated/1.17/client/clientset/versioned/fake/register.go b/generated/1.17/client/clientset/versioned/fake/register.go index c4ef82154..da71772ed 100644 --- a/generated/1.17/client/clientset/versioned/fake/register.go +++ b/generated/1.17/client/clientset/versioned/fake/register.go @@ -6,9 +6,9 @@ package fake import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1" loginv1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1" configv1alpha1 "go.pinniped.dev/generated/1.17/apis/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -20,8 +20,8 @@ var scheme = runtime.NewScheme() var codecs = serializer.NewCodecFactory(scheme) var parameterCodec = runtime.NewParameterCodec(scheme) var localSchemeBuilder = runtime.SchemeBuilder{ + authenticationv1alpha1.AddToScheme, configv1alpha1.AddToScheme, - idpv1alpha1.AddToScheme, loginv1alpha1.AddToScheme, } diff --git a/generated/1.17/client/clientset/versioned/scheme/register.go b/generated/1.17/client/clientset/versioned/scheme/register.go index 2c313538b..f257102f8 100644 --- a/generated/1.17/client/clientset/versioned/scheme/register.go +++ b/generated/1.17/client/clientset/versioned/scheme/register.go @@ -6,9 +6,9 @@ package scheme import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1" loginv1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1" configv1alpha1 "go.pinniped.dev/generated/1.17/apis/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -20,8 +20,8 @@ var Scheme = runtime.NewScheme() var Codecs = serializer.NewCodecFactory(Scheme) var ParameterCodec = runtime.NewParameterCodec(Scheme) var localSchemeBuilder = runtime.SchemeBuilder{ + authenticationv1alpha1.AddToScheme, configv1alpha1.AddToScheme, - idpv1alpha1.AddToScheme, loginv1alpha1.AddToScheme, } diff --git a/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/idp_client.go b/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go similarity index 50% rename from generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/idp_client.go rename to generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go index fad008c10..7455289a0 100644 --- a/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/idp_client.go +++ b/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go @@ -6,27 +6,27 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1" "go.pinniped.dev/generated/1.17/client/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) -type IDPV1alpha1Interface interface { +type AuthenticationV1alpha1Interface interface { RESTClient() rest.Interface - WebhookIdentityProvidersGetter + WebhookAuthenticatorsGetter } -// IDPV1alpha1Client is used to interact with features provided by the idp.pinniped.dev group. -type IDPV1alpha1Client struct { +// AuthenticationV1alpha1Client is used to interact with features provided by the authentication.concierge.pinniped.dev group. +type AuthenticationV1alpha1Client struct { restClient rest.Interface } -func (c *IDPV1alpha1Client) WebhookIdentityProviders(namespace string) WebhookIdentityProviderInterface { - return newWebhookIdentityProviders(c, namespace) +func (c *AuthenticationV1alpha1Client) WebhookAuthenticators(namespace string) WebhookAuthenticatorInterface { + return newWebhookAuthenticators(c, namespace) } -// NewForConfig creates a new IDPV1alpha1Client for the given config. -func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { +// NewForConfig creates a new AuthenticationV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) { config := *c if err := setConfigDefaults(&config); err != nil { return nil, err @@ -35,12 +35,12 @@ func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { if err != nil { return nil, err } - return &IDPV1alpha1Client{client}, nil + return &AuthenticationV1alpha1Client{client}, nil } -// NewForConfigOrDie creates a new IDPV1alpha1Client for the given config and +// NewForConfigOrDie creates a new AuthenticationV1alpha1Client for the given config and // panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *IDPV1alpha1Client { +func NewForConfigOrDie(c *rest.Config) *AuthenticationV1alpha1Client { client, err := NewForConfig(c) if err != nil { panic(err) @@ -48,9 +48,9 @@ func NewForConfigOrDie(c *rest.Config) *IDPV1alpha1Client { return client } -// New creates a new IDPV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *IDPV1alpha1Client { - return &IDPV1alpha1Client{c} +// New creates a new AuthenticationV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *AuthenticationV1alpha1Client { + return &AuthenticationV1alpha1Client{c} } func setConfigDefaults(config *rest.Config) error { @@ -68,7 +68,7 @@ func setConfigDefaults(config *rest.Config) error { // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. -func (c *IDPV1alpha1Client) RESTClient() rest.Interface { +func (c *AuthenticationV1alpha1Client) RESTClient() rest.Interface { if c == nil { return nil } diff --git a/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/doc.go b/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/doc.go similarity index 100% rename from generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/doc.go rename to generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/doc.go diff --git a/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/fake/doc.go b/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/fake/doc.go rename to generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go diff --git a/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go b/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go similarity index 60% rename from generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go rename to generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go index 3d093d102..09e7a1a84 100644 --- a/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go +++ b/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go @@ -6,22 +6,22 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) -type FakeIDPV1alpha1 struct { +type FakeAuthenticationV1alpha1 struct { *testing.Fake } -func (c *FakeIDPV1alpha1) WebhookIdentityProviders(namespace string) v1alpha1.WebhookIdentityProviderInterface { - return &FakeWebhookIdentityProviders{c, namespace} +func (c *FakeAuthenticationV1alpha1) WebhookAuthenticators(namespace string) v1alpha1.WebhookAuthenticatorInterface { + return &FakeWebhookAuthenticators{c, namespace} } // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. -func (c *FakeIDPV1alpha1) RESTClient() rest.Interface { +func (c *FakeAuthenticationV1alpha1) RESTClient() rest.Interface { var ret *rest.RESTClient return ret } diff --git a/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go new file mode 100644 index 000000000..e79d48c24 --- /dev/null +++ b/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go @@ -0,0 +1,127 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeWebhookAuthenticators implements WebhookAuthenticatorInterface +type FakeWebhookAuthenticators struct { + Fake *FakeAuthenticationV1alpha1 + ns string +} + +var webhookauthenticatorsResource = schema.GroupVersionResource{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Resource: "webhookauthenticators"} + +var webhookauthenticatorsKind = schema.GroupVersionKind{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Kind: "WebhookAuthenticator"} + +// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. +func (c *FakeWebhookAuthenticators) Get(name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(webhookauthenticatorsResource, c.ns, name), &v1alpha1.WebhookAuthenticator{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. +func (c *FakeWebhookAuthenticators) List(opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(webhookauthenticatorsResource, webhookauthenticatorsKind, c.ns, opts), &v1alpha1.WebhookAuthenticatorList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.WebhookAuthenticatorList{ListMeta: obj.(*v1alpha1.WebhookAuthenticatorList).ListMeta} + for _, item := range obj.(*v1alpha1.WebhookAuthenticatorList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested webhookAuthenticators. +func (c *FakeWebhookAuthenticators) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(webhookauthenticatorsResource, c.ns, opts)) + +} + +// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *FakeWebhookAuthenticators) Create(webhookAuthenticator *v1alpha1.WebhookAuthenticator) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(webhookauthenticatorsResource, c.ns, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *FakeWebhookAuthenticators) Update(webhookAuthenticator *v1alpha1.WebhookAuthenticator) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(webhookauthenticatorsResource, c.ns, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeWebhookAuthenticators) UpdateStatus(webhookAuthenticator *v1alpha1.WebhookAuthenticator) (*v1alpha1.WebhookAuthenticator, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(webhookauthenticatorsResource, "status", c.ns, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. +func (c *FakeWebhookAuthenticators) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(webhookauthenticatorsResource, c.ns, name), &v1alpha1.WebhookAuthenticator{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeWebhookAuthenticators) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(webhookauthenticatorsResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &v1alpha1.WebhookAuthenticatorList{}) + return err +} + +// Patch applies the patch and returns the patched webhookAuthenticator. +func (c *FakeWebhookAuthenticators) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(webhookauthenticatorsResource, c.ns, name, pt, data, subresources...), &v1alpha1.WebhookAuthenticator{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} diff --git a/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go b/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go similarity index 77% rename from generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go rename to generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go index 69ebc739d..e1b1f2b40 100644 --- a/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go +++ b/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go @@ -5,4 +5,4 @@ package v1alpha1 -type WebhookIdentityProviderExpansion interface{} +type WebhookAuthenticatorExpansion interface{} diff --git a/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 000000000..584599c0a --- /dev/null +++ b/generated/1.17/client/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,178 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "time" + + v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.17/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// WebhookAuthenticatorsGetter has a method to return a WebhookAuthenticatorInterface. +// A group's client should implement this interface. +type WebhookAuthenticatorsGetter interface { + WebhookAuthenticators(namespace string) WebhookAuthenticatorInterface +} + +// WebhookAuthenticatorInterface has methods to work with WebhookAuthenticator resources. +type WebhookAuthenticatorInterface interface { + Create(*v1alpha1.WebhookAuthenticator) (*v1alpha1.WebhookAuthenticator, error) + Update(*v1alpha1.WebhookAuthenticator) (*v1alpha1.WebhookAuthenticator, error) + UpdateStatus(*v1alpha1.WebhookAuthenticator) (*v1alpha1.WebhookAuthenticator, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*v1alpha1.WebhookAuthenticator, error) + List(opts v1.ListOptions) (*v1alpha1.WebhookAuthenticatorList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) + WebhookAuthenticatorExpansion +} + +// webhookAuthenticators implements WebhookAuthenticatorInterface +type webhookAuthenticators struct { + client rest.Interface + ns string +} + +// newWebhookAuthenticators returns a WebhookAuthenticators +func newWebhookAuthenticators(c *AuthenticationV1alpha1Client, namespace string) *webhookAuthenticators { + return &webhookAuthenticators{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. +func (c *webhookAuthenticators) Get(name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Get(). + Namespace(c.ns). + Resource("webhookauthenticators"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. +func (c *webhookAuthenticators) List(opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.WebhookAuthenticatorList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested webhookAuthenticators. +func (c *webhookAuthenticators) Watch(opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch() +} + +// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *webhookAuthenticators) Create(webhookAuthenticator *v1alpha1.WebhookAuthenticator) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Post(). + Namespace(c.ns). + Resource("webhookauthenticators"). + Body(webhookAuthenticator). + Do(). + Into(result) + return +} + +// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *webhookAuthenticators) Update(webhookAuthenticator *v1alpha1.WebhookAuthenticator) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Put(). + Namespace(c.ns). + Resource("webhookauthenticators"). + Name(webhookAuthenticator.Name). + Body(webhookAuthenticator). + Do(). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). + +func (c *webhookAuthenticators) UpdateStatus(webhookAuthenticator *v1alpha1.WebhookAuthenticator) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Put(). + Namespace(c.ns). + Resource("webhookauthenticators"). + Name(webhookAuthenticator.Name). + SubResource("status"). + Body(webhookAuthenticator). + Do(). + Into(result) + return +} + +// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. +func (c *webhookAuthenticators) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("webhookauthenticators"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *webhookAuthenticators) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + var timeout time.Duration + if listOptions.TimeoutSeconds != nil { + timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("webhookauthenticators"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Timeout(timeout). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched webhookAuthenticator. +func (c *webhookAuthenticators) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("webhookauthenticators"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_webhookidentityprovider.go b/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_webhookidentityprovider.go deleted file mode 100644 index e1c46f391..000000000 --- a/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_webhookidentityprovider.go +++ /dev/null @@ -1,127 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeWebhookIdentityProviders implements WebhookIdentityProviderInterface -type FakeWebhookIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var webhookidentityprovidersResource = schema.GroupVersionResource{Group: "idp.pinniped.dev", Version: "v1alpha1", Resource: "webhookidentityproviders"} - -var webhookidentityprovidersKind = schema.GroupVersionKind{Group: "idp.pinniped.dev", Version: "v1alpha1", Kind: "WebhookIdentityProvider"} - -// Get takes name of the webhookIdentityProvider, and returns the corresponding webhookIdentityProvider object, and an error if there is any. -func (c *FakeWebhookIdentityProviders) Get(name string, options v1.GetOptions) (result *v1alpha1.WebhookIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(webhookidentityprovidersResource, c.ns, name), &v1alpha1.WebhookIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of WebhookIdentityProviders that match those selectors. -func (c *FakeWebhookIdentityProviders) List(opts v1.ListOptions) (result *v1alpha1.WebhookIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(webhookidentityprovidersResource, webhookidentityprovidersKind, c.ns, opts), &v1alpha1.WebhookIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.WebhookIdentityProviderList{ListMeta: obj.(*v1alpha1.WebhookIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.WebhookIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested webhookIdentityProviders. -func (c *FakeWebhookIdentityProviders) Watch(opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(webhookidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a webhookIdentityProvider and creates it. Returns the server's representation of the webhookIdentityProvider, and an error, if there is any. -func (c *FakeWebhookIdentityProviders) Create(webhookIdentityProvider *v1alpha1.WebhookIdentityProvider) (result *v1alpha1.WebhookIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(webhookidentityprovidersResource, c.ns, webhookIdentityProvider), &v1alpha1.WebhookIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookIdentityProvider), err -} - -// Update takes the representation of a webhookIdentityProvider and updates it. Returns the server's representation of the webhookIdentityProvider, and an error, if there is any. -func (c *FakeWebhookIdentityProviders) Update(webhookIdentityProvider *v1alpha1.WebhookIdentityProvider) (result *v1alpha1.WebhookIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(webhookidentityprovidersResource, c.ns, webhookIdentityProvider), &v1alpha1.WebhookIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeWebhookIdentityProviders) UpdateStatus(webhookIdentityProvider *v1alpha1.WebhookIdentityProvider) (*v1alpha1.WebhookIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(webhookidentityprovidersResource, "status", c.ns, webhookIdentityProvider), &v1alpha1.WebhookIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookIdentityProvider), err -} - -// Delete takes name of the webhookIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeWebhookIdentityProviders) Delete(name string, options *v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(webhookidentityprovidersResource, c.ns, name), &v1alpha1.WebhookIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeWebhookIdentityProviders) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(webhookidentityprovidersResource, c.ns, listOptions) - - _, err := c.Fake.Invokes(action, &v1alpha1.WebhookIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched webhookIdentityProvider. -func (c *FakeWebhookIdentityProviders) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.WebhookIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(webhookidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.WebhookIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookIdentityProvider), err -} diff --git a/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/webhookidentityprovider.go b/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/webhookidentityprovider.go deleted file mode 100644 index 9798d2214..000000000 --- a/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/webhookidentityprovider.go +++ /dev/null @@ -1,178 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "time" - - v1alpha1 "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.17/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// WebhookIdentityProvidersGetter has a method to return a WebhookIdentityProviderInterface. -// A group's client should implement this interface. -type WebhookIdentityProvidersGetter interface { - WebhookIdentityProviders(namespace string) WebhookIdentityProviderInterface -} - -// WebhookIdentityProviderInterface has methods to work with WebhookIdentityProvider resources. -type WebhookIdentityProviderInterface interface { - Create(*v1alpha1.WebhookIdentityProvider) (*v1alpha1.WebhookIdentityProvider, error) - Update(*v1alpha1.WebhookIdentityProvider) (*v1alpha1.WebhookIdentityProvider, error) - UpdateStatus(*v1alpha1.WebhookIdentityProvider) (*v1alpha1.WebhookIdentityProvider, error) - Delete(name string, options *v1.DeleteOptions) error - DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error - Get(name string, options v1.GetOptions) (*v1alpha1.WebhookIdentityProvider, error) - List(opts v1.ListOptions) (*v1alpha1.WebhookIdentityProviderList, error) - Watch(opts v1.ListOptions) (watch.Interface, error) - Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.WebhookIdentityProvider, err error) - WebhookIdentityProviderExpansion -} - -// webhookIdentityProviders implements WebhookIdentityProviderInterface -type webhookIdentityProviders struct { - client rest.Interface - ns string -} - -// newWebhookIdentityProviders returns a WebhookIdentityProviders -func newWebhookIdentityProviders(c *IDPV1alpha1Client, namespace string) *webhookIdentityProviders { - return &webhookIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the webhookIdentityProvider, and returns the corresponding webhookIdentityProvider object, and an error if there is any. -func (c *webhookIdentityProviders) Get(name string, options v1.GetOptions) (result *v1alpha1.WebhookIdentityProvider, err error) { - result = &v1alpha1.WebhookIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of WebhookIdentityProviders that match those selectors. -func (c *webhookIdentityProviders) List(opts v1.ListOptions) (result *v1alpha1.WebhookIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.WebhookIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested webhookIdentityProviders. -func (c *webhookIdentityProviders) Watch(opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch() -} - -// Create takes the representation of a webhookIdentityProvider and creates it. Returns the server's representation of the webhookIdentityProvider, and an error, if there is any. -func (c *webhookIdentityProviders) Create(webhookIdentityProvider *v1alpha1.WebhookIdentityProvider) (result *v1alpha1.WebhookIdentityProvider, err error) { - result = &v1alpha1.WebhookIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - Body(webhookIdentityProvider). - Do(). - Into(result) - return -} - -// Update takes the representation of a webhookIdentityProvider and updates it. Returns the server's representation of the webhookIdentityProvider, and an error, if there is any. -func (c *webhookIdentityProviders) Update(webhookIdentityProvider *v1alpha1.WebhookIdentityProvider) (result *v1alpha1.WebhookIdentityProvider, err error) { - result = &v1alpha1.WebhookIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - Name(webhookIdentityProvider.Name). - Body(webhookIdentityProvider). - Do(). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). - -func (c *webhookIdentityProviders) UpdateStatus(webhookIdentityProvider *v1alpha1.WebhookIdentityProvider) (result *v1alpha1.WebhookIdentityProvider, err error) { - result = &v1alpha1.WebhookIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - Name(webhookIdentityProvider.Name). - SubResource("status"). - Body(webhookIdentityProvider). - Do(). - Into(result) - return -} - -// Delete takes name of the webhookIdentityProvider and deletes it. Returns an error if one occurs. -func (c *webhookIdentityProviders) Delete(name string, options *v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - Name(name). - Body(options). - Do(). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *webhookIdentityProviders) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { - var timeout time.Duration - if listOptions.TimeoutSeconds != nil { - timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - VersionedParams(&listOptions, scheme.ParameterCodec). - Timeout(timeout). - Body(options). - Do(). - Error() -} - -// Patch applies the patch and returns the patched webhookIdentityProvider. -func (c *webhookIdentityProviders) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.WebhookIdentityProvider, err error) { - result = &v1alpha1.WebhookIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("webhookidentityproviders"). - SubResource(subresources...). - Name(name). - Body(data). - Do(). - Into(result) - return -} diff --git a/generated/1.17/client/informers/externalversions/idp/interface.go b/generated/1.17/client/informers/externalversions/authentication/interface.go similarity index 94% rename from generated/1.17/client/informers/externalversions/idp/interface.go rename to generated/1.17/client/informers/externalversions/authentication/interface.go index deb662017..2dfbf1ade 100644 --- a/generated/1.17/client/informers/externalversions/idp/interface.go +++ b/generated/1.17/client/informers/externalversions/authentication/interface.go @@ -3,10 +3,10 @@ // Code generated by informer-gen. DO NOT EDIT. -package idp +package authentication import ( - v1alpha1 "go.pinniped.dev/generated/1.17/client/informers/externalversions/idp/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.17/client/informers/externalversions/authentication/v1alpha1" internalinterfaces "go.pinniped.dev/generated/1.17/client/informers/externalversions/internalinterfaces" ) diff --git a/generated/1.17/client/informers/externalversions/idp/v1alpha1/interface.go b/generated/1.17/client/informers/externalversions/authentication/v1alpha1/interface.go similarity index 67% rename from generated/1.17/client/informers/externalversions/idp/v1alpha1/interface.go rename to generated/1.17/client/informers/externalversions/authentication/v1alpha1/interface.go index 03455e4ab..a42951288 100644 --- a/generated/1.17/client/informers/externalversions/idp/v1alpha1/interface.go +++ b/generated/1.17/client/informers/externalversions/authentication/v1alpha1/interface.go @@ -11,8 +11,8 @@ import ( // Interface provides access to all the informers in this group version. type Interface interface { - // WebhookIdentityProviders returns a WebhookIdentityProviderInformer. - WebhookIdentityProviders() WebhookIdentityProviderInformer + // WebhookAuthenticators returns a WebhookAuthenticatorInformer. + WebhookAuthenticators() WebhookAuthenticatorInformer } type version struct { @@ -26,7 +26,7 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} } -// WebhookIdentityProviders returns a WebhookIdentityProviderInformer. -func (v *version) WebhookIdentityProviders() WebhookIdentityProviderInformer { - return &webhookIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +// WebhookAuthenticators returns a WebhookAuthenticatorInformer. +func (v *version) WebhookAuthenticators() WebhookAuthenticatorInformer { + return &webhookAuthenticatorInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } diff --git a/generated/1.17/client/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/1.17/client/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 000000000..549b47d15 --- /dev/null +++ b/generated/1.17/client/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,76 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + time "time" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1" + versioned "go.pinniped.dev/generated/1.17/client/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.17/client/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.17/client/listers/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// WebhookAuthenticatorInformer provides access to a shared informer and lister for +// WebhookAuthenticators. +type WebhookAuthenticatorInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.WebhookAuthenticatorLister +} + +type webhookAuthenticatorInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewWebhookAuthenticatorInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredWebhookAuthenticatorInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredWebhookAuthenticatorInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators(namespace).Watch(options) + }, + }, + &authenticationv1alpha1.WebhookAuthenticator{}, + resyncPeriod, + indexers, + ) +} + +func (f *webhookAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredWebhookAuthenticatorInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *webhookAuthenticatorInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&authenticationv1alpha1.WebhookAuthenticator{}, f.defaultInformer) +} + +func (f *webhookAuthenticatorInformer) Lister() v1alpha1.WebhookAuthenticatorLister { + return v1alpha1.NewWebhookAuthenticatorLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.17/client/informers/externalversions/factory.go b/generated/1.17/client/informers/externalversions/factory.go index 414a8b20d..2c63113e8 100644 --- a/generated/1.17/client/informers/externalversions/factory.go +++ b/generated/1.17/client/informers/externalversions/factory.go @@ -11,8 +11,8 @@ import ( time "time" versioned "go.pinniped.dev/generated/1.17/client/clientset/versioned" + authentication "go.pinniped.dev/generated/1.17/client/informers/externalversions/authentication" config "go.pinniped.dev/generated/1.17/client/informers/externalversions/config" - idp "go.pinniped.dev/generated/1.17/client/informers/externalversions/idp" internalinterfaces "go.pinniped.dev/generated/1.17/client/informers/externalversions/internalinterfaces" login "go.pinniped.dev/generated/1.17/client/informers/externalversions/login" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -161,19 +161,19 @@ type SharedInformerFactory interface { ForResource(resource schema.GroupVersionResource) (GenericInformer, error) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + Authentication() authentication.Interface Config() config.Interface - IDP() idp.Interface Login() login.Interface } +func (f *sharedInformerFactory) Authentication() authentication.Interface { + return authentication.New(f, f.namespace, f.tweakListOptions) +} + func (f *sharedInformerFactory) Config() config.Interface { return config.New(f, f.namespace, f.tweakListOptions) } -func (f *sharedInformerFactory) IDP() idp.Interface { - return idp.New(f, f.namespace, f.tweakListOptions) -} - func (f *sharedInformerFactory) Login() login.Interface { return login.New(f, f.namespace, f.tweakListOptions) } diff --git a/generated/1.17/client/informers/externalversions/generic.go b/generated/1.17/client/informers/externalversions/generic.go index e5ec9e49c..287c34939 100644 --- a/generated/1.17/client/informers/externalversions/generic.go +++ b/generated/1.17/client/informers/externalversions/generic.go @@ -8,9 +8,9 @@ package externalversions import ( "fmt" + v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1" loginv1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1" - v1alpha1 "go.pinniped.dev/generated/1.17/apis/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.17/apis/config/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) @@ -41,15 +41,15 @@ func (f *genericInformer) Lister() cache.GenericLister { // TODO extend this to unknown resources with a client pool func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { switch resource { - // Group=config.pinniped.dev, Version=v1alpha1 - case v1alpha1.SchemeGroupVersion.WithResource("credentialissuerconfigs"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuerConfigs().Informer()}, nil - case v1alpha1.SchemeGroupVersion.WithResource("oidcproviderconfigs"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCProviderConfigs().Informer()}, nil + // Group=authentication.concierge.pinniped.dev, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithResource("webhookauthenticators"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil - // Group=idp.pinniped.dev, Version=v1alpha1 - case idpv1alpha1.SchemeGroupVersion.WithResource("webhookidentityproviders"): - return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().WebhookIdentityProviders().Informer()}, nil + // Group=config.pinniped.dev, Version=v1alpha1 + case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuerconfigs"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuerConfigs().Informer()}, nil + case configv1alpha1.SchemeGroupVersion.WithResource("oidcproviderconfigs"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCProviderConfigs().Informer()}, nil // Group=login.concierge.pinniped.dev, Version=v1alpha1 case loginv1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests"): diff --git a/generated/1.17/client/informers/externalversions/idp/v1alpha1/webhookidentityprovider.go b/generated/1.17/client/informers/externalversions/idp/v1alpha1/webhookidentityprovider.go deleted file mode 100644 index 5ed462b97..000000000 --- a/generated/1.17/client/informers/externalversions/idp/v1alpha1/webhookidentityprovider.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - time "time" - - idpv1alpha1 "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.17/client/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.17/client/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.17/client/listers/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// WebhookIdentityProviderInformer provides access to a shared informer and lister for -// WebhookIdentityProviders. -type WebhookIdentityProviderInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.WebhookIdentityProviderLister -} - -type webhookIdentityProviderInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewWebhookIdentityProviderInformer constructs a new informer for WebhookIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewWebhookIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredWebhookIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredWebhookIdentityProviderInformer constructs a new informer for WebhookIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredWebhookIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().WebhookIdentityProviders(namespace).List(options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().WebhookIdentityProviders(namespace).Watch(options) - }, - }, - &idpv1alpha1.WebhookIdentityProvider{}, - resyncPeriod, - indexers, - ) -} - -func (f *webhookIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredWebhookIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *webhookIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.WebhookIdentityProvider{}, f.defaultInformer) -} - -func (f *webhookIdentityProviderInformer) Lister() v1alpha1.WebhookIdentityProviderLister { - return v1alpha1.NewWebhookIdentityProviderLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.17/client/listers/authentication/v1alpha1/expansion_generated.go b/generated/1.17/client/listers/authentication/v1alpha1/expansion_generated.go new file mode 100644 index 000000000..25e1ad662 --- /dev/null +++ b/generated/1.17/client/listers/authentication/v1alpha1/expansion_generated.go @@ -0,0 +1,14 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// WebhookAuthenticatorListerExpansion allows custom methods to be added to +// WebhookAuthenticatorLister. +type WebhookAuthenticatorListerExpansion interface{} + +// WebhookAuthenticatorNamespaceListerExpansion allows custom methods to be added to +// WebhookAuthenticatorNamespaceLister. +type WebhookAuthenticatorNamespaceListerExpansion interface{} diff --git a/generated/1.17/client/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.17/client/listers/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 000000000..dcf18bee4 --- /dev/null +++ b/generated/1.17/client/listers/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,81 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// WebhookAuthenticatorLister helps list WebhookAuthenticators. +type WebhookAuthenticatorLister interface { + // List lists all WebhookAuthenticators in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) + // WebhookAuthenticators returns an object that can list and get WebhookAuthenticators. + WebhookAuthenticators(namespace string) WebhookAuthenticatorNamespaceLister + WebhookAuthenticatorListerExpansion +} + +// webhookAuthenticatorLister implements the WebhookAuthenticatorLister interface. +type webhookAuthenticatorLister struct { + indexer cache.Indexer +} + +// NewWebhookAuthenticatorLister returns a new WebhookAuthenticatorLister. +func NewWebhookAuthenticatorLister(indexer cache.Indexer) WebhookAuthenticatorLister { + return &webhookAuthenticatorLister{indexer: indexer} +} + +// List lists all WebhookAuthenticators in the indexer. +func (s *webhookAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.WebhookAuthenticator)) + }) + return ret, err +} + +// WebhookAuthenticators returns an object that can list and get WebhookAuthenticators. +func (s *webhookAuthenticatorLister) WebhookAuthenticators(namespace string) WebhookAuthenticatorNamespaceLister { + return webhookAuthenticatorNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// WebhookAuthenticatorNamespaceLister helps list and get WebhookAuthenticators. +type WebhookAuthenticatorNamespaceLister interface { + // List lists all WebhookAuthenticators in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) + // Get retrieves the WebhookAuthenticator from the indexer for a given namespace and name. + Get(name string) (*v1alpha1.WebhookAuthenticator, error) + WebhookAuthenticatorNamespaceListerExpansion +} + +// webhookAuthenticatorNamespaceLister implements the WebhookAuthenticatorNamespaceLister +// interface. +type webhookAuthenticatorNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all WebhookAuthenticators in the indexer for a given namespace. +func (s webhookAuthenticatorNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.WebhookAuthenticator)) + }) + return ret, err +} + +// Get retrieves the WebhookAuthenticator from the indexer for a given namespace and name. +func (s webhookAuthenticatorNamespaceLister) Get(name string) (*v1alpha1.WebhookAuthenticator, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("webhookauthenticator"), name) + } + return obj.(*v1alpha1.WebhookAuthenticator), nil +} diff --git a/generated/1.17/client/listers/idp/v1alpha1/expansion_generated.go b/generated/1.17/client/listers/idp/v1alpha1/expansion_generated.go deleted file mode 100644 index f0b280e1b..000000000 --- a/generated/1.17/client/listers/idp/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// WebhookIdentityProviderListerExpansion allows custom methods to be added to -// WebhookIdentityProviderLister. -type WebhookIdentityProviderListerExpansion interface{} - -// WebhookIdentityProviderNamespaceListerExpansion allows custom methods to be added to -// WebhookIdentityProviderNamespaceLister. -type WebhookIdentityProviderNamespaceListerExpansion interface{} diff --git a/generated/1.17/client/listers/idp/v1alpha1/webhookidentityprovider.go b/generated/1.17/client/listers/idp/v1alpha1/webhookidentityprovider.go deleted file mode 100644 index 1081006af..000000000 --- a/generated/1.17/client/listers/idp/v1alpha1/webhookidentityprovider.go +++ /dev/null @@ -1,81 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// WebhookIdentityProviderLister helps list WebhookIdentityProviders. -type WebhookIdentityProviderLister interface { - // List lists all WebhookIdentityProviders in the indexer. - List(selector labels.Selector) (ret []*v1alpha1.WebhookIdentityProvider, err error) - // WebhookIdentityProviders returns an object that can list and get WebhookIdentityProviders. - WebhookIdentityProviders(namespace string) WebhookIdentityProviderNamespaceLister - WebhookIdentityProviderListerExpansion -} - -// webhookIdentityProviderLister implements the WebhookIdentityProviderLister interface. -type webhookIdentityProviderLister struct { - indexer cache.Indexer -} - -// NewWebhookIdentityProviderLister returns a new WebhookIdentityProviderLister. -func NewWebhookIdentityProviderLister(indexer cache.Indexer) WebhookIdentityProviderLister { - return &webhookIdentityProviderLister{indexer: indexer} -} - -// List lists all WebhookIdentityProviders in the indexer. -func (s *webhookIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.WebhookIdentityProvider)) - }) - return ret, err -} - -// WebhookIdentityProviders returns an object that can list and get WebhookIdentityProviders. -func (s *webhookIdentityProviderLister) WebhookIdentityProviders(namespace string) WebhookIdentityProviderNamespaceLister { - return webhookIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// WebhookIdentityProviderNamespaceLister helps list and get WebhookIdentityProviders. -type WebhookIdentityProviderNamespaceLister interface { - // List lists all WebhookIdentityProviders in the indexer for a given namespace. - List(selector labels.Selector) (ret []*v1alpha1.WebhookIdentityProvider, err error) - // Get retrieves the WebhookIdentityProvider from the indexer for a given namespace and name. - Get(name string) (*v1alpha1.WebhookIdentityProvider, error) - WebhookIdentityProviderNamespaceListerExpansion -} - -// webhookIdentityProviderNamespaceLister implements the WebhookIdentityProviderNamespaceLister -// interface. -type webhookIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all WebhookIdentityProviders in the indexer for a given namespace. -func (s webhookIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.WebhookIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the WebhookIdentityProvider from the indexer for a given namespace and name. -func (s webhookIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.WebhookIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("webhookidentityprovider"), name) - } - return obj.(*v1alpha1.WebhookIdentityProvider), nil -} diff --git a/generated/1.17/client/openapi/zz_generated.openapi.go b/generated/1.17/client/openapi/zz_generated.openapi.go index 9ce251b34..2aea64774 100644 --- a/generated/1.17/client/openapi/zz_generated.openapi.go +++ b/generated/1.17/client/openapi/zz_generated.openapi.go @@ -17,77 +17,315 @@ import ( func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), - "go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), - "go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), - "go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), - "go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), - "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.CredentialIssuerConfig": schema_117_apis_config_v1alpha1_CredentialIssuerConfig(ref), - "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo": schema_117_apis_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref), - "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.CredentialIssuerConfigList": schema_117_apis_config_v1alpha1_CredentialIssuerConfigList(ref), - "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.CredentialIssuerConfigStatus": schema_117_apis_config_v1alpha1_CredentialIssuerConfigStatus(ref), - "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.CredentialIssuerConfigStrategy": schema_117_apis_config_v1alpha1_CredentialIssuerConfigStrategy(ref), - "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.OIDCProviderConfig": schema_117_apis_config_v1alpha1_OIDCProviderConfig(ref), - "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.OIDCProviderConfigList": schema_117_apis_config_v1alpha1_OIDCProviderConfigList(ref), - "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.OIDCProviderConfigSpec": schema_117_apis_config_v1alpha1_OIDCProviderConfigSpec(ref), - "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.OIDCProviderConfigStatus": schema_117_apis_config_v1alpha1_OIDCProviderConfigStatus(ref), - "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1.Condition": schema_117_apis_idp_v1alpha1_Condition(ref), - "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1.TLSSpec": schema_117_apis_idp_v1alpha1_TLSSpec(ref), - "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1.WebhookIdentityProvider": schema_117_apis_idp_v1alpha1_WebhookIdentityProvider(ref), - "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1.WebhookIdentityProviderList": schema_117_apis_idp_v1alpha1_WebhookIdentityProviderList(ref), - "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1.WebhookIdentityProviderSpec": schema_117_apis_idp_v1alpha1_WebhookIdentityProviderSpec(ref), - "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1.WebhookIdentityProviderStatus": schema_117_apis_idp_v1alpha1_WebhookIdentityProviderStatus(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ExportOptions": schema_pkg_apis_meta_v1_ExportOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), - "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), + "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.Condition": schema_apis_concierge_authentication_v1alpha1_Condition(ref), + "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.TLSSpec": schema_apis_concierge_authentication_v1alpha1_TLSSpec(ref), + "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticator": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticator(ref), + "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorList": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref), + "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref), + "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref), + "go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), + "go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), + "go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), + "go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), + "go.pinniped.dev/generated/1.17/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), + "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.CredentialIssuerConfig": schema_117_apis_config_v1alpha1_CredentialIssuerConfig(ref), + "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo": schema_117_apis_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref), + "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.CredentialIssuerConfigList": schema_117_apis_config_v1alpha1_CredentialIssuerConfigList(ref), + "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.CredentialIssuerConfigStatus": schema_117_apis_config_v1alpha1_CredentialIssuerConfigStatus(ref), + "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.CredentialIssuerConfigStrategy": schema_117_apis_config_v1alpha1_CredentialIssuerConfigStrategy(ref), + "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.OIDCProviderConfig": schema_117_apis_config_v1alpha1_OIDCProviderConfig(ref), + "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.OIDCProviderConfigList": schema_117_apis_config_v1alpha1_OIDCProviderConfigList(ref), + "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.OIDCProviderConfigSpec": schema_117_apis_config_v1alpha1_OIDCProviderConfigSpec(ref), + "go.pinniped.dev/generated/1.17/apis/config/v1alpha1.OIDCProviderConfigStatus": schema_117_apis_config_v1alpha1_OIDCProviderConfigStatus(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ExportOptions": schema_pkg_apis_meta_v1_ExportOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), + "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), + "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), + "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), + "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), + } +} + +func schema_apis_concierge_authentication_v1alpha1_Condition(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "type": { + SchemaProps: spec.SchemaProps{ + Description: "type of condition in CamelCase or in foo.example.com/CamelCase.", + Type: []string{"string"}, + Format: "", + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Description: "status of the condition, one of True, False, Unknown.", + Type: []string{"string"}, + Format: "", + }, + }, + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", + Type: []string{"integer"}, + Format: "int64", + }, + }, + "lastTransitionTime": { + SchemaProps: spec.SchemaProps{ + Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + }, + }, + "reason": { + SchemaProps: spec.SchemaProps{ + Description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", + Type: []string{"string"}, + Format: "", + }, + }, + "message": { + SchemaProps: spec.SchemaProps{ + Description: "message is a human readable message indicating details about the transition. This may be an empty string.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"type", "status", "lastTransitionTime", "reason", "message"}, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + } +} + +func schema_apis_concierge_authentication_v1alpha1_TLSSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Configuration for configuring TLS on various authenticators.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "certificateAuthorityData": { + SchemaProps: spec.SchemaProps{ + Description: "X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + } +} + +func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticator(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "WebhookAuthenticator describes the configuration of a webhook authenticator.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "spec": { + SchemaProps: spec.SchemaProps{ + Description: "Spec for configuring the authenticator.", + Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec"), + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Description: "Status of the authenticator.", + Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus"), + }, + }, + }, + Required: []string{"spec"}, + }, + }, + Dependencies: []string{ + "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec", "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "List of WebhookAuthenticator objects.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticator"), + }, + }, + }, + }, + }, + }, + Required: []string{"items"}, + }, + }, + Dependencies: []string{ + "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.WebhookAuthenticator", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + } +} + +func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Spec for configuring a webhook authenticator.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "endpoint": { + SchemaProps: spec.SchemaProps{ + Description: "Webhook server endpoint URL.", + Type: []string{"string"}, + Format: "", + }, + }, + "tls": { + SchemaProps: spec.SchemaProps{ + Description: "TLS configuration.", + Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.TLSSpec"), + }, + }, + }, + Required: []string{"endpoint"}, + }, + }, + Dependencies: []string{ + "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.TLSSpec"}, + } +} + +func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Status of a webhook authenticator.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "conditions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents the observations of the authenticator's current state.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.Condition"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "go.pinniped.dev/generated/1.17/apis/concierge/authentication/v1alpha1.Condition"}, } } @@ -238,14 +476,14 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common. Format: "", }, }, - "identityProvider": { + "authenticator": { SchemaProps: spec.SchemaProps{ - Description: "Reference to an identity provider which can fulfill this credential request.", + Description: "Reference to an authenticator which can validate this credential request.", Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), }, }, }, - Required: []string{"identityProvider"}, + Required: []string{"authenticator"}, }, }, Dependencies: []string{ @@ -642,244 +880,6 @@ func schema_117_apis_config_v1alpha1_OIDCProviderConfigStatus(ref common.Referen } } -func schema_117_apis_idp_v1alpha1_Condition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Description: "type of condition in CamelCase or in foo.example.com/CamelCase.", - Type: []string{"string"}, - Format: "", - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "status of the condition, one of True, False, Unknown.", - Type: []string{"string"}, - Format: "", - }, - }, - "observedGeneration": { - SchemaProps: spec.SchemaProps{ - Description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "lastTransitionTime": { - SchemaProps: spec.SchemaProps{ - Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "message is a human readable message indicating details about the transition. This may be an empty string.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"type", "status", "lastTransitionTime", "reason", "message"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_117_apis_idp_v1alpha1_TLSSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Configuration for configuring TLS on various identity providers.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "certificateAuthorityData": { - SchemaProps: spec.SchemaProps{ - Description: "X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_117_apis_idp_v1alpha1_WebhookIdentityProvider(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "WebhookIdentityProvider describes the configuration of a Pinniped webhook identity provider.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "spec": { - SchemaProps: spec.SchemaProps{ - Description: "Spec for configuring the identity provider.", - Ref: ref("go.pinniped.dev/generated/1.17/apis/idp/v1alpha1.WebhookIdentityProviderSpec"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "Status of the identity provider.", - Ref: ref("go.pinniped.dev/generated/1.17/apis/idp/v1alpha1.WebhookIdentityProviderStatus"), - }, - }, - }, - Required: []string{"spec"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1.WebhookIdentityProviderSpec", "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1.WebhookIdentityProviderStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_117_apis_idp_v1alpha1_WebhookIdentityProviderList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "List of WebhookIdentityProvider objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("go.pinniped.dev/generated/1.17/apis/idp/v1alpha1.WebhookIdentityProvider"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1.WebhookIdentityProvider", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, - } -} - -func schema_117_apis_idp_v1alpha1_WebhookIdentityProviderSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Spec for configuring a webhook identity provider.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "endpoint": { - SchemaProps: spec.SchemaProps{ - Description: "Webhook server endpoint URL.", - Type: []string{"string"}, - Format: "", - }, - }, - "tls": { - SchemaProps: spec.SchemaProps{ - Description: "TLS configuration.", - Ref: ref("go.pinniped.dev/generated/1.17/apis/idp/v1alpha1.TLSSpec"), - }, - }, - }, - Required: []string{"endpoint"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1.TLSSpec"}, - } -} - -func schema_117_apis_idp_v1alpha1_WebhookIdentityProviderStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status of a webhook identity provider.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "conditions": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-map-keys": []interface{}{ - "type", - }, - "x-kubernetes-list-type": "map", - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "Represents the observations of an identity provider's current state.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("go.pinniped.dev/generated/1.17/apis/idp/v1alpha1.Condition"), - }, - }, - }, - }, - }, - }, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.17/apis/idp/v1alpha1.Condition"}, - } -} - func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ diff --git a/generated/1.18/crds/idp.pinniped.dev_webhookidentityproviders.yaml b/generated/1.17/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml similarity index 89% rename from generated/1.18/crds/idp.pinniped.dev_webhookidentityproviders.yaml rename to generated/1.17/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index 213b7ad20..9ae6152e1 100644 --- a/generated/1.18/crds/idp.pinniped.dev_webhookidentityproviders.yaml +++ b/generated/1.17/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -6,21 +6,18 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.4.0 creationTimestamp: null - name: webhookidentityproviders.idp.pinniped.dev + name: webhookauthenticators.authentication.concierge.pinniped.dev spec: - group: idp.pinniped.dev + group: authentication.concierge.pinniped.dev names: categories: - all - - idp - - idps - kind: WebhookIdentityProvider - listKind: WebhookIdentityProviderList - plural: webhookidentityproviders - shortNames: - - webhookidp - - webhookidps - singular: webhookidentityprovider + - authenticator + - authenticators + kind: WebhookAuthenticator + listKind: WebhookAuthenticatorList + plural: webhookauthenticators + singular: webhookauthenticator scope: Namespaced versions: - additionalPrinterColumns: @@ -30,8 +27,8 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: WebhookIdentityProvider describes the configuration of a Pinniped - webhook identity provider. + description: WebhookAuthenticator describes the configuration of a webhook + authenticator. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -46,7 +43,7 @@ spec: metadata: type: object spec: - description: Spec for configuring the identity provider. + description: Spec for configuring the authenticator. properties: endpoint: description: Webhook server endpoint URL. @@ -65,11 +62,11 @@ spec: - endpoint type: object status: - description: Status of the identity provider. + description: Status of the authenticator. properties: conditions: - description: Represents the observations of an identity provider's - current state. + description: Represents the observations of the authenticator's current + state. items: description: Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can diff --git a/generated/1.18/README.adoc b/generated/1.18/README.adoc index 0d3dabd97..0361d2162 100644 --- a/generated/1.18/README.adoc +++ b/generated/1.18/README.adoc @@ -5,11 +5,115 @@ == API Reference .Packages +- xref:{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1[$$authentication.concierge.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-config-pinniped-dev-v1alpha1[$$config.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-idp-pinniped-dev-v1alpha1[$$idp.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1[$$login.concierge.pinniped.dev/v1alpha1$$] +[id="{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1"] +=== authentication.concierge.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-authentication-v1alpha1-condition"] +==== Condition + +Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) +| *`status`* __ConditionStatus__ | status of the condition, one of True, False, Unknown. +| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. +| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. +| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. +| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-authentication-v1alpha1-tlsspec"] +==== TLSSpec + +Configuration for configuring TLS on various authenticators. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-authentication-v1alpha1-webhookauthenticator"] +==== WebhookAuthenticator + +WebhookAuthenticator describes the configuration of a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] +==== WebhookAuthenticatorSpec + +Spec for configuring a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`endpoint`* __string__ | Webhook server endpoint URL. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] +==== WebhookAuthenticatorStatus + +Status of a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-concierge-authentication-v1alpha1-condition[$$Condition$$]__ | Represents the observations of the authenticator's current state. +|=== + + + [id="{anchor_prefix}-config-pinniped-dev-v1alpha1"] === config.pinniped.dev/v1alpha1 @@ -161,110 +265,6 @@ OIDCProviderConfigStatus is a struct that describes the actual state of an OIDC -[id="{anchor_prefix}-idp-pinniped-dev-v1alpha1"] -=== idp.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped identity provider API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-idp-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-idp-v1alpha1-webhookidentityproviderstatus[$$WebhookIdentityProviderStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __ConditionStatus__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-idp-v1alpha1-tlsspec"] -==== TLSSpec - -Configuration for configuring TLS on various identity providers. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-idp-v1alpha1-webhookidentityproviderspec[$$WebhookIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-idp-v1alpha1-webhookidentityprovider"] -==== WebhookIdentityProvider - -WebhookIdentityProvider describes the configuration of a Pinniped webhook identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-idp-v1alpha1-webhookidentityproviderlist[$$WebhookIdentityProviderList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-idp-v1alpha1-webhookidentityproviderspec[$$WebhookIdentityProviderSpec$$]__ | Spec for configuring the identity provider. -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-idp-v1alpha1-webhookidentityproviderstatus[$$WebhookIdentityProviderStatus$$]__ | Status of the identity provider. -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-idp-v1alpha1-webhookidentityproviderspec"] -==== WebhookIdentityProviderSpec - -Spec for configuring a webhook identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-idp-v1alpha1-webhookidentityprovider[$$WebhookIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`endpoint`* __string__ | Webhook server endpoint URL. -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-idp-v1alpha1-webhookidentityproviderstatus"] -==== WebhookIdentityProviderStatus - -Status of a webhook identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-idp-v1alpha1-webhookidentityprovider[$$WebhookIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-idp-v1alpha1-condition[$$Condition$$]__ | Represents the observations of an identity provider's current state. -|=== - - - [id="{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1"] === login.concierge.pinniped.dev/v1alpha1 @@ -328,7 +328,7 @@ TokenCredentialRequestSpec is the specification of a TokenCredentialRequest, exp |=== | Field | Description | *`token`* __string__ | Bearer token supplied with the credential request. -| *`identityProvider`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an identity provider which can fulfill this credential request. +| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. |=== diff --git a/generated/1.18/apis/concierge/authentication/doc.go b/generated/1.18/apis/concierge/authentication/doc.go new file mode 100644 index 000000000..78e81bd63 --- /dev/null +++ b/generated/1.18/apis/concierge/authentication/doc.go @@ -0,0 +1,8 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:deepcopy-gen=package +// +groupName=authentication.concierge.pinniped.dev + +// Package authentication is the internal version of the Pinniped concierge authentication API. +package authentication diff --git a/generated/1.18/apis/idp/v1alpha1/conversion.go b/generated/1.18/apis/concierge/authentication/v1alpha1/conversion.go similarity index 100% rename from generated/1.18/apis/idp/v1alpha1/conversion.go rename to generated/1.18/apis/concierge/authentication/v1alpha1/conversion.go diff --git a/generated/1.18/apis/idp/v1alpha1/defaults.go b/generated/1.18/apis/concierge/authentication/v1alpha1/defaults.go similarity index 100% rename from generated/1.18/apis/idp/v1alpha1/defaults.go rename to generated/1.18/apis/concierge/authentication/v1alpha1/defaults.go diff --git a/generated/1.18/apis/concierge/authentication/v1alpha1/doc.go b/generated/1.18/apis/concierge/authentication/v1alpha1/doc.go new file mode 100644 index 000000000..00a19514a --- /dev/null +++ b/generated/1.18/apis/concierge/authentication/v1alpha1/doc.go @@ -0,0 +1,11 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:conversion-gen=go.pinniped.dev/generated/1.18/apis/concierge/authentication +// +k8s:defaulter-gen=TypeMeta +// +groupName=authentication.concierge.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. +package v1alpha1 diff --git a/generated/1.19/apis/idp/v1alpha1/register.go b/generated/1.18/apis/concierge/authentication/v1alpha1/register.go similarity index 91% rename from generated/1.19/apis/idp/v1alpha1/register.go rename to generated/1.18/apis/concierge/authentication/v1alpha1/register.go index 494aef367..1a5163daa 100644 --- a/generated/1.19/apis/idp/v1alpha1/register.go +++ b/generated/1.18/apis/concierge/authentication/v1alpha1/register.go @@ -9,7 +9,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" ) -const GroupName = "idp.pinniped.dev" +const GroupName = "authentication.concierge.pinniped.dev" // SchemeGroupVersion is group version used to register these objects. var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} @@ -30,8 +30,8 @@ func init() { // Adds the list of known types to the given scheme. func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, - &WebhookIdentityProvider{}, - &WebhookIdentityProviderList{}, + &WebhookAuthenticator{}, + &WebhookAuthenticatorList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.18/apis/idp/v1alpha1/types_meta.go b/generated/1.18/apis/concierge/authentication/v1alpha1/types_meta.go similarity index 100% rename from generated/1.18/apis/idp/v1alpha1/types_meta.go rename to generated/1.18/apis/concierge/authentication/v1alpha1/types_meta.go diff --git a/generated/1.18/apis/idp/v1alpha1/types_tls.go b/generated/1.18/apis/concierge/authentication/v1alpha1/types_tls.go similarity index 84% rename from generated/1.18/apis/idp/v1alpha1/types_tls.go rename to generated/1.18/apis/concierge/authentication/v1alpha1/types_tls.go index 2f2098c91..f882f2d6c 100644 --- a/generated/1.18/apis/idp/v1alpha1/types_tls.go +++ b/generated/1.18/apis/concierge/authentication/v1alpha1/types_tls.go @@ -3,7 +3,7 @@ package v1alpha1 -// Configuration for configuring TLS on various identity providers. +// Configuration for configuring TLS on various authenticators. type TLSSpec struct { // X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. // +optional diff --git a/generated/1.17/apis/idp/v1alpha1/types_webhook.go b/generated/1.18/apis/concierge/authentication/v1alpha1/types_webhook.go similarity index 55% rename from generated/1.17/apis/idp/v1alpha1/types_webhook.go rename to generated/1.18/apis/concierge/authentication/v1alpha1/types_webhook.go index 6e4763378..8124597ab 100644 --- a/generated/1.17/apis/idp/v1alpha1/types_webhook.go +++ b/generated/1.18/apis/concierge/authentication/v1alpha1/types_webhook.go @@ -5,9 +5,9 @@ package v1alpha1 import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -// Status of a webhook identity provider. -type WebhookIdentityProviderStatus struct { - // Represents the observations of an identity provider's current state. +// Status of a webhook authenticator. +type WebhookAuthenticatorStatus struct { + // Represents the observations of the authenticator's current state. // +patchMergeKey=type // +patchStrategy=merge // +listType=map @@ -15,8 +15,8 @@ type WebhookIdentityProviderStatus struct { Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } -// Spec for configuring a webhook identity provider. -type WebhookIdentityProviderSpec struct { +// Spec for configuring a webhook authenticator. +type WebhookAuthenticatorSpec struct { // Webhook server endpoint URL. // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:Pattern=`^https://` @@ -27,27 +27,27 @@ type WebhookIdentityProviderSpec struct { TLS *TLSSpec `json:"tls,omitempty"` } -// WebhookIdentityProvider describes the configuration of a Pinniped webhook identity provider. +// WebhookAuthenticator describes the configuration of a webhook authenticator. // +genclient // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=all;idp;idps,shortName=webhookidp;webhookidps +// +kubebuilder:resource:categories=all;authenticator;authenticators // +kubebuilder:printcolumn:name="Endpoint",type=string,JSONPath=`.spec.endpoint` -type WebhookIdentityProvider struct { +type WebhookAuthenticator struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // Spec for configuring the identity provider. - Spec WebhookIdentityProviderSpec `json:"spec"` + // Spec for configuring the authenticator. + Spec WebhookAuthenticatorSpec `json:"spec"` - // Status of the identity provider. - Status WebhookIdentityProviderStatus `json:"status,omitempty"` + // Status of the authenticator. + Status WebhookAuthenticatorStatus `json:"status,omitempty"` } -// List of WebhookIdentityProvider objects. +// List of WebhookAuthenticator objects. // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type WebhookIdentityProviderList struct { +type WebhookAuthenticatorList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` - Items []WebhookIdentityProvider `json:"items"` + Items []WebhookAuthenticator `json:"items"` } diff --git a/generated/1.18/apis/idp/v1alpha1/zz_generated.conversion.go b/generated/1.18/apis/concierge/authentication/v1alpha1/zz_generated.conversion.go similarity index 100% rename from generated/1.18/apis/idp/v1alpha1/zz_generated.conversion.go rename to generated/1.18/apis/concierge/authentication/v1alpha1/zz_generated.conversion.go diff --git a/generated/1.19/apis/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go similarity index 72% rename from generated/1.19/apis/idp/v1alpha1/zz_generated.deepcopy.go rename to generated/1.18/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index cb0f46c85..a4e27af74 100644 --- a/generated/1.19/apis/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -45,7 +45,7 @@ func (in *TLSSpec) DeepCopy() *TLSSpec { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookIdentityProvider) DeepCopyInto(out *WebhookIdentityProvider) { +func (in *WebhookAuthenticator) DeepCopyInto(out *WebhookAuthenticator) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) @@ -54,18 +54,18 @@ func (in *WebhookIdentityProvider) DeepCopyInto(out *WebhookIdentityProvider) { return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookIdentityProvider. -func (in *WebhookIdentityProvider) DeepCopy() *WebhookIdentityProvider { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticator. +func (in *WebhookAuthenticator) DeepCopy() *WebhookAuthenticator { if in == nil { return nil } - out := new(WebhookIdentityProvider) + out := new(WebhookAuthenticator) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WebhookIdentityProvider) DeepCopyObject() runtime.Object { +func (in *WebhookAuthenticator) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -73,13 +73,13 @@ func (in *WebhookIdentityProvider) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookIdentityProviderList) DeepCopyInto(out *WebhookIdentityProviderList) { +func (in *WebhookAuthenticatorList) DeepCopyInto(out *WebhookAuthenticatorList) { *out = *in out.TypeMeta = in.TypeMeta in.ListMeta.DeepCopyInto(&out.ListMeta) if in.Items != nil { in, out := &in.Items, &out.Items - *out = make([]WebhookIdentityProvider, len(*in)) + *out = make([]WebhookAuthenticator, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -87,18 +87,18 @@ func (in *WebhookIdentityProviderList) DeepCopyInto(out *WebhookIdentityProvider return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookIdentityProviderList. -func (in *WebhookIdentityProviderList) DeepCopy() *WebhookIdentityProviderList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorList. +func (in *WebhookAuthenticatorList) DeepCopy() *WebhookAuthenticatorList { if in == nil { return nil } - out := new(WebhookIdentityProviderList) + out := new(WebhookAuthenticatorList) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WebhookIdentityProviderList) DeepCopyObject() runtime.Object { +func (in *WebhookAuthenticatorList) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -106,7 +106,7 @@ func (in *WebhookIdentityProviderList) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookIdentityProviderSpec) DeepCopyInto(out *WebhookIdentityProviderSpec) { +func (in *WebhookAuthenticatorSpec) DeepCopyInto(out *WebhookAuthenticatorSpec) { *out = *in if in.TLS != nil { in, out := &in.TLS, &out.TLS @@ -116,18 +116,18 @@ func (in *WebhookIdentityProviderSpec) DeepCopyInto(out *WebhookIdentityProvider return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookIdentityProviderSpec. -func (in *WebhookIdentityProviderSpec) DeepCopy() *WebhookIdentityProviderSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorSpec. +func (in *WebhookAuthenticatorSpec) DeepCopy() *WebhookAuthenticatorSpec { if in == nil { return nil } - out := new(WebhookIdentityProviderSpec) + out := new(WebhookAuthenticatorSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookIdentityProviderStatus) DeepCopyInto(out *WebhookIdentityProviderStatus) { +func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions @@ -139,12 +139,12 @@ func (in *WebhookIdentityProviderStatus) DeepCopyInto(out *WebhookIdentityProvid return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookIdentityProviderStatus. -func (in *WebhookIdentityProviderStatus) DeepCopy() *WebhookIdentityProviderStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorStatus. +func (in *WebhookAuthenticatorStatus) DeepCopy() *WebhookAuthenticatorStatus { if in == nil { return nil } - out := new(WebhookIdentityProviderStatus) + out := new(WebhookAuthenticatorStatus) in.DeepCopyInto(out) return out } diff --git a/generated/1.18/apis/idp/v1alpha1/zz_generated.defaults.go b/generated/1.18/apis/concierge/authentication/v1alpha1/zz_generated.defaults.go similarity index 100% rename from generated/1.18/apis/idp/v1alpha1/zz_generated.defaults.go rename to generated/1.18/apis/concierge/authentication/v1alpha1/zz_generated.defaults.go diff --git a/generated/1.19/apis/idp/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/authentication/zz_generated.deepcopy.go similarity index 89% rename from generated/1.19/apis/idp/zz_generated.deepcopy.go rename to generated/1.18/apis/concierge/authentication/zz_generated.deepcopy.go index 0b9642eaf..3a7a0f4b4 100644 --- a/generated/1.19/apis/idp/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/authentication/zz_generated.deepcopy.go @@ -5,4 +5,4 @@ // Code generated by deepcopy-gen. DO NOT EDIT. -package idp +package authentication diff --git a/generated/1.18/apis/concierge/login/types_token.go b/generated/1.18/apis/concierge/login/types_token.go index 91d36cfbf..a0555f85d 100644 --- a/generated/1.18/apis/concierge/login/types_token.go +++ b/generated/1.18/apis/concierge/login/types_token.go @@ -12,8 +12,8 @@ type TokenCredentialRequestSpec struct { // Bearer token supplied with the credential request. Token string - // Reference to an identity provider which can fulfill this credential request. - IdentityProvider corev1.TypedLocalObjectReference + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference } type TokenCredentialRequestStatus struct { diff --git a/generated/1.18/apis/concierge/login/v1alpha1/types_token.go b/generated/1.18/apis/concierge/login/v1alpha1/types_token.go index 9fba33694..cb5965a23 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/types_token.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/types_token.go @@ -13,8 +13,8 @@ type TokenCredentialRequestSpec struct { // Bearer token supplied with the credential request. Token string `json:"token,omitempty"` - // Reference to an identity provider which can fulfill this credential request. - IdentityProvider corev1.TypedLocalObjectReference `json:"identityProvider"` + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference `json:"authenticator"` } // TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API. diff --git a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.conversion.go index bdb74e19f..c25c575d8 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -157,7 +157,7 @@ func Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequest func autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error { out.Token = in.Token - out.IdentityProvider = in.IdentityProvider + out.Authenticator = in.Authenticator return nil } @@ -168,7 +168,7 @@ func Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequest func autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error { out.Token = in.Token - out.IdentityProvider = in.IdentityProvider + out.Authenticator = in.Authenticator return nil } diff --git a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go index 2001aa609..4160d6692 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { *out = *in - in.IdentityProvider.DeepCopyInto(&out.IdentityProvider) + in.Authenticator.DeepCopyInto(&out.Authenticator) return } diff --git a/generated/1.18/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/login/zz_generated.deepcopy.go index d92ad253c..f43661bc6 100644 --- a/generated/1.18/apis/concierge/login/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/login/zz_generated.deepcopy.go @@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { *out = *in - in.IdentityProvider.DeepCopyInto(&out.IdentityProvider) + in.Authenticator.DeepCopyInto(&out.Authenticator) return } diff --git a/generated/1.18/apis/idp/doc.go b/generated/1.18/apis/idp/doc.go deleted file mode 100644 index 17d329436..000000000 --- a/generated/1.18/apis/idp/doc.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=idp.pinniped.dev - -// Package idp is the internal version of the Pinniped identity provider API. -package idp diff --git a/generated/1.18/apis/idp/v1alpha1/doc.go b/generated/1.18/apis/idp/v1alpha1/doc.go deleted file mode 100644 index 95225bb6c..000000000 --- a/generated/1.18/apis/idp/v1alpha1/doc.go +++ /dev/null @@ -1,12 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.18/apis/idp -// +k8s:defaulter-gen=TypeMeta -// +groupName=idp.pinniped.dev -// +groupGoName=IDP - -// Package v1alpha1 is the v1alpha1 version of the Pinniped identity provider API. -package v1alpha1 diff --git a/generated/1.18/client/clientset/versioned/clientset.go b/generated/1.18/client/clientset/versioned/clientset.go index fcd663cda..5201e527b 100644 --- a/generated/1.18/client/clientset/versioned/clientset.go +++ b/generated/1.18/client/clientset/versioned/clientset.go @@ -8,8 +8,8 @@ package versioned import ( "fmt" + authenticationv1alpha1 "go.pinniped.dev/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1" configv1alpha1 "go.pinniped.dev/generated/1.18/client/clientset/versioned/typed/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1" loginv1alpha1 "go.pinniped.dev/generated/1.18/client/clientset/versioned/typed/login/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" @@ -18,8 +18,8 @@ import ( type Interface interface { Discovery() discovery.DiscoveryInterface + AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface - IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface } @@ -27,9 +27,14 @@ type Interface interface { // version included in a Clientset. type Clientset struct { *discovery.DiscoveryClient - configV1alpha1 *configv1alpha1.ConfigV1alpha1Client - iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client - loginV1alpha1 *loginv1alpha1.LoginV1alpha1Client + authenticationV1alpha1 *authenticationv1alpha1.AuthenticationV1alpha1Client + configV1alpha1 *configv1alpha1.ConfigV1alpha1Client + loginV1alpha1 *loginv1alpha1.LoginV1alpha1Client +} + +// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client +func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { + return c.authenticationV1alpha1 } // ConfigV1alpha1 retrieves the ConfigV1alpha1Client @@ -37,11 +42,6 @@ func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { return c.configV1alpha1 } -// IDPV1alpha1 retrieves the IDPV1alpha1Client -func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { - return c.iDPV1alpha1 -} - // LoginV1alpha1 retrieves the LoginV1alpha1Client func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface { return c.loginV1alpha1 @@ -68,11 +68,11 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { } var cs Clientset var err error - cs.configV1alpha1, err = configv1alpha1.NewForConfig(&configShallowCopy) + cs.authenticationV1alpha1, err = authenticationv1alpha1.NewForConfig(&configShallowCopy) if err != nil { return nil, err } - cs.iDPV1alpha1, err = idpv1alpha1.NewForConfig(&configShallowCopy) + cs.configV1alpha1, err = configv1alpha1.NewForConfig(&configShallowCopy) if err != nil { return nil, err } @@ -92,8 +92,8 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { // panics if there is an error in the config. func NewForConfigOrDie(c *rest.Config) *Clientset { var cs Clientset + cs.authenticationV1alpha1 = authenticationv1alpha1.NewForConfigOrDie(c) cs.configV1alpha1 = configv1alpha1.NewForConfigOrDie(c) - cs.iDPV1alpha1 = idpv1alpha1.NewForConfigOrDie(c) cs.loginV1alpha1 = loginv1alpha1.NewForConfigOrDie(c) cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) @@ -103,8 +103,8 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { // New creates a new Clientset for the given RESTClient. func New(c rest.Interface) *Clientset { var cs Clientset + cs.authenticationV1alpha1 = authenticationv1alpha1.New(c) cs.configV1alpha1 = configv1alpha1.New(c) - cs.iDPV1alpha1 = idpv1alpha1.New(c) cs.loginV1alpha1 = loginv1alpha1.New(c) cs.DiscoveryClient = discovery.NewDiscoveryClient(c) diff --git a/generated/1.18/client/clientset/versioned/fake/clientset_generated.go b/generated/1.18/client/clientset/versioned/fake/clientset_generated.go index 00b7ab1c6..b8b6aceac 100644 --- a/generated/1.18/client/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.18/client/clientset/versioned/fake/clientset_generated.go @@ -7,10 +7,10 @@ package fake import ( clientset "go.pinniped.dev/generated/1.18/client/clientset/versioned" + authenticationv1alpha1 "go.pinniped.dev/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1" + fakeauthenticationv1alpha1 "go.pinniped.dev/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/fake" configv1alpha1 "go.pinniped.dev/generated/1.18/client/clientset/versioned/typed/config/v1alpha1" fakeconfigv1alpha1 "go.pinniped.dev/generated/1.18/client/clientset/versioned/typed/config/v1alpha1/fake" - idpv1alpha1 "go.pinniped.dev/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1" - fakeidpv1alpha1 "go.pinniped.dev/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/fake" loginv1alpha1 "go.pinniped.dev/generated/1.18/client/clientset/versioned/typed/login/v1alpha1" fakeloginv1alpha1 "go.pinniped.dev/generated/1.18/client/clientset/versioned/typed/login/v1alpha1/fake" "k8s.io/apimachinery/pkg/runtime" @@ -67,16 +67,16 @@ func (c *Clientset) Tracker() testing.ObjectTracker { var _ clientset.Interface = &Clientset{} +// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client +func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { + return &fakeauthenticationv1alpha1.FakeAuthenticationV1alpha1{Fake: &c.Fake} +} + // ConfigV1alpha1 retrieves the ConfigV1alpha1Client func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { return &fakeconfigv1alpha1.FakeConfigV1alpha1{Fake: &c.Fake} } -// IDPV1alpha1 retrieves the IDPV1alpha1Client -func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { - return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} -} - // LoginV1alpha1 retrieves the LoginV1alpha1Client func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface { return &fakeloginv1alpha1.FakeLoginV1alpha1{Fake: &c.Fake} diff --git a/generated/1.18/client/clientset/versioned/fake/register.go b/generated/1.18/client/clientset/versioned/fake/register.go index 24b90e32e..bdb2ee642 100644 --- a/generated/1.18/client/clientset/versioned/fake/register.go +++ b/generated/1.18/client/clientset/versioned/fake/register.go @@ -6,9 +6,9 @@ package fake import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1" loginv1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1" configv1alpha1 "go.pinniped.dev/generated/1.18/apis/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -20,8 +20,8 @@ var scheme = runtime.NewScheme() var codecs = serializer.NewCodecFactory(scheme) var parameterCodec = runtime.NewParameterCodec(scheme) var localSchemeBuilder = runtime.SchemeBuilder{ + authenticationv1alpha1.AddToScheme, configv1alpha1.AddToScheme, - idpv1alpha1.AddToScheme, loginv1alpha1.AddToScheme, } diff --git a/generated/1.18/client/clientset/versioned/scheme/register.go b/generated/1.18/client/clientset/versioned/scheme/register.go index d8373c67c..e41b4bf92 100644 --- a/generated/1.18/client/clientset/versioned/scheme/register.go +++ b/generated/1.18/client/clientset/versioned/scheme/register.go @@ -6,9 +6,9 @@ package scheme import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1" loginv1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1" configv1alpha1 "go.pinniped.dev/generated/1.18/apis/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -20,8 +20,8 @@ var Scheme = runtime.NewScheme() var Codecs = serializer.NewCodecFactory(Scheme) var ParameterCodec = runtime.NewParameterCodec(Scheme) var localSchemeBuilder = runtime.SchemeBuilder{ + authenticationv1alpha1.AddToScheme, configv1alpha1.AddToScheme, - idpv1alpha1.AddToScheme, loginv1alpha1.AddToScheme, } diff --git a/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/idp_client.go b/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go similarity index 50% rename from generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/idp_client.go rename to generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go index abb575ff2..4b4ff7dbc 100644 --- a/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/idp_client.go +++ b/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go @@ -6,27 +6,27 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1" "go.pinniped.dev/generated/1.18/client/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) -type IDPV1alpha1Interface interface { +type AuthenticationV1alpha1Interface interface { RESTClient() rest.Interface - WebhookIdentityProvidersGetter + WebhookAuthenticatorsGetter } -// IDPV1alpha1Client is used to interact with features provided by the idp.pinniped.dev group. -type IDPV1alpha1Client struct { +// AuthenticationV1alpha1Client is used to interact with features provided by the authentication.concierge.pinniped.dev group. +type AuthenticationV1alpha1Client struct { restClient rest.Interface } -func (c *IDPV1alpha1Client) WebhookIdentityProviders(namespace string) WebhookIdentityProviderInterface { - return newWebhookIdentityProviders(c, namespace) +func (c *AuthenticationV1alpha1Client) WebhookAuthenticators(namespace string) WebhookAuthenticatorInterface { + return newWebhookAuthenticators(c, namespace) } -// NewForConfig creates a new IDPV1alpha1Client for the given config. -func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { +// NewForConfig creates a new AuthenticationV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) { config := *c if err := setConfigDefaults(&config); err != nil { return nil, err @@ -35,12 +35,12 @@ func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { if err != nil { return nil, err } - return &IDPV1alpha1Client{client}, nil + return &AuthenticationV1alpha1Client{client}, nil } -// NewForConfigOrDie creates a new IDPV1alpha1Client for the given config and +// NewForConfigOrDie creates a new AuthenticationV1alpha1Client for the given config and // panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *IDPV1alpha1Client { +func NewForConfigOrDie(c *rest.Config) *AuthenticationV1alpha1Client { client, err := NewForConfig(c) if err != nil { panic(err) @@ -48,9 +48,9 @@ func NewForConfigOrDie(c *rest.Config) *IDPV1alpha1Client { return client } -// New creates a new IDPV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *IDPV1alpha1Client { - return &IDPV1alpha1Client{c} +// New creates a new AuthenticationV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *AuthenticationV1alpha1Client { + return &AuthenticationV1alpha1Client{c} } func setConfigDefaults(config *rest.Config) error { @@ -68,7 +68,7 @@ func setConfigDefaults(config *rest.Config) error { // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. -func (c *IDPV1alpha1Client) RESTClient() rest.Interface { +func (c *AuthenticationV1alpha1Client) RESTClient() rest.Interface { if c == nil { return nil } diff --git a/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/doc.go b/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/doc.go similarity index 100% rename from generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/doc.go rename to generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/doc.go diff --git a/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/fake/doc.go b/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/fake/doc.go rename to generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go diff --git a/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go b/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go similarity index 60% rename from generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go rename to generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go index ba62b2183..dfad16751 100644 --- a/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go +++ b/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go @@ -6,22 +6,22 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) -type FakeIDPV1alpha1 struct { +type FakeAuthenticationV1alpha1 struct { *testing.Fake } -func (c *FakeIDPV1alpha1) WebhookIdentityProviders(namespace string) v1alpha1.WebhookIdentityProviderInterface { - return &FakeWebhookIdentityProviders{c, namespace} +func (c *FakeAuthenticationV1alpha1) WebhookAuthenticators(namespace string) v1alpha1.WebhookAuthenticatorInterface { + return &FakeWebhookAuthenticators{c, namespace} } // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. -func (c *FakeIDPV1alpha1) RESTClient() rest.Interface { +func (c *FakeAuthenticationV1alpha1) RESTClient() rest.Interface { var ret *rest.RESTClient return ret } diff --git a/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go new file mode 100644 index 000000000..83adeb87c --- /dev/null +++ b/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go @@ -0,0 +1,129 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeWebhookAuthenticators implements WebhookAuthenticatorInterface +type FakeWebhookAuthenticators struct { + Fake *FakeAuthenticationV1alpha1 + ns string +} + +var webhookauthenticatorsResource = schema.GroupVersionResource{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Resource: "webhookauthenticators"} + +var webhookauthenticatorsKind = schema.GroupVersionKind{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Kind: "WebhookAuthenticator"} + +// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. +func (c *FakeWebhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(webhookauthenticatorsResource, c.ns, name), &v1alpha1.WebhookAuthenticator{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. +func (c *FakeWebhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(webhookauthenticatorsResource, webhookauthenticatorsKind, c.ns, opts), &v1alpha1.WebhookAuthenticatorList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.WebhookAuthenticatorList{ListMeta: obj.(*v1alpha1.WebhookAuthenticatorList).ListMeta} + for _, item := range obj.(*v1alpha1.WebhookAuthenticatorList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested webhookAuthenticators. +func (c *FakeWebhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(webhookauthenticatorsResource, c.ns, opts)) + +} + +// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *FakeWebhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(webhookauthenticatorsResource, c.ns, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *FakeWebhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(webhookauthenticatorsResource, c.ns, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeWebhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(webhookauthenticatorsResource, "status", c.ns, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. +func (c *FakeWebhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(webhookauthenticatorsResource, c.ns, name), &v1alpha1.WebhookAuthenticator{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeWebhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(webhookauthenticatorsResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.WebhookAuthenticatorList{}) + return err +} + +// Patch applies the patch and returns the patched webhookAuthenticator. +func (c *FakeWebhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(webhookauthenticatorsResource, c.ns, name, pt, data, subresources...), &v1alpha1.WebhookAuthenticator{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} diff --git a/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go b/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go similarity index 77% rename from generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go rename to generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go index 69ebc739d..e1b1f2b40 100644 --- a/generated/1.17/client/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go +++ b/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go @@ -5,4 +5,4 @@ package v1alpha1 -type WebhookIdentityProviderExpansion interface{} +type WebhookAuthenticatorExpansion interface{} diff --git a/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 000000000..2e5b78db5 --- /dev/null +++ b/generated/1.18/client/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,182 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.18/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// WebhookAuthenticatorsGetter has a method to return a WebhookAuthenticatorInterface. +// A group's client should implement this interface. +type WebhookAuthenticatorsGetter interface { + WebhookAuthenticators(namespace string) WebhookAuthenticatorInterface +} + +// WebhookAuthenticatorInterface has methods to work with WebhookAuthenticator resources. +type WebhookAuthenticatorInterface interface { + Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (*v1alpha1.WebhookAuthenticator, error) + Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) + UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.WebhookAuthenticator, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.WebhookAuthenticatorList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) + WebhookAuthenticatorExpansion +} + +// webhookAuthenticators implements WebhookAuthenticatorInterface +type webhookAuthenticators struct { + client rest.Interface + ns string +} + +// newWebhookAuthenticators returns a WebhookAuthenticators +func newWebhookAuthenticators(c *AuthenticationV1alpha1Client, namespace string) *webhookAuthenticators { + return &webhookAuthenticators{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. +func (c *webhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Get(). + Namespace(c.ns). + Resource("webhookauthenticators"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. +func (c *webhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.WebhookAuthenticatorList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested webhookAuthenticators. +func (c *webhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *webhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Post(). + Namespace(c.ns). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(webhookAuthenticator). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *webhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Put(). + Namespace(c.ns). + Resource("webhookauthenticators"). + Name(webhookAuthenticator.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(webhookAuthenticator). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *webhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Put(). + Namespace(c.ns). + Resource("webhookauthenticators"). + Name(webhookAuthenticator.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(webhookAuthenticator). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. +func (c *webhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("webhookauthenticators"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *webhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("webhookauthenticators"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched webhookAuthenticator. +func (c *webhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("webhookauthenticators"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_webhookidentityprovider.go b/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_webhookidentityprovider.go deleted file mode 100644 index fd10c7060..000000000 --- a/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_webhookidentityprovider.go +++ /dev/null @@ -1,129 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeWebhookIdentityProviders implements WebhookIdentityProviderInterface -type FakeWebhookIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var webhookidentityprovidersResource = schema.GroupVersionResource{Group: "idp.pinniped.dev", Version: "v1alpha1", Resource: "webhookidentityproviders"} - -var webhookidentityprovidersKind = schema.GroupVersionKind{Group: "idp.pinniped.dev", Version: "v1alpha1", Kind: "WebhookIdentityProvider"} - -// Get takes name of the webhookIdentityProvider, and returns the corresponding webhookIdentityProvider object, and an error if there is any. -func (c *FakeWebhookIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(webhookidentityprovidersResource, c.ns, name), &v1alpha1.WebhookIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of WebhookIdentityProviders that match those selectors. -func (c *FakeWebhookIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(webhookidentityprovidersResource, webhookidentityprovidersKind, c.ns, opts), &v1alpha1.WebhookIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.WebhookIdentityProviderList{ListMeta: obj.(*v1alpha1.WebhookIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.WebhookIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested webhookIdentityProviders. -func (c *FakeWebhookIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(webhookidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a webhookIdentityProvider and creates it. Returns the server's representation of the webhookIdentityProvider, and an error, if there is any. -func (c *FakeWebhookIdentityProviders) Create(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.WebhookIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(webhookidentityprovidersResource, c.ns, webhookIdentityProvider), &v1alpha1.WebhookIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookIdentityProvider), err -} - -// Update takes the representation of a webhookIdentityProvider and updates it. Returns the server's representation of the webhookIdentityProvider, and an error, if there is any. -func (c *FakeWebhookIdentityProviders) Update(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.WebhookIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(webhookidentityprovidersResource, c.ns, webhookIdentityProvider), &v1alpha1.WebhookIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeWebhookIdentityProviders) UpdateStatus(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.WebhookIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(webhookidentityprovidersResource, "status", c.ns, webhookIdentityProvider), &v1alpha1.WebhookIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookIdentityProvider), err -} - -// Delete takes name of the webhookIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeWebhookIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(webhookidentityprovidersResource, c.ns, name), &v1alpha1.WebhookIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeWebhookIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(webhookidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.WebhookIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched webhookIdentityProvider. -func (c *FakeWebhookIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(webhookidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.WebhookIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookIdentityProvider), err -} diff --git a/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/webhookidentityprovider.go b/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/webhookidentityprovider.go deleted file mode 100644 index 0f262177a..000000000 --- a/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/webhookidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.18/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// WebhookIdentityProvidersGetter has a method to return a WebhookIdentityProviderInterface. -// A group's client should implement this interface. -type WebhookIdentityProvidersGetter interface { - WebhookIdentityProviders(namespace string) WebhookIdentityProviderInterface -} - -// WebhookIdentityProviderInterface has methods to work with WebhookIdentityProvider resources. -type WebhookIdentityProviderInterface interface { - Create(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.CreateOptions) (*v1alpha1.WebhookIdentityProvider, error) - Update(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.WebhookIdentityProvider, error) - UpdateStatus(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.WebhookIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.WebhookIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.WebhookIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookIdentityProvider, err error) - WebhookIdentityProviderExpansion -} - -// webhookIdentityProviders implements WebhookIdentityProviderInterface -type webhookIdentityProviders struct { - client rest.Interface - ns string -} - -// newWebhookIdentityProviders returns a WebhookIdentityProviders -func newWebhookIdentityProviders(c *IDPV1alpha1Client, namespace string) *webhookIdentityProviders { - return &webhookIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the webhookIdentityProvider, and returns the corresponding webhookIdentityProvider object, and an error if there is any. -func (c *webhookIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookIdentityProvider, err error) { - result = &v1alpha1.WebhookIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of WebhookIdentityProviders that match those selectors. -func (c *webhookIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.WebhookIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested webhookIdentityProviders. -func (c *webhookIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a webhookIdentityProvider and creates it. Returns the server's representation of the webhookIdentityProvider, and an error, if there is any. -func (c *webhookIdentityProviders) Create(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.WebhookIdentityProvider, err error) { - result = &v1alpha1.WebhookIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a webhookIdentityProvider and updates it. Returns the server's representation of the webhookIdentityProvider, and an error, if there is any. -func (c *webhookIdentityProviders) Update(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.WebhookIdentityProvider, err error) { - result = &v1alpha1.WebhookIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - Name(webhookIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *webhookIdentityProviders) UpdateStatus(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.WebhookIdentityProvider, err error) { - result = &v1alpha1.WebhookIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - Name(webhookIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the webhookIdentityProvider and deletes it. Returns an error if one occurs. -func (c *webhookIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *webhookIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched webhookIdentityProvider. -func (c *webhookIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookIdentityProvider, err error) { - result = &v1alpha1.WebhookIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("webhookidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.18/client/informers/externalversions/idp/interface.go b/generated/1.18/client/informers/externalversions/authentication/interface.go similarity index 94% rename from generated/1.18/client/informers/externalversions/idp/interface.go rename to generated/1.18/client/informers/externalversions/authentication/interface.go index b6c033f9b..6770ff80c 100644 --- a/generated/1.18/client/informers/externalversions/idp/interface.go +++ b/generated/1.18/client/informers/externalversions/authentication/interface.go @@ -3,10 +3,10 @@ // Code generated by informer-gen. DO NOT EDIT. -package idp +package authentication import ( - v1alpha1 "go.pinniped.dev/generated/1.18/client/informers/externalversions/idp/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.18/client/informers/externalversions/authentication/v1alpha1" internalinterfaces "go.pinniped.dev/generated/1.18/client/informers/externalversions/internalinterfaces" ) diff --git a/generated/1.18/client/informers/externalversions/idp/v1alpha1/interface.go b/generated/1.18/client/informers/externalversions/authentication/v1alpha1/interface.go similarity index 67% rename from generated/1.18/client/informers/externalversions/idp/v1alpha1/interface.go rename to generated/1.18/client/informers/externalversions/authentication/v1alpha1/interface.go index 4445a99aa..14832425f 100644 --- a/generated/1.18/client/informers/externalversions/idp/v1alpha1/interface.go +++ b/generated/1.18/client/informers/externalversions/authentication/v1alpha1/interface.go @@ -11,8 +11,8 @@ import ( // Interface provides access to all the informers in this group version. type Interface interface { - // WebhookIdentityProviders returns a WebhookIdentityProviderInformer. - WebhookIdentityProviders() WebhookIdentityProviderInformer + // WebhookAuthenticators returns a WebhookAuthenticatorInformer. + WebhookAuthenticators() WebhookAuthenticatorInformer } type version struct { @@ -26,7 +26,7 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} } -// WebhookIdentityProviders returns a WebhookIdentityProviderInformer. -func (v *version) WebhookIdentityProviders() WebhookIdentityProviderInformer { - return &webhookIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +// WebhookAuthenticators returns a WebhookAuthenticatorInformer. +func (v *version) WebhookAuthenticators() WebhookAuthenticatorInformer { + return &webhookAuthenticatorInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } diff --git a/generated/1.18/client/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/1.18/client/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 000000000..47c511c66 --- /dev/null +++ b/generated/1.18/client/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,77 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1" + versioned "go.pinniped.dev/generated/1.18/client/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.18/client/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.18/client/listers/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// WebhookAuthenticatorInformer provides access to a shared informer and lister for +// WebhookAuthenticators. +type WebhookAuthenticatorInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.WebhookAuthenticatorLister +} + +type webhookAuthenticatorInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewWebhookAuthenticatorInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredWebhookAuthenticatorInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredWebhookAuthenticatorInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators(namespace).Watch(context.TODO(), options) + }, + }, + &authenticationv1alpha1.WebhookAuthenticator{}, + resyncPeriod, + indexers, + ) +} + +func (f *webhookAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredWebhookAuthenticatorInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *webhookAuthenticatorInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&authenticationv1alpha1.WebhookAuthenticator{}, f.defaultInformer) +} + +func (f *webhookAuthenticatorInformer) Lister() v1alpha1.WebhookAuthenticatorLister { + return v1alpha1.NewWebhookAuthenticatorLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.18/client/informers/externalversions/factory.go b/generated/1.18/client/informers/externalversions/factory.go index f3793b090..a2b67de75 100644 --- a/generated/1.18/client/informers/externalversions/factory.go +++ b/generated/1.18/client/informers/externalversions/factory.go @@ -11,8 +11,8 @@ import ( time "time" versioned "go.pinniped.dev/generated/1.18/client/clientset/versioned" + authentication "go.pinniped.dev/generated/1.18/client/informers/externalversions/authentication" config "go.pinniped.dev/generated/1.18/client/informers/externalversions/config" - idp "go.pinniped.dev/generated/1.18/client/informers/externalversions/idp" internalinterfaces "go.pinniped.dev/generated/1.18/client/informers/externalversions/internalinterfaces" login "go.pinniped.dev/generated/1.18/client/informers/externalversions/login" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -161,19 +161,19 @@ type SharedInformerFactory interface { ForResource(resource schema.GroupVersionResource) (GenericInformer, error) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + Authentication() authentication.Interface Config() config.Interface - IDP() idp.Interface Login() login.Interface } +func (f *sharedInformerFactory) Authentication() authentication.Interface { + return authentication.New(f, f.namespace, f.tweakListOptions) +} + func (f *sharedInformerFactory) Config() config.Interface { return config.New(f, f.namespace, f.tweakListOptions) } -func (f *sharedInformerFactory) IDP() idp.Interface { - return idp.New(f, f.namespace, f.tweakListOptions) -} - func (f *sharedInformerFactory) Login() login.Interface { return login.New(f, f.namespace, f.tweakListOptions) } diff --git a/generated/1.18/client/informers/externalversions/generic.go b/generated/1.18/client/informers/externalversions/generic.go index 0738f86b1..441b1947e 100644 --- a/generated/1.18/client/informers/externalversions/generic.go +++ b/generated/1.18/client/informers/externalversions/generic.go @@ -8,9 +8,9 @@ package externalversions import ( "fmt" + v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1" loginv1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1" - v1alpha1 "go.pinniped.dev/generated/1.18/apis/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.18/apis/config/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) @@ -41,15 +41,15 @@ func (f *genericInformer) Lister() cache.GenericLister { // TODO extend this to unknown resources with a client pool func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { switch resource { - // Group=config.pinniped.dev, Version=v1alpha1 - case v1alpha1.SchemeGroupVersion.WithResource("credentialissuerconfigs"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuerConfigs().Informer()}, nil - case v1alpha1.SchemeGroupVersion.WithResource("oidcproviderconfigs"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCProviderConfigs().Informer()}, nil + // Group=authentication.concierge.pinniped.dev, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithResource("webhookauthenticators"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil - // Group=idp.pinniped.dev, Version=v1alpha1 - case idpv1alpha1.SchemeGroupVersion.WithResource("webhookidentityproviders"): - return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().WebhookIdentityProviders().Informer()}, nil + // Group=config.pinniped.dev, Version=v1alpha1 + case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuerconfigs"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuerConfigs().Informer()}, nil + case configv1alpha1.SchemeGroupVersion.WithResource("oidcproviderconfigs"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCProviderConfigs().Informer()}, nil // Group=login.concierge.pinniped.dev, Version=v1alpha1 case loginv1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests"): diff --git a/generated/1.18/client/informers/externalversions/idp/v1alpha1/webhookidentityprovider.go b/generated/1.18/client/informers/externalversions/idp/v1alpha1/webhookidentityprovider.go deleted file mode 100644 index 80c8d5fc9..000000000 --- a/generated/1.18/client/informers/externalversions/idp/v1alpha1/webhookidentityprovider.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - idpv1alpha1 "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.18/client/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.18/client/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.18/client/listers/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// WebhookIdentityProviderInformer provides access to a shared informer and lister for -// WebhookIdentityProviders. -type WebhookIdentityProviderInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.WebhookIdentityProviderLister -} - -type webhookIdentityProviderInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewWebhookIdentityProviderInformer constructs a new informer for WebhookIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewWebhookIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredWebhookIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredWebhookIdentityProviderInformer constructs a new informer for WebhookIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredWebhookIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().WebhookIdentityProviders(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().WebhookIdentityProviders(namespace).Watch(context.TODO(), options) - }, - }, - &idpv1alpha1.WebhookIdentityProvider{}, - resyncPeriod, - indexers, - ) -} - -func (f *webhookIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredWebhookIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *webhookIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.WebhookIdentityProvider{}, f.defaultInformer) -} - -func (f *webhookIdentityProviderInformer) Lister() v1alpha1.WebhookIdentityProviderLister { - return v1alpha1.NewWebhookIdentityProviderLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.18/client/listers/authentication/v1alpha1/expansion_generated.go b/generated/1.18/client/listers/authentication/v1alpha1/expansion_generated.go new file mode 100644 index 000000000..25e1ad662 --- /dev/null +++ b/generated/1.18/client/listers/authentication/v1alpha1/expansion_generated.go @@ -0,0 +1,14 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// WebhookAuthenticatorListerExpansion allows custom methods to be added to +// WebhookAuthenticatorLister. +type WebhookAuthenticatorListerExpansion interface{} + +// WebhookAuthenticatorNamespaceListerExpansion allows custom methods to be added to +// WebhookAuthenticatorNamespaceLister. +type WebhookAuthenticatorNamespaceListerExpansion interface{} diff --git a/generated/1.18/client/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.18/client/listers/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 000000000..f6a60ff29 --- /dev/null +++ b/generated/1.18/client/listers/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,81 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// WebhookAuthenticatorLister helps list WebhookAuthenticators. +type WebhookAuthenticatorLister interface { + // List lists all WebhookAuthenticators in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) + // WebhookAuthenticators returns an object that can list and get WebhookAuthenticators. + WebhookAuthenticators(namespace string) WebhookAuthenticatorNamespaceLister + WebhookAuthenticatorListerExpansion +} + +// webhookAuthenticatorLister implements the WebhookAuthenticatorLister interface. +type webhookAuthenticatorLister struct { + indexer cache.Indexer +} + +// NewWebhookAuthenticatorLister returns a new WebhookAuthenticatorLister. +func NewWebhookAuthenticatorLister(indexer cache.Indexer) WebhookAuthenticatorLister { + return &webhookAuthenticatorLister{indexer: indexer} +} + +// List lists all WebhookAuthenticators in the indexer. +func (s *webhookAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.WebhookAuthenticator)) + }) + return ret, err +} + +// WebhookAuthenticators returns an object that can list and get WebhookAuthenticators. +func (s *webhookAuthenticatorLister) WebhookAuthenticators(namespace string) WebhookAuthenticatorNamespaceLister { + return webhookAuthenticatorNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// WebhookAuthenticatorNamespaceLister helps list and get WebhookAuthenticators. +type WebhookAuthenticatorNamespaceLister interface { + // List lists all WebhookAuthenticators in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) + // Get retrieves the WebhookAuthenticator from the indexer for a given namespace and name. + Get(name string) (*v1alpha1.WebhookAuthenticator, error) + WebhookAuthenticatorNamespaceListerExpansion +} + +// webhookAuthenticatorNamespaceLister implements the WebhookAuthenticatorNamespaceLister +// interface. +type webhookAuthenticatorNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all WebhookAuthenticators in the indexer for a given namespace. +func (s webhookAuthenticatorNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.WebhookAuthenticator)) + }) + return ret, err +} + +// Get retrieves the WebhookAuthenticator from the indexer for a given namespace and name. +func (s webhookAuthenticatorNamespaceLister) Get(name string) (*v1alpha1.WebhookAuthenticator, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("webhookauthenticator"), name) + } + return obj.(*v1alpha1.WebhookAuthenticator), nil +} diff --git a/generated/1.18/client/listers/idp/v1alpha1/expansion_generated.go b/generated/1.18/client/listers/idp/v1alpha1/expansion_generated.go deleted file mode 100644 index f0b280e1b..000000000 --- a/generated/1.18/client/listers/idp/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// WebhookIdentityProviderListerExpansion allows custom methods to be added to -// WebhookIdentityProviderLister. -type WebhookIdentityProviderListerExpansion interface{} - -// WebhookIdentityProviderNamespaceListerExpansion allows custom methods to be added to -// WebhookIdentityProviderNamespaceLister. -type WebhookIdentityProviderNamespaceListerExpansion interface{} diff --git a/generated/1.18/client/listers/idp/v1alpha1/webhookidentityprovider.go b/generated/1.18/client/listers/idp/v1alpha1/webhookidentityprovider.go deleted file mode 100644 index 2ff082df9..000000000 --- a/generated/1.18/client/listers/idp/v1alpha1/webhookidentityprovider.go +++ /dev/null @@ -1,81 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// WebhookIdentityProviderLister helps list WebhookIdentityProviders. -type WebhookIdentityProviderLister interface { - // List lists all WebhookIdentityProviders in the indexer. - List(selector labels.Selector) (ret []*v1alpha1.WebhookIdentityProvider, err error) - // WebhookIdentityProviders returns an object that can list and get WebhookIdentityProviders. - WebhookIdentityProviders(namespace string) WebhookIdentityProviderNamespaceLister - WebhookIdentityProviderListerExpansion -} - -// webhookIdentityProviderLister implements the WebhookIdentityProviderLister interface. -type webhookIdentityProviderLister struct { - indexer cache.Indexer -} - -// NewWebhookIdentityProviderLister returns a new WebhookIdentityProviderLister. -func NewWebhookIdentityProviderLister(indexer cache.Indexer) WebhookIdentityProviderLister { - return &webhookIdentityProviderLister{indexer: indexer} -} - -// List lists all WebhookIdentityProviders in the indexer. -func (s *webhookIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.WebhookIdentityProvider)) - }) - return ret, err -} - -// WebhookIdentityProviders returns an object that can list and get WebhookIdentityProviders. -func (s *webhookIdentityProviderLister) WebhookIdentityProviders(namespace string) WebhookIdentityProviderNamespaceLister { - return webhookIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// WebhookIdentityProviderNamespaceLister helps list and get WebhookIdentityProviders. -type WebhookIdentityProviderNamespaceLister interface { - // List lists all WebhookIdentityProviders in the indexer for a given namespace. - List(selector labels.Selector) (ret []*v1alpha1.WebhookIdentityProvider, err error) - // Get retrieves the WebhookIdentityProvider from the indexer for a given namespace and name. - Get(name string) (*v1alpha1.WebhookIdentityProvider, error) - WebhookIdentityProviderNamespaceListerExpansion -} - -// webhookIdentityProviderNamespaceLister implements the WebhookIdentityProviderNamespaceLister -// interface. -type webhookIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all WebhookIdentityProviders in the indexer for a given namespace. -func (s webhookIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.WebhookIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the WebhookIdentityProvider from the indexer for a given namespace and name. -func (s webhookIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.WebhookIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("webhookidentityprovider"), name) - } - return obj.(*v1alpha1.WebhookIdentityProvider), nil -} diff --git a/generated/1.18/client/openapi/zz_generated.openapi.go b/generated/1.18/client/openapi/zz_generated.openapi.go index 50a1623df..5dc7862aa 100644 --- a/generated/1.18/client/openapi/zz_generated.openapi.go +++ b/generated/1.18/client/openapi/zz_generated.openapi.go @@ -17,77 +17,315 @@ import ( func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), - "go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), - "go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), - "go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), - "go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), - "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.CredentialIssuerConfig": schema_118_apis_config_v1alpha1_CredentialIssuerConfig(ref), - "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo": schema_118_apis_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref), - "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.CredentialIssuerConfigList": schema_118_apis_config_v1alpha1_CredentialIssuerConfigList(ref), - "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.CredentialIssuerConfigStatus": schema_118_apis_config_v1alpha1_CredentialIssuerConfigStatus(ref), - "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.CredentialIssuerConfigStrategy": schema_118_apis_config_v1alpha1_CredentialIssuerConfigStrategy(ref), - "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.OIDCProviderConfig": schema_118_apis_config_v1alpha1_OIDCProviderConfig(ref), - "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.OIDCProviderConfigList": schema_118_apis_config_v1alpha1_OIDCProviderConfigList(ref), - "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.OIDCProviderConfigSpec": schema_118_apis_config_v1alpha1_OIDCProviderConfigSpec(ref), - "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.OIDCProviderConfigStatus": schema_118_apis_config_v1alpha1_OIDCProviderConfigStatus(ref), - "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1.Condition": schema_118_apis_idp_v1alpha1_Condition(ref), - "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1.TLSSpec": schema_118_apis_idp_v1alpha1_TLSSpec(ref), - "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1.WebhookIdentityProvider": schema_118_apis_idp_v1alpha1_WebhookIdentityProvider(ref), - "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1.WebhookIdentityProviderList": schema_118_apis_idp_v1alpha1_WebhookIdentityProviderList(ref), - "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1.WebhookIdentityProviderSpec": schema_118_apis_idp_v1alpha1_WebhookIdentityProviderSpec(ref), - "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1.WebhookIdentityProviderStatus": schema_118_apis_idp_v1alpha1_WebhookIdentityProviderStatus(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ExportOptions": schema_pkg_apis_meta_v1_ExportOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), - "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), + "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.Condition": schema_apis_concierge_authentication_v1alpha1_Condition(ref), + "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.TLSSpec": schema_apis_concierge_authentication_v1alpha1_TLSSpec(ref), + "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticator": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticator(ref), + "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorList": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref), + "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref), + "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref), + "go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), + "go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), + "go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), + "go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), + "go.pinniped.dev/generated/1.18/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), + "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.CredentialIssuerConfig": schema_118_apis_config_v1alpha1_CredentialIssuerConfig(ref), + "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo": schema_118_apis_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref), + "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.CredentialIssuerConfigList": schema_118_apis_config_v1alpha1_CredentialIssuerConfigList(ref), + "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.CredentialIssuerConfigStatus": schema_118_apis_config_v1alpha1_CredentialIssuerConfigStatus(ref), + "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.CredentialIssuerConfigStrategy": schema_118_apis_config_v1alpha1_CredentialIssuerConfigStrategy(ref), + "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.OIDCProviderConfig": schema_118_apis_config_v1alpha1_OIDCProviderConfig(ref), + "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.OIDCProviderConfigList": schema_118_apis_config_v1alpha1_OIDCProviderConfigList(ref), + "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.OIDCProviderConfigSpec": schema_118_apis_config_v1alpha1_OIDCProviderConfigSpec(ref), + "go.pinniped.dev/generated/1.18/apis/config/v1alpha1.OIDCProviderConfigStatus": schema_118_apis_config_v1alpha1_OIDCProviderConfigStatus(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ExportOptions": schema_pkg_apis_meta_v1_ExportOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), + "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), + "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), + "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), + "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), + } +} + +func schema_apis_concierge_authentication_v1alpha1_Condition(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "type": { + SchemaProps: spec.SchemaProps{ + Description: "type of condition in CamelCase or in foo.example.com/CamelCase.", + Type: []string{"string"}, + Format: "", + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Description: "status of the condition, one of True, False, Unknown.", + Type: []string{"string"}, + Format: "", + }, + }, + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", + Type: []string{"integer"}, + Format: "int64", + }, + }, + "lastTransitionTime": { + SchemaProps: spec.SchemaProps{ + Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + }, + }, + "reason": { + SchemaProps: spec.SchemaProps{ + Description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", + Type: []string{"string"}, + Format: "", + }, + }, + "message": { + SchemaProps: spec.SchemaProps{ + Description: "message is a human readable message indicating details about the transition. This may be an empty string.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"type", "status", "lastTransitionTime", "reason", "message"}, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + } +} + +func schema_apis_concierge_authentication_v1alpha1_TLSSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Configuration for configuring TLS on various authenticators.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "certificateAuthorityData": { + SchemaProps: spec.SchemaProps{ + Description: "X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + } +} + +func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticator(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "WebhookAuthenticator describes the configuration of a webhook authenticator.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "spec": { + SchemaProps: spec.SchemaProps{ + Description: "Spec for configuring the authenticator.", + Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec"), + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Description: "Status of the authenticator.", + Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus"), + }, + }, + }, + Required: []string{"spec"}, + }, + }, + Dependencies: []string{ + "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec", "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "List of WebhookAuthenticator objects.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticator"), + }, + }, + }, + }, + }, + }, + Required: []string{"items"}, + }, + }, + Dependencies: []string{ + "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.WebhookAuthenticator", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + } +} + +func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Spec for configuring a webhook authenticator.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "endpoint": { + SchemaProps: spec.SchemaProps{ + Description: "Webhook server endpoint URL.", + Type: []string{"string"}, + Format: "", + }, + }, + "tls": { + SchemaProps: spec.SchemaProps{ + Description: "TLS configuration.", + Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.TLSSpec"), + }, + }, + }, + Required: []string{"endpoint"}, + }, + }, + Dependencies: []string{ + "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.TLSSpec"}, + } +} + +func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Status of a webhook authenticator.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "conditions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents the observations of the authenticator's current state.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.Condition"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "go.pinniped.dev/generated/1.18/apis/concierge/authentication/v1alpha1.Condition"}, } } @@ -238,14 +476,14 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common. Format: "", }, }, - "identityProvider": { + "authenticator": { SchemaProps: spec.SchemaProps{ - Description: "Reference to an identity provider which can fulfill this credential request.", + Description: "Reference to an authenticator which can validate this credential request.", Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), }, }, }, - Required: []string{"identityProvider"}, + Required: []string{"authenticator"}, }, }, Dependencies: []string{ @@ -642,244 +880,6 @@ func schema_118_apis_config_v1alpha1_OIDCProviderConfigStatus(ref common.Referen } } -func schema_118_apis_idp_v1alpha1_Condition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Description: "type of condition in CamelCase or in foo.example.com/CamelCase.", - Type: []string{"string"}, - Format: "", - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "status of the condition, one of True, False, Unknown.", - Type: []string{"string"}, - Format: "", - }, - }, - "observedGeneration": { - SchemaProps: spec.SchemaProps{ - Description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "lastTransitionTime": { - SchemaProps: spec.SchemaProps{ - Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "message is a human readable message indicating details about the transition. This may be an empty string.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"type", "status", "lastTransitionTime", "reason", "message"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_118_apis_idp_v1alpha1_TLSSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Configuration for configuring TLS on various identity providers.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "certificateAuthorityData": { - SchemaProps: spec.SchemaProps{ - Description: "X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_118_apis_idp_v1alpha1_WebhookIdentityProvider(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "WebhookIdentityProvider describes the configuration of a Pinniped webhook identity provider.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "spec": { - SchemaProps: spec.SchemaProps{ - Description: "Spec for configuring the identity provider.", - Ref: ref("go.pinniped.dev/generated/1.18/apis/idp/v1alpha1.WebhookIdentityProviderSpec"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "Status of the identity provider.", - Ref: ref("go.pinniped.dev/generated/1.18/apis/idp/v1alpha1.WebhookIdentityProviderStatus"), - }, - }, - }, - Required: []string{"spec"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1.WebhookIdentityProviderSpec", "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1.WebhookIdentityProviderStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_118_apis_idp_v1alpha1_WebhookIdentityProviderList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "List of WebhookIdentityProvider objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("go.pinniped.dev/generated/1.18/apis/idp/v1alpha1.WebhookIdentityProvider"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1.WebhookIdentityProvider", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, - } -} - -func schema_118_apis_idp_v1alpha1_WebhookIdentityProviderSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Spec for configuring a webhook identity provider.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "endpoint": { - SchemaProps: spec.SchemaProps{ - Description: "Webhook server endpoint URL.", - Type: []string{"string"}, - Format: "", - }, - }, - "tls": { - SchemaProps: spec.SchemaProps{ - Description: "TLS configuration.", - Ref: ref("go.pinniped.dev/generated/1.18/apis/idp/v1alpha1.TLSSpec"), - }, - }, - }, - Required: []string{"endpoint"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1.TLSSpec"}, - } -} - -func schema_118_apis_idp_v1alpha1_WebhookIdentityProviderStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status of a webhook identity provider.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "conditions": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-map-keys": []interface{}{ - "type", - }, - "x-kubernetes-list-type": "map", - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "Represents the observations of an identity provider's current state.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("go.pinniped.dev/generated/1.18/apis/idp/v1alpha1.Condition"), - }, - }, - }, - }, - }, - }, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.18/apis/idp/v1alpha1.Condition"}, - } -} - func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ diff --git a/generated/1.19/crds/idp.pinniped.dev_webhookidentityproviders.yaml b/generated/1.18/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml similarity index 89% rename from generated/1.19/crds/idp.pinniped.dev_webhookidentityproviders.yaml rename to generated/1.18/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index 213b7ad20..9ae6152e1 100644 --- a/generated/1.19/crds/idp.pinniped.dev_webhookidentityproviders.yaml +++ b/generated/1.18/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -6,21 +6,18 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.4.0 creationTimestamp: null - name: webhookidentityproviders.idp.pinniped.dev + name: webhookauthenticators.authentication.concierge.pinniped.dev spec: - group: idp.pinniped.dev + group: authentication.concierge.pinniped.dev names: categories: - all - - idp - - idps - kind: WebhookIdentityProvider - listKind: WebhookIdentityProviderList - plural: webhookidentityproviders - shortNames: - - webhookidp - - webhookidps - singular: webhookidentityprovider + - authenticator + - authenticators + kind: WebhookAuthenticator + listKind: WebhookAuthenticatorList + plural: webhookauthenticators + singular: webhookauthenticator scope: Namespaced versions: - additionalPrinterColumns: @@ -30,8 +27,8 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: WebhookIdentityProvider describes the configuration of a Pinniped - webhook identity provider. + description: WebhookAuthenticator describes the configuration of a webhook + authenticator. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -46,7 +43,7 @@ spec: metadata: type: object spec: - description: Spec for configuring the identity provider. + description: Spec for configuring the authenticator. properties: endpoint: description: Webhook server endpoint URL. @@ -65,11 +62,11 @@ spec: - endpoint type: object status: - description: Status of the identity provider. + description: Status of the authenticator. properties: conditions: - description: Represents the observations of an identity provider's - current state. + description: Represents the observations of the authenticator's current + state. items: description: Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can diff --git a/generated/1.19/README.adoc b/generated/1.19/README.adoc index b43b2eb5f..c33732fa5 100644 --- a/generated/1.19/README.adoc +++ b/generated/1.19/README.adoc @@ -5,11 +5,115 @@ == API Reference .Packages +- xref:{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1[$$authentication.concierge.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-config-pinniped-dev-v1alpha1[$$config.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-idp-pinniped-dev-v1alpha1[$$idp.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1[$$login.concierge.pinniped.dev/v1alpha1$$] +[id="{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1"] +=== authentication.concierge.pinniped.dev/v1alpha1 + +Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-authentication-v1alpha1-condition"] +==== Condition + +Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) +| *`status`* __ConditionStatus__ | status of the condition, one of True, False, Unknown. +| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. +| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. +| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. +| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-authentication-v1alpha1-tlsspec"] +==== TLSSpec + +Configuration for configuring TLS on various authenticators. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-authentication-v1alpha1-webhookauthenticator"] +==== WebhookAuthenticator + +WebhookAuthenticator describes the configuration of a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-authentication-v1alpha1-webhookauthenticatorlist[$$WebhookAuthenticatorList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec[$$WebhookAuthenticatorSpec$$]__ | Spec for configuring the authenticator. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus[$$WebhookAuthenticatorStatus$$]__ | Status of the authenticator. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-authentication-v1alpha1-webhookauthenticatorspec"] +==== WebhookAuthenticatorSpec + +Spec for configuring a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`endpoint`* __string__ | Webhook server endpoint URL. +| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-authentication-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. +|=== + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-authentication-v1alpha1-webhookauthenticatorstatus"] +==== WebhookAuthenticatorStatus + +Status of a webhook authenticator. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-authentication-v1alpha1-webhookauthenticator[$$WebhookAuthenticator$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-concierge-authentication-v1alpha1-condition[$$Condition$$]__ | Represents the observations of the authenticator's current state. +|=== + + + [id="{anchor_prefix}-config-pinniped-dev-v1alpha1"] === config.pinniped.dev/v1alpha1 @@ -161,110 +265,6 @@ OIDCProviderConfigStatus is a struct that describes the actual state of an OIDC -[id="{anchor_prefix}-idp-pinniped-dev-v1alpha1"] -=== idp.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped identity provider API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-idp-v1alpha1-condition"] -==== Condition - -Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-idp-v1alpha1-webhookidentityproviderstatus[$$WebhookIdentityProviderStatus$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`type`* __string__ | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) -| *`status`* __ConditionStatus__ | status of the condition, one of True, False, Unknown. -| *`observedGeneration`* __integer__ | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. -| *`lastTransitionTime`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#time-v1-meta[$$Time$$]__ | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. -| *`reason`* __string__ | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. -| *`message`* __string__ | message is a human readable message indicating details about the transition. This may be an empty string. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-idp-v1alpha1-tlsspec"] -==== TLSSpec - -Configuration for configuring TLS on various identity providers. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-idp-v1alpha1-webhookidentityproviderspec[$$WebhookIdentityProviderSpec$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`certificateAuthorityData`* __string__ | X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-idp-v1alpha1-webhookidentityprovider"] -==== WebhookIdentityProvider - -WebhookIdentityProvider describes the configuration of a Pinniped webhook identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-idp-v1alpha1-webhookidentityproviderlist[$$WebhookIdentityProviderList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-idp-v1alpha1-webhookidentityproviderspec[$$WebhookIdentityProviderSpec$$]__ | Spec for configuring the identity provider. -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-idp-v1alpha1-webhookidentityproviderstatus[$$WebhookIdentityProviderStatus$$]__ | Status of the identity provider. -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-idp-v1alpha1-webhookidentityproviderspec"] -==== WebhookIdentityProviderSpec - -Spec for configuring a webhook identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-idp-v1alpha1-webhookidentityprovider[$$WebhookIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`endpoint`* __string__ | Webhook server endpoint URL. -| *`tls`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-idp-v1alpha1-tlsspec[$$TLSSpec$$]__ | TLS configuration. -|=== - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-idp-v1alpha1-webhookidentityproviderstatus"] -==== WebhookIdentityProviderStatus - -Status of a webhook identity provider. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-idp-v1alpha1-webhookidentityprovider[$$WebhookIdentityProvider$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`conditions`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-idp-v1alpha1-condition[$$Condition$$]__ | Represents the observations of an identity provider's current state. -|=== - - - [id="{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1"] === login.concierge.pinniped.dev/v1alpha1 @@ -328,7 +328,7 @@ TokenCredentialRequestSpec is the specification of a TokenCredentialRequest, exp |=== | Field | Description | *`token`* __string__ | Bearer token supplied with the credential request. -| *`identityProvider`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an identity provider which can fulfill this credential request. +| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. |=== diff --git a/generated/1.19/apis/concierge/authentication/doc.go b/generated/1.19/apis/concierge/authentication/doc.go new file mode 100644 index 000000000..78e81bd63 --- /dev/null +++ b/generated/1.19/apis/concierge/authentication/doc.go @@ -0,0 +1,8 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:deepcopy-gen=package +// +groupName=authentication.concierge.pinniped.dev + +// Package authentication is the internal version of the Pinniped concierge authentication API. +package authentication diff --git a/generated/1.19/apis/idp/v1alpha1/conversion.go b/generated/1.19/apis/concierge/authentication/v1alpha1/conversion.go similarity index 100% rename from generated/1.19/apis/idp/v1alpha1/conversion.go rename to generated/1.19/apis/concierge/authentication/v1alpha1/conversion.go diff --git a/generated/1.19/apis/idp/v1alpha1/defaults.go b/generated/1.19/apis/concierge/authentication/v1alpha1/defaults.go similarity index 100% rename from generated/1.19/apis/idp/v1alpha1/defaults.go rename to generated/1.19/apis/concierge/authentication/v1alpha1/defaults.go diff --git a/generated/1.19/apis/concierge/authentication/v1alpha1/doc.go b/generated/1.19/apis/concierge/authentication/v1alpha1/doc.go new file mode 100644 index 000000000..57c00e2b9 --- /dev/null +++ b/generated/1.19/apis/concierge/authentication/v1alpha1/doc.go @@ -0,0 +1,11 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:conversion-gen=go.pinniped.dev/generated/1.19/apis/concierge/authentication +// +k8s:defaulter-gen=TypeMeta +// +groupName=authentication.concierge.pinniped.dev + +// Package v1alpha1 is the v1alpha1 version of the Pinniped concierge authentication API. +package v1alpha1 diff --git a/generated/1.18/apis/idp/v1alpha1/register.go b/generated/1.19/apis/concierge/authentication/v1alpha1/register.go similarity index 91% rename from generated/1.18/apis/idp/v1alpha1/register.go rename to generated/1.19/apis/concierge/authentication/v1alpha1/register.go index 494aef367..1a5163daa 100644 --- a/generated/1.18/apis/idp/v1alpha1/register.go +++ b/generated/1.19/apis/concierge/authentication/v1alpha1/register.go @@ -9,7 +9,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" ) -const GroupName = "idp.pinniped.dev" +const GroupName = "authentication.concierge.pinniped.dev" // SchemeGroupVersion is group version used to register these objects. var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} @@ -30,8 +30,8 @@ func init() { // Adds the list of known types to the given scheme. func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, - &WebhookIdentityProvider{}, - &WebhookIdentityProviderList{}, + &WebhookAuthenticator{}, + &WebhookAuthenticatorList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.19/apis/idp/v1alpha1/types_meta.go b/generated/1.19/apis/concierge/authentication/v1alpha1/types_meta.go similarity index 100% rename from generated/1.19/apis/idp/v1alpha1/types_meta.go rename to generated/1.19/apis/concierge/authentication/v1alpha1/types_meta.go diff --git a/generated/1.19/apis/idp/v1alpha1/types_tls.go b/generated/1.19/apis/concierge/authentication/v1alpha1/types_tls.go similarity index 84% rename from generated/1.19/apis/idp/v1alpha1/types_tls.go rename to generated/1.19/apis/concierge/authentication/v1alpha1/types_tls.go index 2f2098c91..f882f2d6c 100644 --- a/generated/1.19/apis/idp/v1alpha1/types_tls.go +++ b/generated/1.19/apis/concierge/authentication/v1alpha1/types_tls.go @@ -3,7 +3,7 @@ package v1alpha1 -// Configuration for configuring TLS on various identity providers. +// Configuration for configuring TLS on various authenticators. type TLSSpec struct { // X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted. // +optional diff --git a/generated/1.19/apis/idp/v1alpha1/types_webhook.go b/generated/1.19/apis/concierge/authentication/v1alpha1/types_webhook.go similarity index 55% rename from generated/1.19/apis/idp/v1alpha1/types_webhook.go rename to generated/1.19/apis/concierge/authentication/v1alpha1/types_webhook.go index 6e4763378..8124597ab 100644 --- a/generated/1.19/apis/idp/v1alpha1/types_webhook.go +++ b/generated/1.19/apis/concierge/authentication/v1alpha1/types_webhook.go @@ -5,9 +5,9 @@ package v1alpha1 import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -// Status of a webhook identity provider. -type WebhookIdentityProviderStatus struct { - // Represents the observations of an identity provider's current state. +// Status of a webhook authenticator. +type WebhookAuthenticatorStatus struct { + // Represents the observations of the authenticator's current state. // +patchMergeKey=type // +patchStrategy=merge // +listType=map @@ -15,8 +15,8 @@ type WebhookIdentityProviderStatus struct { Conditions []Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` } -// Spec for configuring a webhook identity provider. -type WebhookIdentityProviderSpec struct { +// Spec for configuring a webhook authenticator. +type WebhookAuthenticatorSpec struct { // Webhook server endpoint URL. // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:Pattern=`^https://` @@ -27,27 +27,27 @@ type WebhookIdentityProviderSpec struct { TLS *TLSSpec `json:"tls,omitempty"` } -// WebhookIdentityProvider describes the configuration of a Pinniped webhook identity provider. +// WebhookAuthenticator describes the configuration of a webhook authenticator. // +genclient // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +kubebuilder:resource:categories=all;idp;idps,shortName=webhookidp;webhookidps +// +kubebuilder:resource:categories=all;authenticator;authenticators // +kubebuilder:printcolumn:name="Endpoint",type=string,JSONPath=`.spec.endpoint` -type WebhookIdentityProvider struct { +type WebhookAuthenticator struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // Spec for configuring the identity provider. - Spec WebhookIdentityProviderSpec `json:"spec"` + // Spec for configuring the authenticator. + Spec WebhookAuthenticatorSpec `json:"spec"` - // Status of the identity provider. - Status WebhookIdentityProviderStatus `json:"status,omitempty"` + // Status of the authenticator. + Status WebhookAuthenticatorStatus `json:"status,omitempty"` } -// List of WebhookIdentityProvider objects. +// List of WebhookAuthenticator objects. // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type WebhookIdentityProviderList struct { +type WebhookAuthenticatorList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` - Items []WebhookIdentityProvider `json:"items"` + Items []WebhookAuthenticator `json:"items"` } diff --git a/generated/1.19/apis/idp/v1alpha1/zz_generated.conversion.go b/generated/1.19/apis/concierge/authentication/v1alpha1/zz_generated.conversion.go similarity index 100% rename from generated/1.19/apis/idp/v1alpha1/zz_generated.conversion.go rename to generated/1.19/apis/concierge/authentication/v1alpha1/zz_generated.conversion.go diff --git a/generated/1.18/apis/idp/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go similarity index 72% rename from generated/1.18/apis/idp/v1alpha1/zz_generated.deepcopy.go rename to generated/1.19/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go index cb0f46c85..a4e27af74 100644 --- a/generated/1.18/apis/idp/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/authentication/v1alpha1/zz_generated.deepcopy.go @@ -45,7 +45,7 @@ func (in *TLSSpec) DeepCopy() *TLSSpec { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookIdentityProvider) DeepCopyInto(out *WebhookIdentityProvider) { +func (in *WebhookAuthenticator) DeepCopyInto(out *WebhookAuthenticator) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) @@ -54,18 +54,18 @@ func (in *WebhookIdentityProvider) DeepCopyInto(out *WebhookIdentityProvider) { return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookIdentityProvider. -func (in *WebhookIdentityProvider) DeepCopy() *WebhookIdentityProvider { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticator. +func (in *WebhookAuthenticator) DeepCopy() *WebhookAuthenticator { if in == nil { return nil } - out := new(WebhookIdentityProvider) + out := new(WebhookAuthenticator) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WebhookIdentityProvider) DeepCopyObject() runtime.Object { +func (in *WebhookAuthenticator) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -73,13 +73,13 @@ func (in *WebhookIdentityProvider) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookIdentityProviderList) DeepCopyInto(out *WebhookIdentityProviderList) { +func (in *WebhookAuthenticatorList) DeepCopyInto(out *WebhookAuthenticatorList) { *out = *in out.TypeMeta = in.TypeMeta in.ListMeta.DeepCopyInto(&out.ListMeta) if in.Items != nil { in, out := &in.Items, &out.Items - *out = make([]WebhookIdentityProvider, len(*in)) + *out = make([]WebhookAuthenticator, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -87,18 +87,18 @@ func (in *WebhookIdentityProviderList) DeepCopyInto(out *WebhookIdentityProvider return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookIdentityProviderList. -func (in *WebhookIdentityProviderList) DeepCopy() *WebhookIdentityProviderList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorList. +func (in *WebhookAuthenticatorList) DeepCopy() *WebhookAuthenticatorList { if in == nil { return nil } - out := new(WebhookIdentityProviderList) + out := new(WebhookAuthenticatorList) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *WebhookIdentityProviderList) DeepCopyObject() runtime.Object { +func (in *WebhookAuthenticatorList) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -106,7 +106,7 @@ func (in *WebhookIdentityProviderList) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookIdentityProviderSpec) DeepCopyInto(out *WebhookIdentityProviderSpec) { +func (in *WebhookAuthenticatorSpec) DeepCopyInto(out *WebhookAuthenticatorSpec) { *out = *in if in.TLS != nil { in, out := &in.TLS, &out.TLS @@ -116,18 +116,18 @@ func (in *WebhookIdentityProviderSpec) DeepCopyInto(out *WebhookIdentityProvider return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookIdentityProviderSpec. -func (in *WebhookIdentityProviderSpec) DeepCopy() *WebhookIdentityProviderSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorSpec. +func (in *WebhookAuthenticatorSpec) DeepCopy() *WebhookAuthenticatorSpec { if in == nil { return nil } - out := new(WebhookIdentityProviderSpec) + out := new(WebhookAuthenticatorSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *WebhookIdentityProviderStatus) DeepCopyInto(out *WebhookIdentityProviderStatus) { +func (in *WebhookAuthenticatorStatus) DeepCopyInto(out *WebhookAuthenticatorStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions @@ -139,12 +139,12 @@ func (in *WebhookIdentityProviderStatus) DeepCopyInto(out *WebhookIdentityProvid return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookIdentityProviderStatus. -func (in *WebhookIdentityProviderStatus) DeepCopy() *WebhookIdentityProviderStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookAuthenticatorStatus. +func (in *WebhookAuthenticatorStatus) DeepCopy() *WebhookAuthenticatorStatus { if in == nil { return nil } - out := new(WebhookIdentityProviderStatus) + out := new(WebhookAuthenticatorStatus) in.DeepCopyInto(out) return out } diff --git a/generated/1.19/apis/idp/v1alpha1/zz_generated.defaults.go b/generated/1.19/apis/concierge/authentication/v1alpha1/zz_generated.defaults.go similarity index 100% rename from generated/1.19/apis/idp/v1alpha1/zz_generated.defaults.go rename to generated/1.19/apis/concierge/authentication/v1alpha1/zz_generated.defaults.go diff --git a/generated/1.17/apis/idp/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/authentication/zz_generated.deepcopy.go similarity index 89% rename from generated/1.17/apis/idp/zz_generated.deepcopy.go rename to generated/1.19/apis/concierge/authentication/zz_generated.deepcopy.go index 0b9642eaf..3a7a0f4b4 100644 --- a/generated/1.17/apis/idp/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/authentication/zz_generated.deepcopy.go @@ -5,4 +5,4 @@ // Code generated by deepcopy-gen. DO NOT EDIT. -package idp +package authentication diff --git a/generated/1.19/apis/concierge/login/types_token.go b/generated/1.19/apis/concierge/login/types_token.go index 91d36cfbf..a0555f85d 100644 --- a/generated/1.19/apis/concierge/login/types_token.go +++ b/generated/1.19/apis/concierge/login/types_token.go @@ -12,8 +12,8 @@ type TokenCredentialRequestSpec struct { // Bearer token supplied with the credential request. Token string - // Reference to an identity provider which can fulfill this credential request. - IdentityProvider corev1.TypedLocalObjectReference + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference } type TokenCredentialRequestStatus struct { diff --git a/generated/1.19/apis/concierge/login/v1alpha1/types_token.go b/generated/1.19/apis/concierge/login/v1alpha1/types_token.go index 9fba33694..cb5965a23 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/types_token.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/types_token.go @@ -13,8 +13,8 @@ type TokenCredentialRequestSpec struct { // Bearer token supplied with the credential request. Token string `json:"token,omitempty"` - // Reference to an identity provider which can fulfill this credential request. - IdentityProvider corev1.TypedLocalObjectReference `json:"identityProvider"` + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference `json:"authenticator"` } // TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API. diff --git a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.conversion.go index 6d295f18c..50a88d8ea 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -157,7 +157,7 @@ func Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequest func autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error { out.Token = in.Token - out.IdentityProvider = in.IdentityProvider + out.Authenticator = in.Authenticator return nil } @@ -168,7 +168,7 @@ func Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequest func autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error { out.Token = in.Token - out.IdentityProvider = in.IdentityProvider + out.Authenticator = in.Authenticator return nil } diff --git a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go index 2001aa609..4160d6692 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { *out = *in - in.IdentityProvider.DeepCopyInto(&out.IdentityProvider) + in.Authenticator.DeepCopyInto(&out.Authenticator) return } diff --git a/generated/1.19/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/login/zz_generated.deepcopy.go index d92ad253c..f43661bc6 100644 --- a/generated/1.19/apis/concierge/login/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/login/zz_generated.deepcopy.go @@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { *out = *in - in.IdentityProvider.DeepCopyInto(&out.IdentityProvider) + in.Authenticator.DeepCopyInto(&out.Authenticator) return } diff --git a/generated/1.19/apis/idp/doc.go b/generated/1.19/apis/idp/doc.go deleted file mode 100644 index 17d329436..000000000 --- a/generated/1.19/apis/idp/doc.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:deepcopy-gen=package -// +groupName=idp.pinniped.dev - -// Package idp is the internal version of the Pinniped identity provider API. -package idp diff --git a/generated/1.19/apis/idp/v1alpha1/doc.go b/generated/1.19/apis/idp/v1alpha1/doc.go deleted file mode 100644 index acc44b96e..000000000 --- a/generated/1.19/apis/idp/v1alpha1/doc.go +++ /dev/null @@ -1,12 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:conversion-gen=go.pinniped.dev/generated/1.19/apis/idp -// +k8s:defaulter-gen=TypeMeta -// +groupName=idp.pinniped.dev -// +groupGoName=IDP - -// Package v1alpha1 is the v1alpha1 version of the Pinniped identity provider API. -package v1alpha1 diff --git a/generated/1.19/client/clientset/versioned/clientset.go b/generated/1.19/client/clientset/versioned/clientset.go index 297310750..13bdbea24 100644 --- a/generated/1.19/client/clientset/versioned/clientset.go +++ b/generated/1.19/client/clientset/versioned/clientset.go @@ -8,8 +8,8 @@ package versioned import ( "fmt" + authenticationv1alpha1 "go.pinniped.dev/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1" configv1alpha1 "go.pinniped.dev/generated/1.19/client/clientset/versioned/typed/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1" loginv1alpha1 "go.pinniped.dev/generated/1.19/client/clientset/versioned/typed/login/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" @@ -18,8 +18,8 @@ import ( type Interface interface { Discovery() discovery.DiscoveryInterface + AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface - IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface } @@ -27,9 +27,14 @@ type Interface interface { // version included in a Clientset. type Clientset struct { *discovery.DiscoveryClient - configV1alpha1 *configv1alpha1.ConfigV1alpha1Client - iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client - loginV1alpha1 *loginv1alpha1.LoginV1alpha1Client + authenticationV1alpha1 *authenticationv1alpha1.AuthenticationV1alpha1Client + configV1alpha1 *configv1alpha1.ConfigV1alpha1Client + loginV1alpha1 *loginv1alpha1.LoginV1alpha1Client +} + +// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client +func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { + return c.authenticationV1alpha1 } // ConfigV1alpha1 retrieves the ConfigV1alpha1Client @@ -37,11 +42,6 @@ func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { return c.configV1alpha1 } -// IDPV1alpha1 retrieves the IDPV1alpha1Client -func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { - return c.iDPV1alpha1 -} - // LoginV1alpha1 retrieves the LoginV1alpha1Client func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface { return c.loginV1alpha1 @@ -68,11 +68,11 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { } var cs Clientset var err error - cs.configV1alpha1, err = configv1alpha1.NewForConfig(&configShallowCopy) + cs.authenticationV1alpha1, err = authenticationv1alpha1.NewForConfig(&configShallowCopy) if err != nil { return nil, err } - cs.iDPV1alpha1, err = idpv1alpha1.NewForConfig(&configShallowCopy) + cs.configV1alpha1, err = configv1alpha1.NewForConfig(&configShallowCopy) if err != nil { return nil, err } @@ -92,8 +92,8 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { // panics if there is an error in the config. func NewForConfigOrDie(c *rest.Config) *Clientset { var cs Clientset + cs.authenticationV1alpha1 = authenticationv1alpha1.NewForConfigOrDie(c) cs.configV1alpha1 = configv1alpha1.NewForConfigOrDie(c) - cs.iDPV1alpha1 = idpv1alpha1.NewForConfigOrDie(c) cs.loginV1alpha1 = loginv1alpha1.NewForConfigOrDie(c) cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) @@ -103,8 +103,8 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { // New creates a new Clientset for the given RESTClient. func New(c rest.Interface) *Clientset { var cs Clientset + cs.authenticationV1alpha1 = authenticationv1alpha1.New(c) cs.configV1alpha1 = configv1alpha1.New(c) - cs.iDPV1alpha1 = idpv1alpha1.New(c) cs.loginV1alpha1 = loginv1alpha1.New(c) cs.DiscoveryClient = discovery.NewDiscoveryClient(c) diff --git a/generated/1.19/client/clientset/versioned/fake/clientset_generated.go b/generated/1.19/client/clientset/versioned/fake/clientset_generated.go index 627c93884..b87c4e8ff 100644 --- a/generated/1.19/client/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.19/client/clientset/versioned/fake/clientset_generated.go @@ -7,10 +7,10 @@ package fake import ( clientset "go.pinniped.dev/generated/1.19/client/clientset/versioned" + authenticationv1alpha1 "go.pinniped.dev/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1" + fakeauthenticationv1alpha1 "go.pinniped.dev/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/fake" configv1alpha1 "go.pinniped.dev/generated/1.19/client/clientset/versioned/typed/config/v1alpha1" fakeconfigv1alpha1 "go.pinniped.dev/generated/1.19/client/clientset/versioned/typed/config/v1alpha1/fake" - idpv1alpha1 "go.pinniped.dev/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1" - fakeidpv1alpha1 "go.pinniped.dev/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/fake" loginv1alpha1 "go.pinniped.dev/generated/1.19/client/clientset/versioned/typed/login/v1alpha1" fakeloginv1alpha1 "go.pinniped.dev/generated/1.19/client/clientset/versioned/typed/login/v1alpha1/fake" "k8s.io/apimachinery/pkg/runtime" @@ -67,16 +67,16 @@ func (c *Clientset) Tracker() testing.ObjectTracker { var _ clientset.Interface = &Clientset{} +// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client +func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { + return &fakeauthenticationv1alpha1.FakeAuthenticationV1alpha1{Fake: &c.Fake} +} + // ConfigV1alpha1 retrieves the ConfigV1alpha1Client func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { return &fakeconfigv1alpha1.FakeConfigV1alpha1{Fake: &c.Fake} } -// IDPV1alpha1 retrieves the IDPV1alpha1Client -func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { - return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} -} - // LoginV1alpha1 retrieves the LoginV1alpha1Client func (c *Clientset) LoginV1alpha1() loginv1alpha1.LoginV1alpha1Interface { return &fakeloginv1alpha1.FakeLoginV1alpha1{Fake: &c.Fake} diff --git a/generated/1.19/client/clientset/versioned/fake/register.go b/generated/1.19/client/clientset/versioned/fake/register.go index dc1268ce0..c2e584bd2 100644 --- a/generated/1.19/client/clientset/versioned/fake/register.go +++ b/generated/1.19/client/clientset/versioned/fake/register.go @@ -6,9 +6,9 @@ package fake import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" loginv1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1" configv1alpha1 "go.pinniped.dev/generated/1.19/apis/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -20,8 +20,8 @@ var scheme = runtime.NewScheme() var codecs = serializer.NewCodecFactory(scheme) var localSchemeBuilder = runtime.SchemeBuilder{ + authenticationv1alpha1.AddToScheme, configv1alpha1.AddToScheme, - idpv1alpha1.AddToScheme, loginv1alpha1.AddToScheme, } diff --git a/generated/1.19/client/clientset/versioned/scheme/register.go b/generated/1.19/client/clientset/versioned/scheme/register.go index 41bcc8933..9f3025803 100644 --- a/generated/1.19/client/clientset/versioned/scheme/register.go +++ b/generated/1.19/client/clientset/versioned/scheme/register.go @@ -6,9 +6,9 @@ package scheme import ( + authenticationv1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" loginv1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1" configv1alpha1 "go.pinniped.dev/generated/1.19/apis/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -20,8 +20,8 @@ var Scheme = runtime.NewScheme() var Codecs = serializer.NewCodecFactory(Scheme) var ParameterCodec = runtime.NewParameterCodec(Scheme) var localSchemeBuilder = runtime.SchemeBuilder{ + authenticationv1alpha1.AddToScheme, configv1alpha1.AddToScheme, - idpv1alpha1.AddToScheme, loginv1alpha1.AddToScheme, } diff --git a/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/idp_client.go b/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go similarity index 50% rename from generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/idp_client.go rename to generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go index 78af6a585..e37211272 100644 --- a/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/idp_client.go +++ b/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go @@ -6,27 +6,27 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" "go.pinniped.dev/generated/1.19/client/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) -type IDPV1alpha1Interface interface { +type AuthenticationV1alpha1Interface interface { RESTClient() rest.Interface - WebhookIdentityProvidersGetter + WebhookAuthenticatorsGetter } -// IDPV1alpha1Client is used to interact with features provided by the idp.pinniped.dev group. -type IDPV1alpha1Client struct { +// AuthenticationV1alpha1Client is used to interact with features provided by the authentication.concierge.pinniped.dev group. +type AuthenticationV1alpha1Client struct { restClient rest.Interface } -func (c *IDPV1alpha1Client) WebhookIdentityProviders(namespace string) WebhookIdentityProviderInterface { - return newWebhookIdentityProviders(c, namespace) +func (c *AuthenticationV1alpha1Client) WebhookAuthenticators(namespace string) WebhookAuthenticatorInterface { + return newWebhookAuthenticators(c, namespace) } -// NewForConfig creates a new IDPV1alpha1Client for the given config. -func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { +// NewForConfig creates a new AuthenticationV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) { config := *c if err := setConfigDefaults(&config); err != nil { return nil, err @@ -35,12 +35,12 @@ func NewForConfig(c *rest.Config) (*IDPV1alpha1Client, error) { if err != nil { return nil, err } - return &IDPV1alpha1Client{client}, nil + return &AuthenticationV1alpha1Client{client}, nil } -// NewForConfigOrDie creates a new IDPV1alpha1Client for the given config and +// NewForConfigOrDie creates a new AuthenticationV1alpha1Client for the given config and // panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *IDPV1alpha1Client { +func NewForConfigOrDie(c *rest.Config) *AuthenticationV1alpha1Client { client, err := NewForConfig(c) if err != nil { panic(err) @@ -48,9 +48,9 @@ func NewForConfigOrDie(c *rest.Config) *IDPV1alpha1Client { return client } -// New creates a new IDPV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *IDPV1alpha1Client { - return &IDPV1alpha1Client{c} +// New creates a new AuthenticationV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *AuthenticationV1alpha1Client { + return &AuthenticationV1alpha1Client{c} } func setConfigDefaults(config *rest.Config) error { @@ -68,7 +68,7 @@ func setConfigDefaults(config *rest.Config) error { // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. -func (c *IDPV1alpha1Client) RESTClient() rest.Interface { +func (c *AuthenticationV1alpha1Client) RESTClient() rest.Interface { if c == nil { return nil } diff --git a/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/doc.go b/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/doc.go similarity index 100% rename from generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/doc.go rename to generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/doc.go diff --git a/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/fake/doc.go b/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go similarity index 100% rename from generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/fake/doc.go rename to generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go diff --git a/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go b/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go similarity index 60% rename from generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go rename to generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go index 3181fd18c..f1663bfe9 100644 --- a/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_idp_client.go +++ b/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go @@ -6,22 +6,22 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) -type FakeIDPV1alpha1 struct { +type FakeAuthenticationV1alpha1 struct { *testing.Fake } -func (c *FakeIDPV1alpha1) WebhookIdentityProviders(namespace string) v1alpha1.WebhookIdentityProviderInterface { - return &FakeWebhookIdentityProviders{c, namespace} +func (c *FakeAuthenticationV1alpha1) WebhookAuthenticators(namespace string) v1alpha1.WebhookAuthenticatorInterface { + return &FakeWebhookAuthenticators{c, namespace} } // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. -func (c *FakeIDPV1alpha1) RESTClient() rest.Interface { +func (c *FakeAuthenticationV1alpha1) RESTClient() rest.Interface { var ret *rest.RESTClient return ret } diff --git a/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go b/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go new file mode 100644 index 000000000..0bc22bc84 --- /dev/null +++ b/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_webhookauthenticator.go @@ -0,0 +1,129 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeWebhookAuthenticators implements WebhookAuthenticatorInterface +type FakeWebhookAuthenticators struct { + Fake *FakeAuthenticationV1alpha1 + ns string +} + +var webhookauthenticatorsResource = schema.GroupVersionResource{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Resource: "webhookauthenticators"} + +var webhookauthenticatorsKind = schema.GroupVersionKind{Group: "authentication.concierge.pinniped.dev", Version: "v1alpha1", Kind: "WebhookAuthenticator"} + +// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. +func (c *FakeWebhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(webhookauthenticatorsResource, c.ns, name), &v1alpha1.WebhookAuthenticator{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. +func (c *FakeWebhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(webhookauthenticatorsResource, webhookauthenticatorsKind, c.ns, opts), &v1alpha1.WebhookAuthenticatorList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.WebhookAuthenticatorList{ListMeta: obj.(*v1alpha1.WebhookAuthenticatorList).ListMeta} + for _, item := range obj.(*v1alpha1.WebhookAuthenticatorList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested webhookAuthenticators. +func (c *FakeWebhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(webhookauthenticatorsResource, c.ns, opts)) + +} + +// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *FakeWebhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(webhookauthenticatorsResource, c.ns, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *FakeWebhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(webhookauthenticatorsResource, c.ns, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeWebhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(webhookauthenticatorsResource, "status", c.ns, webhookAuthenticator), &v1alpha1.WebhookAuthenticator{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} + +// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. +func (c *FakeWebhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(webhookauthenticatorsResource, c.ns, name), &v1alpha1.WebhookAuthenticator{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeWebhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(webhookauthenticatorsResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.WebhookAuthenticatorList{}) + return err +} + +// Patch applies the patch and returns the patched webhookAuthenticator. +func (c *FakeWebhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(webhookauthenticatorsResource, c.ns, name, pt, data, subresources...), &v1alpha1.WebhookAuthenticator{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.WebhookAuthenticator), err +} diff --git a/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go b/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go similarity index 77% rename from generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go rename to generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go index 69ebc739d..e1b1f2b40 100644 --- a/generated/1.18/client/clientset/versioned/typed/idp/v1alpha1/generated_expansion.go +++ b/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go @@ -5,4 +5,4 @@ package v1alpha1 -type WebhookIdentityProviderExpansion interface{} +type WebhookAuthenticatorExpansion interface{} diff --git a/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go b/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 000000000..22289160a --- /dev/null +++ b/generated/1.19/client/clientset/versioned/typed/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,182 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" + scheme "go.pinniped.dev/generated/1.19/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// WebhookAuthenticatorsGetter has a method to return a WebhookAuthenticatorInterface. +// A group's client should implement this interface. +type WebhookAuthenticatorsGetter interface { + WebhookAuthenticators(namespace string) WebhookAuthenticatorInterface +} + +// WebhookAuthenticatorInterface has methods to work with WebhookAuthenticator resources. +type WebhookAuthenticatorInterface interface { + Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (*v1alpha1.WebhookAuthenticator, error) + Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) + UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (*v1alpha1.WebhookAuthenticator, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.WebhookAuthenticator, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.WebhookAuthenticatorList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) + WebhookAuthenticatorExpansion +} + +// webhookAuthenticators implements WebhookAuthenticatorInterface +type webhookAuthenticators struct { + client rest.Interface + ns string +} + +// newWebhookAuthenticators returns a WebhookAuthenticators +func newWebhookAuthenticators(c *AuthenticationV1alpha1Client, namespace string) *webhookAuthenticators { + return &webhookAuthenticators{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the webhookAuthenticator, and returns the corresponding webhookAuthenticator object, and an error if there is any. +func (c *webhookAuthenticators) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Get(). + Namespace(c.ns). + Resource("webhookauthenticators"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of WebhookAuthenticators that match those selectors. +func (c *webhookAuthenticators) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookAuthenticatorList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.WebhookAuthenticatorList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested webhookAuthenticators. +func (c *webhookAuthenticators) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a webhookAuthenticator and creates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *webhookAuthenticators) Create(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.CreateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Post(). + Namespace(c.ns). + Resource("webhookauthenticators"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(webhookAuthenticator). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a webhookAuthenticator and updates it. Returns the server's representation of the webhookAuthenticator, and an error, if there is any. +func (c *webhookAuthenticators) Update(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Put(). + Namespace(c.ns). + Resource("webhookauthenticators"). + Name(webhookAuthenticator.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(webhookAuthenticator). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *webhookAuthenticators) UpdateStatus(ctx context.Context, webhookAuthenticator *v1alpha1.WebhookAuthenticator, opts v1.UpdateOptions) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Put(). + Namespace(c.ns). + Resource("webhookauthenticators"). + Name(webhookAuthenticator.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(webhookAuthenticator). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the webhookAuthenticator and deletes it. Returns an error if one occurs. +func (c *webhookAuthenticators) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("webhookauthenticators"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *webhookAuthenticators) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("webhookauthenticators"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched webhookAuthenticator. +func (c *webhookAuthenticators) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookAuthenticator, err error) { + result = &v1alpha1.WebhookAuthenticator{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("webhookauthenticators"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_webhookidentityprovider.go b/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_webhookidentityprovider.go deleted file mode 100644 index 3e31b6eb5..000000000 --- a/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/fake/fake_webhookidentityprovider.go +++ /dev/null @@ -1,129 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeWebhookIdentityProviders implements WebhookIdentityProviderInterface -type FakeWebhookIdentityProviders struct { - Fake *FakeIDPV1alpha1 - ns string -} - -var webhookidentityprovidersResource = schema.GroupVersionResource{Group: "idp.pinniped.dev", Version: "v1alpha1", Resource: "webhookidentityproviders"} - -var webhookidentityprovidersKind = schema.GroupVersionKind{Group: "idp.pinniped.dev", Version: "v1alpha1", Kind: "WebhookIdentityProvider"} - -// Get takes name of the webhookIdentityProvider, and returns the corresponding webhookIdentityProvider object, and an error if there is any. -func (c *FakeWebhookIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(webhookidentityprovidersResource, c.ns, name), &v1alpha1.WebhookIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookIdentityProvider), err -} - -// List takes label and field selectors, and returns the list of WebhookIdentityProviders that match those selectors. -func (c *FakeWebhookIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookIdentityProviderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(webhookidentityprovidersResource, webhookidentityprovidersKind, c.ns, opts), &v1alpha1.WebhookIdentityProviderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.WebhookIdentityProviderList{ListMeta: obj.(*v1alpha1.WebhookIdentityProviderList).ListMeta} - for _, item := range obj.(*v1alpha1.WebhookIdentityProviderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested webhookIdentityProviders. -func (c *FakeWebhookIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(webhookidentityprovidersResource, c.ns, opts)) - -} - -// Create takes the representation of a webhookIdentityProvider and creates it. Returns the server's representation of the webhookIdentityProvider, and an error, if there is any. -func (c *FakeWebhookIdentityProviders) Create(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.WebhookIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(webhookidentityprovidersResource, c.ns, webhookIdentityProvider), &v1alpha1.WebhookIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookIdentityProvider), err -} - -// Update takes the representation of a webhookIdentityProvider and updates it. Returns the server's representation of the webhookIdentityProvider, and an error, if there is any. -func (c *FakeWebhookIdentityProviders) Update(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.WebhookIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(webhookidentityprovidersResource, c.ns, webhookIdentityProvider), &v1alpha1.WebhookIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookIdentityProvider), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeWebhookIdentityProviders) UpdateStatus(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.WebhookIdentityProvider, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(webhookidentityprovidersResource, "status", c.ns, webhookIdentityProvider), &v1alpha1.WebhookIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookIdentityProvider), err -} - -// Delete takes name of the webhookIdentityProvider and deletes it. Returns an error if one occurs. -func (c *FakeWebhookIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(webhookidentityprovidersResource, c.ns, name), &v1alpha1.WebhookIdentityProvider{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeWebhookIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(webhookidentityprovidersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.WebhookIdentityProviderList{}) - return err -} - -// Patch applies the patch and returns the patched webhookIdentityProvider. -func (c *FakeWebhookIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookIdentityProvider, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(webhookidentityprovidersResource, c.ns, name, pt, data, subresources...), &v1alpha1.WebhookIdentityProvider{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.WebhookIdentityProvider), err -} diff --git a/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/webhookidentityprovider.go b/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/webhookidentityprovider.go deleted file mode 100644 index 05948c7f9..000000000 --- a/generated/1.19/client/clientset/versioned/typed/idp/v1alpha1/webhookidentityprovider.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" - scheme "go.pinniped.dev/generated/1.19/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// WebhookIdentityProvidersGetter has a method to return a WebhookIdentityProviderInterface. -// A group's client should implement this interface. -type WebhookIdentityProvidersGetter interface { - WebhookIdentityProviders(namespace string) WebhookIdentityProviderInterface -} - -// WebhookIdentityProviderInterface has methods to work with WebhookIdentityProvider resources. -type WebhookIdentityProviderInterface interface { - Create(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.CreateOptions) (*v1alpha1.WebhookIdentityProvider, error) - Update(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.WebhookIdentityProvider, error) - UpdateStatus(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.UpdateOptions) (*v1alpha1.WebhookIdentityProvider, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.WebhookIdentityProvider, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.WebhookIdentityProviderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookIdentityProvider, err error) - WebhookIdentityProviderExpansion -} - -// webhookIdentityProviders implements WebhookIdentityProviderInterface -type webhookIdentityProviders struct { - client rest.Interface - ns string -} - -// newWebhookIdentityProviders returns a WebhookIdentityProviders -func newWebhookIdentityProviders(c *IDPV1alpha1Client, namespace string) *webhookIdentityProviders { - return &webhookIdentityProviders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the webhookIdentityProvider, and returns the corresponding webhookIdentityProvider object, and an error if there is any. -func (c *webhookIdentityProviders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.WebhookIdentityProvider, err error) { - result = &v1alpha1.WebhookIdentityProvider{} - err = c.client.Get(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of WebhookIdentityProviders that match those selectors. -func (c *webhookIdentityProviders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.WebhookIdentityProviderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.WebhookIdentityProviderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested webhookIdentityProviders. -func (c *webhookIdentityProviders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a webhookIdentityProvider and creates it. Returns the server's representation of the webhookIdentityProvider, and an error, if there is any. -func (c *webhookIdentityProviders) Create(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.CreateOptions) (result *v1alpha1.WebhookIdentityProvider, err error) { - result = &v1alpha1.WebhookIdentityProvider{} - err = c.client.Post(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a webhookIdentityProvider and updates it. Returns the server's representation of the webhookIdentityProvider, and an error, if there is any. -func (c *webhookIdentityProviders) Update(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.WebhookIdentityProvider, err error) { - result = &v1alpha1.WebhookIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - Name(webhookIdentityProvider.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookIdentityProvider). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *webhookIdentityProviders) UpdateStatus(ctx context.Context, webhookIdentityProvider *v1alpha1.WebhookIdentityProvider, opts v1.UpdateOptions) (result *v1alpha1.WebhookIdentityProvider, err error) { - result = &v1alpha1.WebhookIdentityProvider{} - err = c.client.Put(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - Name(webhookIdentityProvider.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(webhookIdentityProvider). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the webhookIdentityProvider and deletes it. Returns an error if one occurs. -func (c *webhookIdentityProviders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *webhookIdentityProviders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("webhookidentityproviders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched webhookIdentityProvider. -func (c *webhookIdentityProviders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.WebhookIdentityProvider, err error) { - result = &v1alpha1.WebhookIdentityProvider{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("webhookidentityproviders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/generated/1.19/client/informers/externalversions/idp/interface.go b/generated/1.19/client/informers/externalversions/authentication/interface.go similarity index 94% rename from generated/1.19/client/informers/externalversions/idp/interface.go rename to generated/1.19/client/informers/externalversions/authentication/interface.go index 8094d853d..a8e51d7f4 100644 --- a/generated/1.19/client/informers/externalversions/idp/interface.go +++ b/generated/1.19/client/informers/externalversions/authentication/interface.go @@ -3,10 +3,10 @@ // Code generated by informer-gen. DO NOT EDIT. -package idp +package authentication import ( - v1alpha1 "go.pinniped.dev/generated/1.19/client/informers/externalversions/idp/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.19/client/informers/externalversions/authentication/v1alpha1" internalinterfaces "go.pinniped.dev/generated/1.19/client/informers/externalversions/internalinterfaces" ) diff --git a/generated/1.19/client/informers/externalversions/idp/v1alpha1/interface.go b/generated/1.19/client/informers/externalversions/authentication/v1alpha1/interface.go similarity index 67% rename from generated/1.19/client/informers/externalversions/idp/v1alpha1/interface.go rename to generated/1.19/client/informers/externalversions/authentication/v1alpha1/interface.go index bc3981a3d..aa6561886 100644 --- a/generated/1.19/client/informers/externalversions/idp/v1alpha1/interface.go +++ b/generated/1.19/client/informers/externalversions/authentication/v1alpha1/interface.go @@ -11,8 +11,8 @@ import ( // Interface provides access to all the informers in this group version. type Interface interface { - // WebhookIdentityProviders returns a WebhookIdentityProviderInformer. - WebhookIdentityProviders() WebhookIdentityProviderInformer + // WebhookAuthenticators returns a WebhookAuthenticatorInformer. + WebhookAuthenticators() WebhookAuthenticatorInformer } type version struct { @@ -26,7 +26,7 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} } -// WebhookIdentityProviders returns a WebhookIdentityProviderInformer. -func (v *version) WebhookIdentityProviders() WebhookIdentityProviderInformer { - return &webhookIdentityProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +// WebhookAuthenticators returns a WebhookAuthenticatorInformer. +func (v *version) WebhookAuthenticators() WebhookAuthenticatorInformer { + return &webhookAuthenticatorInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } diff --git a/generated/1.19/client/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go b/generated/1.19/client/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 000000000..1a1e0b514 --- /dev/null +++ b/generated/1.19/client/informers/externalversions/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,77 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + authenticationv1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" + versioned "go.pinniped.dev/generated/1.19/client/clientset/versioned" + internalinterfaces "go.pinniped.dev/generated/1.19/client/informers/externalversions/internalinterfaces" + v1alpha1 "go.pinniped.dev/generated/1.19/client/listers/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// WebhookAuthenticatorInformer provides access to a shared informer and lister for +// WebhookAuthenticators. +type WebhookAuthenticatorInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.WebhookAuthenticatorLister +} + +type webhookAuthenticatorInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewWebhookAuthenticatorInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredWebhookAuthenticatorInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredWebhookAuthenticatorInformer constructs a new informer for WebhookAuthenticator type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredWebhookAuthenticatorInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().WebhookAuthenticators(namespace).Watch(context.TODO(), options) + }, + }, + &authenticationv1alpha1.WebhookAuthenticator{}, + resyncPeriod, + indexers, + ) +} + +func (f *webhookAuthenticatorInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredWebhookAuthenticatorInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *webhookAuthenticatorInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&authenticationv1alpha1.WebhookAuthenticator{}, f.defaultInformer) +} + +func (f *webhookAuthenticatorInformer) Lister() v1alpha1.WebhookAuthenticatorLister { + return v1alpha1.NewWebhookAuthenticatorLister(f.Informer().GetIndexer()) +} diff --git a/generated/1.19/client/informers/externalversions/factory.go b/generated/1.19/client/informers/externalversions/factory.go index 5f503b85b..58dcf259a 100644 --- a/generated/1.19/client/informers/externalversions/factory.go +++ b/generated/1.19/client/informers/externalversions/factory.go @@ -11,8 +11,8 @@ import ( time "time" versioned "go.pinniped.dev/generated/1.19/client/clientset/versioned" + authentication "go.pinniped.dev/generated/1.19/client/informers/externalversions/authentication" config "go.pinniped.dev/generated/1.19/client/informers/externalversions/config" - idp "go.pinniped.dev/generated/1.19/client/informers/externalversions/idp" internalinterfaces "go.pinniped.dev/generated/1.19/client/informers/externalversions/internalinterfaces" login "go.pinniped.dev/generated/1.19/client/informers/externalversions/login" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -161,19 +161,19 @@ type SharedInformerFactory interface { ForResource(resource schema.GroupVersionResource) (GenericInformer, error) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + Authentication() authentication.Interface Config() config.Interface - IDP() idp.Interface Login() login.Interface } +func (f *sharedInformerFactory) Authentication() authentication.Interface { + return authentication.New(f, f.namespace, f.tweakListOptions) +} + func (f *sharedInformerFactory) Config() config.Interface { return config.New(f, f.namespace, f.tweakListOptions) } -func (f *sharedInformerFactory) IDP() idp.Interface { - return idp.New(f, f.namespace, f.tweakListOptions) -} - func (f *sharedInformerFactory) Login() login.Interface { return login.New(f, f.namespace, f.tweakListOptions) } diff --git a/generated/1.19/client/informers/externalversions/generic.go b/generated/1.19/client/informers/externalversions/generic.go index 46029aba2..16bc4b108 100644 --- a/generated/1.19/client/informers/externalversions/generic.go +++ b/generated/1.19/client/informers/externalversions/generic.go @@ -8,9 +8,9 @@ package externalversions import ( "fmt" + v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" loginv1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1" - v1alpha1 "go.pinniped.dev/generated/1.19/apis/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.19/apis/config/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) @@ -41,15 +41,15 @@ func (f *genericInformer) Lister() cache.GenericLister { // TODO extend this to unknown resources with a client pool func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { switch resource { - // Group=config.pinniped.dev, Version=v1alpha1 - case v1alpha1.SchemeGroupVersion.WithResource("credentialissuerconfigs"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuerConfigs().Informer()}, nil - case v1alpha1.SchemeGroupVersion.WithResource("oidcproviderconfigs"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCProviderConfigs().Informer()}, nil + // Group=authentication.concierge.pinniped.dev, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithResource("webhookauthenticators"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().WebhookAuthenticators().Informer()}, nil - // Group=idp.pinniped.dev, Version=v1alpha1 - case idpv1alpha1.SchemeGroupVersion.WithResource("webhookidentityproviders"): - return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().WebhookIdentityProviders().Informer()}, nil + // Group=config.pinniped.dev, Version=v1alpha1 + case configv1alpha1.SchemeGroupVersion.WithResource("credentialissuerconfigs"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().CredentialIssuerConfigs().Informer()}, nil + case configv1alpha1.SchemeGroupVersion.WithResource("oidcproviderconfigs"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCProviderConfigs().Informer()}, nil // Group=login.concierge.pinniped.dev, Version=v1alpha1 case loginv1alpha1.SchemeGroupVersion.WithResource("tokencredentialrequests"): diff --git a/generated/1.19/client/informers/externalversions/idp/v1alpha1/webhookidentityprovider.go b/generated/1.19/client/informers/externalversions/idp/v1alpha1/webhookidentityprovider.go deleted file mode 100644 index 5d8814a07..000000000 --- a/generated/1.19/client/informers/externalversions/idp/v1alpha1/webhookidentityprovider.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - idpv1alpha1 "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" - versioned "go.pinniped.dev/generated/1.19/client/clientset/versioned" - internalinterfaces "go.pinniped.dev/generated/1.19/client/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.19/client/listers/idp/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// WebhookIdentityProviderInformer provides access to a shared informer and lister for -// WebhookIdentityProviders. -type WebhookIdentityProviderInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.WebhookIdentityProviderLister -} - -type webhookIdentityProviderInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewWebhookIdentityProviderInformer constructs a new informer for WebhookIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewWebhookIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredWebhookIdentityProviderInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredWebhookIdentityProviderInformer constructs a new informer for WebhookIdentityProvider type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredWebhookIdentityProviderInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().WebhookIdentityProviders(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.IDPV1alpha1().WebhookIdentityProviders(namespace).Watch(context.TODO(), options) - }, - }, - &idpv1alpha1.WebhookIdentityProvider{}, - resyncPeriod, - indexers, - ) -} - -func (f *webhookIdentityProviderInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredWebhookIdentityProviderInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *webhookIdentityProviderInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&idpv1alpha1.WebhookIdentityProvider{}, f.defaultInformer) -} - -func (f *webhookIdentityProviderInformer) Lister() v1alpha1.WebhookIdentityProviderLister { - return v1alpha1.NewWebhookIdentityProviderLister(f.Informer().GetIndexer()) -} diff --git a/generated/1.19/client/listers/authentication/v1alpha1/expansion_generated.go b/generated/1.19/client/listers/authentication/v1alpha1/expansion_generated.go new file mode 100644 index 000000000..25e1ad662 --- /dev/null +++ b/generated/1.19/client/listers/authentication/v1alpha1/expansion_generated.go @@ -0,0 +1,14 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// WebhookAuthenticatorListerExpansion allows custom methods to be added to +// WebhookAuthenticatorLister. +type WebhookAuthenticatorListerExpansion interface{} + +// WebhookAuthenticatorNamespaceListerExpansion allows custom methods to be added to +// WebhookAuthenticatorNamespaceLister. +type WebhookAuthenticatorNamespaceListerExpansion interface{} diff --git a/generated/1.19/client/listers/authentication/v1alpha1/webhookauthenticator.go b/generated/1.19/client/listers/authentication/v1alpha1/webhookauthenticator.go new file mode 100644 index 000000000..23bbb71d5 --- /dev/null +++ b/generated/1.19/client/listers/authentication/v1alpha1/webhookauthenticator.go @@ -0,0 +1,86 @@ +// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// WebhookAuthenticatorLister helps list WebhookAuthenticators. +// All objects returned here must be treated as read-only. +type WebhookAuthenticatorLister interface { + // List lists all WebhookAuthenticators in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) + // WebhookAuthenticators returns an object that can list and get WebhookAuthenticators. + WebhookAuthenticators(namespace string) WebhookAuthenticatorNamespaceLister + WebhookAuthenticatorListerExpansion +} + +// webhookAuthenticatorLister implements the WebhookAuthenticatorLister interface. +type webhookAuthenticatorLister struct { + indexer cache.Indexer +} + +// NewWebhookAuthenticatorLister returns a new WebhookAuthenticatorLister. +func NewWebhookAuthenticatorLister(indexer cache.Indexer) WebhookAuthenticatorLister { + return &webhookAuthenticatorLister{indexer: indexer} +} + +// List lists all WebhookAuthenticators in the indexer. +func (s *webhookAuthenticatorLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.WebhookAuthenticator)) + }) + return ret, err +} + +// WebhookAuthenticators returns an object that can list and get WebhookAuthenticators. +func (s *webhookAuthenticatorLister) WebhookAuthenticators(namespace string) WebhookAuthenticatorNamespaceLister { + return webhookAuthenticatorNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// WebhookAuthenticatorNamespaceLister helps list and get WebhookAuthenticators. +// All objects returned here must be treated as read-only. +type WebhookAuthenticatorNamespaceLister interface { + // List lists all WebhookAuthenticators in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) + // Get retrieves the WebhookAuthenticator from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.WebhookAuthenticator, error) + WebhookAuthenticatorNamespaceListerExpansion +} + +// webhookAuthenticatorNamespaceLister implements the WebhookAuthenticatorNamespaceLister +// interface. +type webhookAuthenticatorNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all WebhookAuthenticators in the indexer for a given namespace. +func (s webhookAuthenticatorNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookAuthenticator, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.WebhookAuthenticator)) + }) + return ret, err +} + +// Get retrieves the WebhookAuthenticator from the indexer for a given namespace and name. +func (s webhookAuthenticatorNamespaceLister) Get(name string) (*v1alpha1.WebhookAuthenticator, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("webhookauthenticator"), name) + } + return obj.(*v1alpha1.WebhookAuthenticator), nil +} diff --git a/generated/1.19/client/listers/idp/v1alpha1/expansion_generated.go b/generated/1.19/client/listers/idp/v1alpha1/expansion_generated.go deleted file mode 100644 index f0b280e1b..000000000 --- a/generated/1.19/client/listers/idp/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// WebhookIdentityProviderListerExpansion allows custom methods to be added to -// WebhookIdentityProviderLister. -type WebhookIdentityProviderListerExpansion interface{} - -// WebhookIdentityProviderNamespaceListerExpansion allows custom methods to be added to -// WebhookIdentityProviderNamespaceLister. -type WebhookIdentityProviderNamespaceListerExpansion interface{} diff --git a/generated/1.19/client/listers/idp/v1alpha1/webhookidentityprovider.go b/generated/1.19/client/listers/idp/v1alpha1/webhookidentityprovider.go deleted file mode 100644 index 93c7de14f..000000000 --- a/generated/1.19/client/listers/idp/v1alpha1/webhookidentityprovider.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// WebhookIdentityProviderLister helps list WebhookIdentityProviders. -// All objects returned here must be treated as read-only. -type WebhookIdentityProviderLister interface { - // List lists all WebhookIdentityProviders in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.WebhookIdentityProvider, err error) - // WebhookIdentityProviders returns an object that can list and get WebhookIdentityProviders. - WebhookIdentityProviders(namespace string) WebhookIdentityProviderNamespaceLister - WebhookIdentityProviderListerExpansion -} - -// webhookIdentityProviderLister implements the WebhookIdentityProviderLister interface. -type webhookIdentityProviderLister struct { - indexer cache.Indexer -} - -// NewWebhookIdentityProviderLister returns a new WebhookIdentityProviderLister. -func NewWebhookIdentityProviderLister(indexer cache.Indexer) WebhookIdentityProviderLister { - return &webhookIdentityProviderLister{indexer: indexer} -} - -// List lists all WebhookIdentityProviders in the indexer. -func (s *webhookIdentityProviderLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookIdentityProvider, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.WebhookIdentityProvider)) - }) - return ret, err -} - -// WebhookIdentityProviders returns an object that can list and get WebhookIdentityProviders. -func (s *webhookIdentityProviderLister) WebhookIdentityProviders(namespace string) WebhookIdentityProviderNamespaceLister { - return webhookIdentityProviderNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// WebhookIdentityProviderNamespaceLister helps list and get WebhookIdentityProviders. -// All objects returned here must be treated as read-only. -type WebhookIdentityProviderNamespaceLister interface { - // List lists all WebhookIdentityProviders in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.WebhookIdentityProvider, err error) - // Get retrieves the WebhookIdentityProvider from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.WebhookIdentityProvider, error) - WebhookIdentityProviderNamespaceListerExpansion -} - -// webhookIdentityProviderNamespaceLister implements the WebhookIdentityProviderNamespaceLister -// interface. -type webhookIdentityProviderNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all WebhookIdentityProviders in the indexer for a given namespace. -func (s webhookIdentityProviderNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.WebhookIdentityProvider, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.WebhookIdentityProvider)) - }) - return ret, err -} - -// Get retrieves the WebhookIdentityProvider from the indexer for a given namespace and name. -func (s webhookIdentityProviderNamespaceLister) Get(name string) (*v1alpha1.WebhookIdentityProvider, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("webhookidentityprovider"), name) - } - return obj.(*v1alpha1.WebhookIdentityProvider), nil -} diff --git a/generated/1.19/client/openapi/zz_generated.openapi.go b/generated/1.19/client/openapi/zz_generated.openapi.go index 900e7b71b..ef20e195d 100644 --- a/generated/1.19/client/openapi/zz_generated.openapi.go +++ b/generated/1.19/client/openapi/zz_generated.openapi.go @@ -17,78 +17,316 @@ import ( func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ - "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), - "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), - "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), - "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), - "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), - "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.CredentialIssuerConfig": schema_119_apis_config_v1alpha1_CredentialIssuerConfig(ref), - "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo": schema_119_apis_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref), - "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.CredentialIssuerConfigList": schema_119_apis_config_v1alpha1_CredentialIssuerConfigList(ref), - "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.CredentialIssuerConfigStatus": schema_119_apis_config_v1alpha1_CredentialIssuerConfigStatus(ref), - "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.CredentialIssuerConfigStrategy": schema_119_apis_config_v1alpha1_CredentialIssuerConfigStrategy(ref), - "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.OIDCProviderConfig": schema_119_apis_config_v1alpha1_OIDCProviderConfig(ref), - "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.OIDCProviderConfigList": schema_119_apis_config_v1alpha1_OIDCProviderConfigList(ref), - "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.OIDCProviderConfigSpec": schema_119_apis_config_v1alpha1_OIDCProviderConfigSpec(ref), - "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.OIDCProviderConfigStatus": schema_119_apis_config_v1alpha1_OIDCProviderConfigStatus(ref), - "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1.Condition": schema_119_apis_idp_v1alpha1_Condition(ref), - "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1.TLSSpec": schema_119_apis_idp_v1alpha1_TLSSpec(ref), - "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1.WebhookIdentityProvider": schema_119_apis_idp_v1alpha1_WebhookIdentityProvider(ref), - "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1.WebhookIdentityProviderList": schema_119_apis_idp_v1alpha1_WebhookIdentityProviderList(ref), - "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1.WebhookIdentityProviderSpec": schema_119_apis_idp_v1alpha1_WebhookIdentityProviderSpec(ref), - "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1.WebhookIdentityProviderStatus": schema_119_apis_idp_v1alpha1_WebhookIdentityProviderStatus(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Condition": schema_pkg_apis_meta_v1_Condition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ExportOptions": schema_pkg_apis_meta_v1_ExportOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), - "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), - "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), - "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), - "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), - "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), + "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.Condition": schema_apis_concierge_authentication_v1alpha1_Condition(ref), + "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.TLSSpec": schema_apis_concierge_authentication_v1alpha1_TLSSpec(ref), + "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticator": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticator(ref), + "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorList": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref), + "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref), + "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus": schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref), + "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.ClusterCredential": schema_apis_concierge_login_v1alpha1_ClusterCredential(ref), + "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequest": schema_apis_concierge_login_v1alpha1_TokenCredentialRequest(ref), + "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequestList": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestList(ref), + "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequestSpec": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref), + "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1.TokenCredentialRequestStatus": schema_apis_concierge_login_v1alpha1_TokenCredentialRequestStatus(ref), + "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.CredentialIssuerConfig": schema_119_apis_config_v1alpha1_CredentialIssuerConfig(ref), + "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.CredentialIssuerConfigKubeConfigInfo": schema_119_apis_config_v1alpha1_CredentialIssuerConfigKubeConfigInfo(ref), + "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.CredentialIssuerConfigList": schema_119_apis_config_v1alpha1_CredentialIssuerConfigList(ref), + "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.CredentialIssuerConfigStatus": schema_119_apis_config_v1alpha1_CredentialIssuerConfigStatus(ref), + "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.CredentialIssuerConfigStrategy": schema_119_apis_config_v1alpha1_CredentialIssuerConfigStrategy(ref), + "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.OIDCProviderConfig": schema_119_apis_config_v1alpha1_OIDCProviderConfig(ref), + "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.OIDCProviderConfigList": schema_119_apis_config_v1alpha1_OIDCProviderConfigList(ref), + "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.OIDCProviderConfigSpec": schema_119_apis_config_v1alpha1_OIDCProviderConfigSpec(ref), + "go.pinniped.dev/generated/1.19/apis/config/v1alpha1.OIDCProviderConfigStatus": schema_119_apis_config_v1alpha1_OIDCProviderConfigStatus(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroup": schema_pkg_apis_meta_v1_APIGroup(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIGroupList": schema_pkg_apis_meta_v1_APIGroupList(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIResource": schema_pkg_apis_meta_v1_APIResource(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIResourceList": schema_pkg_apis_meta_v1_APIResourceList(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.APIVersions": schema_pkg_apis_meta_v1_APIVersions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Condition": schema_pkg_apis_meta_v1_Condition(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.CreateOptions": schema_pkg_apis_meta_v1_CreateOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.DeleteOptions": schema_pkg_apis_meta_v1_DeleteOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Duration": schema_pkg_apis_meta_v1_Duration(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ExportOptions": schema_pkg_apis_meta_v1_ExportOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.FieldsV1": schema_pkg_apis_meta_v1_FieldsV1(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GetOptions": schema_pkg_apis_meta_v1_GetOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupKind": schema_pkg_apis_meta_v1_GroupKind(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupResource": schema_pkg_apis_meta_v1_GroupResource(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersion": schema_pkg_apis_meta_v1_GroupVersion(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionForDiscovery": schema_pkg_apis_meta_v1_GroupVersionForDiscovery(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionKind": schema_pkg_apis_meta_v1_GroupVersionKind(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.GroupVersionResource": schema_pkg_apis_meta_v1_GroupVersionResource(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.InternalEvent": schema_pkg_apis_meta_v1_InternalEvent(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector": schema_pkg_apis_meta_v1_LabelSelector(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement": schema_pkg_apis_meta_v1_LabelSelectorRequirement(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.List": schema_pkg_apis_meta_v1_List(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta": schema_pkg_apis_meta_v1_ListMeta(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ListOptions": schema_pkg_apis_meta_v1_ListOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ManagedFieldsEntry": schema_pkg_apis_meta_v1_ManagedFieldsEntry(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.MicroTime": schema_pkg_apis_meta_v1_MicroTime(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta": schema_pkg_apis_meta_v1_ObjectMeta(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.OwnerReference": schema_pkg_apis_meta_v1_OwnerReference(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadata": schema_pkg_apis_meta_v1_PartialObjectMetadata(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.PartialObjectMetadataList": schema_pkg_apis_meta_v1_PartialObjectMetadataList(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Patch": schema_pkg_apis_meta_v1_Patch(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.PatchOptions": schema_pkg_apis_meta_v1_PatchOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Preconditions": schema_pkg_apis_meta_v1_Preconditions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.RootPaths": schema_pkg_apis_meta_v1_RootPaths(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.ServerAddressByClientCIDR": schema_pkg_apis_meta_v1_ServerAddressByClientCIDR(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Status": schema_pkg_apis_meta_v1_Status(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.StatusCause": schema_pkg_apis_meta_v1_StatusCause(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.StatusDetails": schema_pkg_apis_meta_v1_StatusDetails(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Table": schema_pkg_apis_meta_v1_Table(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.TableColumnDefinition": schema_pkg_apis_meta_v1_TableColumnDefinition(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.TableOptions": schema_pkg_apis_meta_v1_TableOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.TableRow": schema_pkg_apis_meta_v1_TableRow(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.TableRowCondition": schema_pkg_apis_meta_v1_TableRowCondition(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Time": schema_pkg_apis_meta_v1_Time(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.Timestamp": schema_pkg_apis_meta_v1_Timestamp(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.TypeMeta": schema_pkg_apis_meta_v1_TypeMeta(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.UpdateOptions": schema_pkg_apis_meta_v1_UpdateOptions(ref), + "k8s.io/apimachinery/pkg/apis/meta/v1.WatchEvent": schema_pkg_apis_meta_v1_WatchEvent(ref), + "k8s.io/apimachinery/pkg/runtime.RawExtension": schema_k8sio_apimachinery_pkg_runtime_RawExtension(ref), + "k8s.io/apimachinery/pkg/runtime.TypeMeta": schema_k8sio_apimachinery_pkg_runtime_TypeMeta(ref), + "k8s.io/apimachinery/pkg/runtime.Unknown": schema_k8sio_apimachinery_pkg_runtime_Unknown(ref), + "k8s.io/apimachinery/pkg/version.Info": schema_k8sio_apimachinery_pkg_version_Info(ref), + } +} + +func schema_apis_concierge_authentication_v1alpha1_Condition(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "type": { + SchemaProps: spec.SchemaProps{ + Description: "type of condition in CamelCase or in foo.example.com/CamelCase.", + Type: []string{"string"}, + Format: "", + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Description: "status of the condition, one of True, False, Unknown.", + Type: []string{"string"}, + Format: "", + }, + }, + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", + Type: []string{"integer"}, + Format: "int64", + }, + }, + "lastTransitionTime": { + SchemaProps: spec.SchemaProps{ + Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + }, + }, + "reason": { + SchemaProps: spec.SchemaProps{ + Description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", + Type: []string{"string"}, + Format: "", + }, + }, + "message": { + SchemaProps: spec.SchemaProps{ + Description: "message is a human readable message indicating details about the transition. This may be an empty string.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + Required: []string{"type", "status", "lastTransitionTime", "reason", "message"}, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + } +} + +func schema_apis_concierge_authentication_v1alpha1_TLSSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Configuration for configuring TLS on various authenticators.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "certificateAuthorityData": { + SchemaProps: spec.SchemaProps{ + Description: "X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + } +} + +func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticator(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "WebhookAuthenticator describes the configuration of a webhook authenticator.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "spec": { + SchemaProps: spec.SchemaProps{ + Description: "Spec for configuring the authenticator.", + Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec"), + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Description: "Status of the authenticator.", + Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus"), + }, + }, + }, + Required: []string{"spec"}, + }, + }, + Dependencies: []string{ + "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorSpec", "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticatorStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "List of WebhookAuthenticator objects.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticator"), + }, + }, + }, + }, + }, + }, + Required: []string{"items"}, + }, + }, + Dependencies: []string{ + "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.WebhookAuthenticator", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + } +} + +func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Spec for configuring a webhook authenticator.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "endpoint": { + SchemaProps: spec.SchemaProps{ + Description: "Webhook server endpoint URL.", + Type: []string{"string"}, + Format: "", + }, + }, + "tls": { + SchemaProps: spec.SchemaProps{ + Description: "TLS configuration.", + Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.TLSSpec"), + }, + }, + }, + Required: []string{"endpoint"}, + }, + }, + Dependencies: []string{ + "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.TLSSpec"}, + } +} + +func schema_apis_concierge_authentication_v1alpha1_WebhookAuthenticatorStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Status of a webhook authenticator.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "conditions": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-map-keys": []interface{}{ + "type", + }, + "x-kubernetes-list-type": "map", + "x-kubernetes-patch-merge-key": "type", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Represents the observations of the authenticator's current state.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.Condition"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1.Condition"}, } } @@ -239,14 +477,14 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common. Format: "", }, }, - "identityProvider": { + "authenticator": { SchemaProps: spec.SchemaProps{ - Description: "Reference to an identity provider which can fulfill this credential request.", + Description: "Reference to an authenticator which can validate this credential request.", Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), }, }, }, - Required: []string{"identityProvider"}, + Required: []string{"authenticator"}, }, }, Dependencies: []string{ @@ -643,244 +881,6 @@ func schema_119_apis_config_v1alpha1_OIDCProviderConfigStatus(ref common.Referen } } -func schema_119_apis_idp_v1alpha1_Condition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can switch to using the upstream type. See https://github.com/kubernetes/apimachinery/blob/v0.19.0/pkg/apis/meta/v1/types.go#L1353-L1413.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Description: "type of condition in CamelCase or in foo.example.com/CamelCase.", - Type: []string{"string"}, - Format: "", - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "status of the condition, one of True, False, Unknown.", - Type: []string{"string"}, - Format: "", - }, - }, - "observedGeneration": { - SchemaProps: spec.SchemaProps{ - Description: "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.", - Type: []string{"integer"}, - Format: "int64", - }, - }, - "lastTransitionTime": { - SchemaProps: spec.SchemaProps{ - Description: "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "message is a human readable message indicating details about the transition. This may be an empty string.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"type", "status", "lastTransitionTime", "reason", "message"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_119_apis_idp_v1alpha1_TLSSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Configuration for configuring TLS on various identity providers.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "certificateAuthorityData": { - SchemaProps: spec.SchemaProps{ - Description: "X.509 Certificate Authority (base64-encoded PEM bundle). If omitted, a default set of system roots will be trusted.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - -func schema_119_apis_idp_v1alpha1_WebhookIdentityProvider(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "WebhookIdentityProvider describes the configuration of a Pinniped webhook identity provider.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "spec": { - SchemaProps: spec.SchemaProps{ - Description: "Spec for configuring the identity provider.", - Ref: ref("go.pinniped.dev/generated/1.19/apis/idp/v1alpha1.WebhookIdentityProviderSpec"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "Status of the identity provider.", - Ref: ref("go.pinniped.dev/generated/1.19/apis/idp/v1alpha1.WebhookIdentityProviderStatus"), - }, - }, - }, - Required: []string{"spec"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1.WebhookIdentityProviderSpec", "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1.WebhookIdentityProviderStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_119_apis_idp_v1alpha1_WebhookIdentityProviderList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "List of WebhookIdentityProvider objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("go.pinniped.dev/generated/1.19/apis/idp/v1alpha1.WebhookIdentityProvider"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1.WebhookIdentityProvider", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, - } -} - -func schema_119_apis_idp_v1alpha1_WebhookIdentityProviderSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Spec for configuring a webhook identity provider.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "endpoint": { - SchemaProps: spec.SchemaProps{ - Description: "Webhook server endpoint URL.", - Type: []string{"string"}, - Format: "", - }, - }, - "tls": { - SchemaProps: spec.SchemaProps{ - Description: "TLS configuration.", - Ref: ref("go.pinniped.dev/generated/1.19/apis/idp/v1alpha1.TLSSpec"), - }, - }, - }, - Required: []string{"endpoint"}, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1.TLSSpec"}, - } -} - -func schema_119_apis_idp_v1alpha1_WebhookIdentityProviderStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Status of a webhook identity provider.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "conditions": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-map-keys": []interface{}{ - "type", - }, - "x-kubernetes-list-type": "map", - "x-kubernetes-patch-merge-key": "type", - "x-kubernetes-patch-strategy": "merge", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "Represents the observations of an identity provider's current state.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("go.pinniped.dev/generated/1.19/apis/idp/v1alpha1.Condition"), - }, - }, - }, - }, - }, - }, - }, - }, - Dependencies: []string{ - "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1.Condition"}, - } -} - func schema_pkg_apis_meta_v1_APIGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ diff --git a/deploy/concierge/idp.pinniped.dev_webhookidentityproviders.yaml b/generated/1.19/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml similarity index 89% rename from deploy/concierge/idp.pinniped.dev_webhookidentityproviders.yaml rename to generated/1.19/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml index 213b7ad20..9ae6152e1 100644 --- a/deploy/concierge/idp.pinniped.dev_webhookidentityproviders.yaml +++ b/generated/1.19/crds/authentication.concierge.pinniped.dev_webhookauthenticators.yaml @@ -6,21 +6,18 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.4.0 creationTimestamp: null - name: webhookidentityproviders.idp.pinniped.dev + name: webhookauthenticators.authentication.concierge.pinniped.dev spec: - group: idp.pinniped.dev + group: authentication.concierge.pinniped.dev names: categories: - all - - idp - - idps - kind: WebhookIdentityProvider - listKind: WebhookIdentityProviderList - plural: webhookidentityproviders - shortNames: - - webhookidp - - webhookidps - singular: webhookidentityprovider + - authenticator + - authenticators + kind: WebhookAuthenticator + listKind: WebhookAuthenticatorList + plural: webhookauthenticators + singular: webhookauthenticator scope: Namespaced versions: - additionalPrinterColumns: @@ -30,8 +27,8 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: WebhookIdentityProvider describes the configuration of a Pinniped - webhook identity provider. + description: WebhookAuthenticator describes the configuration of a webhook + authenticator. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -46,7 +43,7 @@ spec: metadata: type: object spec: - description: Spec for configuring the identity provider. + description: Spec for configuring the authenticator. properties: endpoint: description: Webhook server endpoint URL. @@ -65,11 +62,11 @@ spec: - endpoint type: object status: - description: Status of the identity provider. + description: Status of the authenticator. properties: conditions: - description: Represents the observations of an identity provider's - current state. + description: Represents the observations of the authenticator's current + state. items: description: Condition status of a resource (mirrored from the metav1.Condition type added in Kubernetes 1.19). In a future API version we can diff --git a/hack/lib/docs/config.yaml b/hack/lib/docs/config.yaml index 6efb47114..999585972 100644 --- a/hack/lib/docs/config.yaml +++ b/hack/lib/docs/config.yaml @@ -4,7 +4,7 @@ processor: # Ignore internal API versions ignoreGroupVersions: - "config.pinniped.dev/config" - - "idp.pinniped.dev/idp" + - "authentication.concierge.pinniped.dev/authentication" - "login.concierge.pinniped.dev/login" ignoreFields: - "TypeMeta$" diff --git a/hack/lib/tilt/Tiltfile b/hack/lib/tilt/Tiltfile index 67509cc44..7552f7436 100644 --- a/hack/lib/tilt/Tiltfile +++ b/hack/lib/tilt/Tiltfile @@ -170,7 +170,7 @@ k8s_resource( 'pinniped-concierge:clusterrolebinding', 'pinniped-concierge:serviceaccount', 'credentialissuerconfigs.config.pinniped.dev:customresourcedefinition', - 'webhookidentityproviders.idp.pinniped.dev:customresourcedefinition', + 'webhookauthenticators.authentication.concierge.pinniped.dev:customresourcedefinition', 'v1alpha1.login.concierge.pinniped.dev:apiservice', ], ) diff --git a/hack/lib/update-codegen.sh b/hack/lib/update-codegen.sh index 001c8d55c..293ccae17 100755 --- a/hack/lib/update-codegen.sh +++ b/hack/lib/update-codegen.sh @@ -110,7 +110,7 @@ echo "generating API-related code for our public API groups..." deepcopy \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/apis" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/apis" \ - "config:v1alpha1 idp:v1alpha1 concierge/login:v1alpha1" \ + "config:v1alpha1 concierge/authentication:v1alpha1 concierge/login:v1alpha1" \ --go-header-file "${ROOT}/hack/boilerplate.go.txt" 2>&1 | sed "s|^|gen-api > |" ) @@ -122,7 +122,7 @@ echo "generating API-related code for our internal API groups..." "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/client" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/apis" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/apis" \ - "config:v1alpha1 idp:v1alpha1 concierge/login:v1alpha1" \ + "config:v1alpha1 concierge/authentication:v1alpha1 concierge/login:v1alpha1" \ --go-header-file "${ROOT}/hack/boilerplate.go.txt" 2>&1 | sed "s|^|gen-int-api > |" ) @@ -137,7 +137,7 @@ echo "generating client code for our public API groups..." client,lister,informer \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/client" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/apis" \ - "config:v1alpha1 idp:v1alpha1 concierge/login:v1alpha1" \ + "config:v1alpha1 concierge/authentication:v1alpha1 concierge/login:v1alpha1" \ --go-header-file "${ROOT}/hack/boilerplate.go.txt" 2>&1 | sed "s|^|gen-client > |" ) @@ -157,5 +157,5 @@ crd-ref-docs \ # Generate CRD YAML (cd apis && controller-gen paths=./config/v1alpha1 crd:trivialVersions=true output:crd:artifacts:config=../crds && - controller-gen paths=./idp/v1alpha1 crd:trivialVersions=true output:crd:artifacts:config=../crds + controller-gen paths=./concierge/authentication/v1alpha1 crd:trivialVersions=true output:crd:artifacts:config=../crds ) diff --git a/hack/update.sh b/hack/update.sh index 6a3cb3833..027ed3546 100755 --- a/hack/update.sh +++ b/hack/update.sh @@ -13,7 +13,7 @@ xargs -n 1 -P 8 "$ROOT/hack/lib/update-codegen.sh" < "${ROOT}/hack/lib/kube-vers # Copy each CRD yaml to the app which should cause it to be installed. cp "$ROOT"/generated/1.19/crds/*oidcproviderconfigs.yaml "$ROOT/deploy/supervisor" cp "$ROOT"/generated/1.19/crds/*credentialissuerconfigs.yaml "$ROOT/deploy/concierge" -cp "$ROOT"/generated/1.19/crds/*webhookidentityproviders.yaml "$ROOT/deploy/concierge" +cp "$ROOT"/generated/1.19/crds/*webhookauthenticators.yaml "$ROOT/deploy/concierge" # Make sure we didn't miss any new CRDs. crdCount=$(find "$ROOT"/generated/1.19/crds/ -maxdepth 1 -type f -name '*.yaml' | wc -l | tr -d ' ') diff --git a/internal/client/client.go b/internal/client/client.go index 28e4c188d..435b59271 100644 --- a/internal/client/client.go +++ b/internal/client/client.go @@ -23,7 +23,7 @@ import ( var ErrLoginFailed = errors.New("login failed") // ExchangeToken exchanges an opaque token using the Pinniped TokenCredentialRequest API, returning a client-go ExecCredential valid on the target cluster. -func ExchangeToken(ctx context.Context, namespace string, idp corev1.TypedLocalObjectReference, token string, caBundle string, apiEndpoint string) (*clientauthenticationv1beta1.ExecCredential, error) { +func ExchangeToken(ctx context.Context, namespace string, authenticator corev1.TypedLocalObjectReference, token string, caBundle string, apiEndpoint string) (*clientauthenticationv1beta1.ExecCredential, error) { client, err := getClient(apiEndpoint, caBundle) if err != nil { return nil, fmt.Errorf("could not get API client: %w", err) @@ -34,8 +34,8 @@ func ExchangeToken(ctx context.Context, namespace string, idp corev1.TypedLocalO Namespace: namespace, }, Spec: v1alpha1.TokenCredentialRequestSpec{ - Token: token, - IdentityProvider: idp, + Token: token, + Authenticator: authenticator, }, }, metav1.CreateOptions{}) if err != nil { diff --git a/internal/client/client_test.go b/internal/client/client_test.go index 42a4c4028..7a0e47cfa 100644 --- a/internal/client/client_test.go +++ b/internal/client/client_test.go @@ -16,8 +16,8 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" clientauthenticationv1beta1 "k8s.io/client-go/pkg/apis/clientauthentication/v1beta1" + auth1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" loginv1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" "go.pinniped.dev/internal/testutil" ) @@ -25,15 +25,15 @@ func TestExchangeToken(t *testing.T) { t.Parallel() ctx := context.Background() - testIDP := corev1.TypedLocalObjectReference{ - APIGroup: &idpv1alpha1.SchemeGroupVersion.Group, - Kind: "WebhookIdentityProvider", + testAuthenticator := corev1.TypedLocalObjectReference{ + APIGroup: &auth1alpha1.SchemeGroupVersion.Group, + Kind: "WebhookAuthenticator", Name: "test-webhook", } t.Run("invalid configuration", func(t *testing.T) { t.Parallel() - got, err := ExchangeToken(ctx, "test-namespace", testIDP, "", "", "") + got, err := ExchangeToken(ctx, "test-namespace", testAuthenticator, "", "", "") require.EqualError(t, err, "could not get API client: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable") require.Nil(t, got) }) @@ -46,7 +46,7 @@ func TestExchangeToken(t *testing.T) { _, _ = w.Write([]byte("some server error")) }) - got, err := ExchangeToken(ctx, "test-namespace", testIDP, "", caBundle, endpoint) + got, err := ExchangeToken(ctx, "test-namespace", testAuthenticator, "", caBundle, endpoint) require.EqualError(t, err, `could not login: an error on the server ("some server error") has prevented the request from succeeding (post tokencredentialrequests.login.concierge.pinniped.dev)`) require.Nil(t, got) }) @@ -63,7 +63,7 @@ func TestExchangeToken(t *testing.T) { }) }) - got, err := ExchangeToken(ctx, "test-namespace", testIDP, "", caBundle, endpoint) + got, err := ExchangeToken(ctx, "test-namespace", testAuthenticator, "", caBundle, endpoint) require.EqualError(t, err, `login failed: some login failure`) require.Nil(t, got) }) @@ -78,7 +78,7 @@ func TestExchangeToken(t *testing.T) { }) }) - got, err := ExchangeToken(ctx, "test-namespace", testIDP, "", caBundle, endpoint) + got, err := ExchangeToken(ctx, "test-namespace", testAuthenticator, "", caBundle, endpoint) require.EqualError(t, err, `login failed: unknown`) require.Nil(t, got) }) @@ -105,9 +105,9 @@ func TestExchangeToken(t *testing.T) { }, "spec": { "token": "test-token", - "identityProvider": { - "apiGroup": "idp.pinniped.dev", - "kind": "WebhookIdentityProvider", + "authenticator": { + "apiGroup": "authentication.concierge.pinniped.dev", + "kind": "WebhookAuthenticator", "name": "test-webhook" } }, @@ -129,7 +129,7 @@ func TestExchangeToken(t *testing.T) { }) }) - got, err := ExchangeToken(ctx, "test-namespace", testIDP, "test-token", caBundle, endpoint) + got, err := ExchangeToken(ctx, "test-namespace", testAuthenticator, "test-token", caBundle, endpoint) require.NoError(t, err) require.Equal(t, &clientauthenticationv1beta1.ExecCredential{ TypeMeta: metav1.TypeMeta{ diff --git a/internal/concierge/server/server.go b/internal/concierge/server/server.go index d474dcf8d..b3667b4df 100644 --- a/internal/concierge/server/server.go +++ b/internal/concierge/server/server.go @@ -18,7 +18,7 @@ import ( "go.pinniped.dev/internal/certauthority/dynamiccertauthority" "go.pinniped.dev/internal/concierge/apiserver" "go.pinniped.dev/internal/config/concierge" - "go.pinniped.dev/internal/controller/identityprovider/idpcache" + "go.pinniped.dev/internal/controller/authenticator/authncache" "go.pinniped.dev/internal/controllermanager" "go.pinniped.dev/internal/downward" "go.pinniped.dev/internal/dynamiccert" @@ -104,8 +104,8 @@ func (a *App) runServer(ctx context.Context) error { } serverInstallationNamespace := podInfo.Namespace - // Initialize the cache of active identity providers. - idpCache := idpcache.New() + // Initialize the cache of active authenticators. + authenticators := authncache.New() // This cert provider will provide certs to the API server and will // be mutated by a controller to keep the certs up to date with what @@ -131,7 +131,7 @@ func (a *App) runServer(ctx context.Context) error { DynamicSigningCertProvider: dynamicSigningCertProvider, ServingCertDuration: time.Duration(*cfg.APIConfig.ServingCertificateConfig.DurationSeconds) * time.Second, ServingCertRenewBefore: time.Duration(*cfg.APIConfig.ServingCertificateConfig.RenewBeforeSeconds) * time.Second, - IDPCache: idpCache, + AuthenticatorCache: authenticators, }, ) if err != nil { @@ -141,7 +141,7 @@ func (a *App) runServer(ctx context.Context) error { // Get the aggregated API server config. aggregatedAPIServerConfig, err := getAggregatedAPIServerConfig( dynamicServingCertProvider, - idpCache, + authenticators, dynamiccertauthority.New(dynamicSigningCertProvider), startControllersFunc, ) diff --git a/internal/controller/identityprovider/idpcache/cache.go b/internal/controller/authenticator/authncache/cache.go similarity index 75% rename from internal/controller/identityprovider/idpcache/cache.go rename to internal/controller/authenticator/authncache/cache.go index ee51ca6c0..00de2e1ef 100644 --- a/internal/controller/identityprovider/idpcache/cache.go +++ b/internal/controller/authenticator/authncache/cache.go @@ -1,8 +1,8 @@ // Copyright 2020 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -// Package idpcache implements a cache of active identity providers. -package idpcache +// Package authncache implements a cache of active authenticators. +package authncache import ( "context" @@ -17,12 +17,12 @@ import ( ) var ( - // ErrNoSuchIDP is returned by Cache.AuthenticateTokenCredentialRequest() when the requested IDP is not configured. - ErrNoSuchIDP = fmt.Errorf("no such identity provider") + // ErrNoSuchAuthenticator is returned by Cache.AuthenticateTokenCredentialRequest() when the requested authenticator is not configured. + ErrNoSuchAuthenticator = fmt.Errorf("no such authenticator") ) -// Cache implements the authenticator.Token interface by multiplexing across a dynamic set of identity providers -// loaded from IDP resources. +// Cache implements the authenticator.Token interface by multiplexing across a dynamic set of authenticators +// loaded from authenticator resources. type Cache struct { cache sync.Map } @@ -43,7 +43,7 @@ func New() *Cache { return &Cache{} } -// Get an identity provider by key. +// Get an authenticator by key. func (c *Cache) Get(key Key) Value { res, _ := c.cache.Load(key) if res == nil { @@ -52,12 +52,12 @@ func (c *Cache) Get(key Key) Value { return res.(Value) } -// Store an identity provider into the cache. +// Store an authenticator into the cache. func (c *Cache) Store(key Key, value Value) { c.cache.Store(key, value) } -// Delete an identity provider from the cache. +// Delete an authenticator from the cache. func (c *Cache) Delete(key Key) { c.cache.Delete(key) } @@ -84,23 +84,23 @@ func (c *Cache) AuthenticateTokenCredentialRequest(ctx context.Context, req *log // Map the incoming request to a cache key. key := Key{ Namespace: req.Namespace, - Name: req.Spec.IdentityProvider.Name, - Kind: req.Spec.IdentityProvider.Kind, + Name: req.Spec.Authenticator.Name, + Kind: req.Spec.Authenticator.Kind, } - if req.Spec.IdentityProvider.APIGroup != nil { - key.APIGroup = *req.Spec.IdentityProvider.APIGroup + if req.Spec.Authenticator.APIGroup != nil { + key.APIGroup = *req.Spec.Authenticator.APIGroup } val := c.Get(key) if val == nil { - return nil, ErrNoSuchIDP + return nil, ErrNoSuchAuthenticator } // The incoming context could have an audience. Since we do not want to handle audiences right now, do not pass it // through directly to the authentication webhook. ctx = valuelessContext{ctx} - // Call the selected IDP. + // Call the selected authenticator. resp, authenticated, err := val.AuthenticateToken(ctx, req.Spec.Token) if err != nil { return nil, err diff --git a/internal/controller/identityprovider/idpcache/cache_test.go b/internal/controller/authenticator/authncache/cache_test.go similarity index 90% rename from internal/controller/identityprovider/idpcache/cache_test.go rename to internal/controller/authenticator/authncache/cache_test.go index c00396791..bd38d5c34 100644 --- a/internal/controller/identityprovider/idpcache/cache_test.go +++ b/internal/controller/authenticator/authncache/cache_test.go @@ -1,7 +1,7 @@ // Copyright 2020 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -package idpcache +package authncache import ( "context" @@ -17,8 +17,8 @@ import ( "k8s.io/apiserver/pkg/authentication/authenticator" "k8s.io/apiserver/pkg/authentication/user" + authv1alpha "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" loginapi "go.pinniped.dev/generated/1.19/apis/concierge/login" - idpv1alpha "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" "go.pinniped.dev/internal/mocks/mocktokenauthenticator" ) @@ -31,13 +31,13 @@ func TestCache(t *testing.T) { cache := New() require.NotNil(t, cache) - key1 := Key{Namespace: "foo", Name: "idp-one"} + key1 := Key{Namespace: "foo", Name: "authenticator-one"} mockToken1 := mocktokenauthenticator.NewMockToken(ctrl) cache.Store(key1, mockToken1) require.Equal(t, mockToken1, cache.Get(key1)) require.Equal(t, 1, len(cache.Keys())) - key2 := Key{Namespace: "foo", Name: "idp-two"} + key2 := Key{Namespace: "foo", Name: "authenticator-two"} mockToken2 := mocktokenauthenticator.NewMockToken(ctrl) cache.Store(key2, mockToken2) require.Equal(t, mockToken2, cache.Get(key2)) @@ -75,9 +75,9 @@ func TestAuthenticateTokenCredentialRequest(t *testing.T) { Namespace: "test-namespace", }, Spec: loginapi.TokenCredentialRequestSpec{ - IdentityProvider: corev1.TypedLocalObjectReference{ - APIGroup: &idpv1alpha.SchemeGroupVersion.Group, - Kind: "WebhookIdentityProvider", + Authenticator: corev1.TypedLocalObjectReference{ + APIGroup: &authv1alpha.SchemeGroupVersion.Group, + Kind: "WebhookAuthenticator", Name: "test-name", }, Token: "test-token", @@ -85,10 +85,10 @@ func TestAuthenticateTokenCredentialRequest(t *testing.T) { Status: loginapi.TokenCredentialRequestStatus{}, } validRequestKey := Key{ - APIGroup: *validRequest.Spec.IdentityProvider.APIGroup, - Kind: validRequest.Spec.IdentityProvider.Kind, + APIGroup: *validRequest.Spec.Authenticator.APIGroup, + Kind: validRequest.Spec.Authenticator.Kind, Namespace: validRequest.Namespace, - Name: validRequest.Spec.IdentityProvider.Name, + Name: validRequest.Spec.Authenticator.Name, } mockCache := func(t *testing.T, res *authenticator.Response, authenticated bool, err error) *Cache { @@ -101,10 +101,10 @@ func TestAuthenticateTokenCredentialRequest(t *testing.T) { return c } - t.Run("no such IDP", func(t *testing.T) { + t.Run("no such authenticator", func(t *testing.T) { c := New() res, err := c.AuthenticateTokenCredentialRequest(context.Background(), validRequest.DeepCopy()) - require.EqualError(t, err, "no such identity provider") + require.EqualError(t, err, "no such authenticator") require.Nil(t, res) }) diff --git a/internal/controller/identityprovider/webhookcachecleaner/webhookcachecleaner.go b/internal/controller/authenticator/webhookcachecleaner/webhookcachecleaner.go similarity index 55% rename from internal/controller/identityprovider/webhookcachecleaner/webhookcachecleaner.go rename to internal/controller/authenticator/webhookcachecleaner/webhookcachecleaner.go index ba8944ab6..c867c1aa7 100644 --- a/internal/controller/identityprovider/webhookcachecleaner/webhookcachecleaner.go +++ b/internal/controller/authenticator/webhookcachecleaner/webhookcachecleaner.go @@ -1,7 +1,7 @@ // Copyright 2020 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -// Package webhookcachecleaner implements a controller for garbage collectting webhook IDPs from an IDP cache. +// Package webhookcachecleaner implements a controller for garbage collecting webhook authenticators from an authenticator cache. package webhookcachecleaner import ( @@ -11,26 +11,26 @@ import ( "k8s.io/apimachinery/pkg/labels" "k8s.io/klog/v2" - idpv1alpha1 "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" - idpinformers "go.pinniped.dev/generated/1.19/client/informers/externalversions/idp/v1alpha1" + auth1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" + authinformers "go.pinniped.dev/generated/1.19/client/informers/externalversions/authentication/v1alpha1" pinnipedcontroller "go.pinniped.dev/internal/controller" - "go.pinniped.dev/internal/controller/identityprovider/idpcache" + "go.pinniped.dev/internal/controller/authenticator/authncache" "go.pinniped.dev/internal/controllerlib" ) // New instantiates a new controllerlib.Controller which will garbage collect webhooks from the provided Cache. -func New(cache *idpcache.Cache, webhookIDPs idpinformers.WebhookIdentityProviderInformer, log logr.Logger) controllerlib.Controller { +func New(cache *authncache.Cache, webhooks authinformers.WebhookAuthenticatorInformer, log logr.Logger) controllerlib.Controller { return controllerlib.New( controllerlib.Config{ Name: "webhookcachecleaner-controller", Syncer: &controller{ - cache: cache, - webhookIDPs: webhookIDPs, - log: log.WithName("webhookcachecleaner-controller"), + cache: cache, + webhooks: webhooks, + log: log.WithName("webhookcachecleaner-controller"), }, }, controllerlib.WithInformer( - webhookIDPs, + webhooks, pinnipedcontroller.MatchAnythingFilter(), controllerlib.InformerOption{}, ), @@ -38,20 +38,20 @@ func New(cache *idpcache.Cache, webhookIDPs idpinformers.WebhookIdentityProvider } type controller struct { - cache *idpcache.Cache - webhookIDPs idpinformers.WebhookIdentityProviderInformer - log logr.Logger + cache *authncache.Cache + webhooks authinformers.WebhookAuthenticatorInformer + log logr.Logger } // Sync implements controllerlib.Syncer. func (c *controller) Sync(_ controllerlib.Context) error { - webhooks, err := c.webhookIDPs.Lister().List(labels.Everything()) + webhooks, err := c.webhooks.Lister().List(labels.Everything()) if err != nil { - return fmt.Errorf("failed to list WebhookIdentityProviders: %w", err) + return fmt.Errorf("failed to list WebhookAuthenticators: %w", err) } // Index the current webhooks by key. - webhooksByKey := map[controllerlib.Key]*idpv1alpha1.WebhookIdentityProvider{} + webhooksByKey := map[controllerlib.Key]*auth1alpha1.WebhookAuthenticator{} for _, webhook := range webhooks { key := controllerlib.Key{Namespace: webhook.Namespace, Name: webhook.Name} webhooksByKey[key] = webhook @@ -59,11 +59,11 @@ func (c *controller) Sync(_ controllerlib.Context) error { // Delete any entries from the cache which are no longer in the cluster. for _, key := range c.cache.Keys() { - if key.APIGroup != idpv1alpha1.SchemeGroupVersion.Group || key.Kind != "WebhookIdentityProvider" { + if key.APIGroup != auth1alpha1.SchemeGroupVersion.Group || key.Kind != "WebhookAuthenticator" { continue } if _, exists := webhooksByKey[controllerlib.Key{Namespace: key.Namespace, Name: key.Name}]; !exists { - c.log.WithValues("idp", klog.KRef(key.Namespace, key.Name)).Info("deleting webhook IDP from cache") + c.log.WithValues("webhook", klog.KRef(key.Namespace, key.Name)).Info("deleting webhook authenticator from cache") c.cache.Delete(key) } } diff --git a/internal/controller/identityprovider/webhookcachecleaner/webhookcachecleaner_test.go b/internal/controller/authenticator/webhookcachecleaner/webhookcachecleaner_test.go similarity index 63% rename from internal/controller/identityprovider/webhookcachecleaner/webhookcachecleaner_test.go rename to internal/controller/authenticator/webhookcachecleaner/webhookcachecleaner_test.go index 70ea0197b..4301dd29b 100644 --- a/internal/controller/identityprovider/webhookcachecleaner/webhookcachecleaner_test.go +++ b/internal/controller/authenticator/webhookcachecleaner/webhookcachecleaner_test.go @@ -12,10 +12,10 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" - idpv1alpha "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" + authv1alpha "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" pinnipedfake "go.pinniped.dev/generated/1.19/client/clientset/versioned/fake" pinnipedinformers "go.pinniped.dev/generated/1.19/client/informers/externalversions" - "go.pinniped.dev/internal/controller/identityprovider/idpcache" + "go.pinniped.dev/internal/controller/authenticator/authncache" "go.pinniped.dev/internal/controllerlib" "go.pinniped.dev/internal/testutil/testlogger" ) @@ -23,74 +23,74 @@ import ( func TestController(t *testing.T) { t.Parallel() - testKey1 := idpcache.Key{ - APIGroup: "idp.pinniped.dev", - Kind: "WebhookIdentityProvider", + testKey1 := authncache.Key{ + APIGroup: "authentication.concierge.pinniped.dev", + Kind: "WebhookAuthenticator", Namespace: "test-namespace", Name: "test-name-one", } - testKey2 := idpcache.Key{ - APIGroup: "idp.pinniped.dev", - Kind: "WebhookIdentityProvider", + testKey2 := authncache.Key{ + APIGroup: "authentication.concierge.pinniped.dev", + Kind: "WebhookAuthenticator", Namespace: "test-namespace", Name: "test-name-two", } - testKeyNonwebhook := idpcache.Key{ - APIGroup: "idp.pinniped.dev", - Kind: "SomeOtherIdentityProvider", + testKeyNonwebhook := authncache.Key{ + APIGroup: "authentication.concierge.pinniped.dev", + Kind: "SomeOtherAuthenticator", Namespace: "test-namespace", Name: "test-name-one", } tests := []struct { name string - webhookIDPs []runtime.Object - initialCache map[idpcache.Key]idpcache.Value + webhooks []runtime.Object + initialCache map[authncache.Key]authncache.Value wantErr string wantLogs []string - wantCacheKeys []idpcache.Key + wantCacheKeys []authncache.Key }{ { name: "no change", - initialCache: map[idpcache.Key]idpcache.Value{testKey1: nil}, - webhookIDPs: []runtime.Object{ - &idpv1alpha.WebhookIdentityProvider{ + initialCache: map[authncache.Key]authncache.Value{testKey1: nil}, + webhooks: []runtime.Object{ + &authv1alpha.WebhookAuthenticator{ ObjectMeta: metav1.ObjectMeta{ Namespace: testKey1.Namespace, Name: testKey1.Name, }, }, }, - wantCacheKeys: []idpcache.Key{testKey1}, + wantCacheKeys: []authncache.Key{testKey1}, }, { - name: "IDPs not yet added", + name: "authenticators not yet added", initialCache: nil, - webhookIDPs: []runtime.Object{ - &idpv1alpha.WebhookIdentityProvider{ + webhooks: []runtime.Object{ + &authv1alpha.WebhookAuthenticator{ ObjectMeta: metav1.ObjectMeta{ Namespace: testKey1.Namespace, Name: testKey1.Name, }, }, - &idpv1alpha.WebhookIdentityProvider{ + &authv1alpha.WebhookAuthenticator{ ObjectMeta: metav1.ObjectMeta{ Namespace: testKey2.Namespace, Name: testKey2.Name, }, }, }, - wantCacheKeys: []idpcache.Key{}, + wantCacheKeys: []authncache.Key{}, }, { name: "successful cleanup", - initialCache: map[idpcache.Key]idpcache.Value{ + initialCache: map[authncache.Key]authncache.Value{ testKey1: nil, testKey2: nil, testKeyNonwebhook: nil, }, - webhookIDPs: []runtime.Object{ - &idpv1alpha.WebhookIdentityProvider{ + webhooks: []runtime.Object{ + &authv1alpha.WebhookAuthenticator{ ObjectMeta: metav1.ObjectMeta{ Namespace: testKey1.Namespace, Name: testKey1.Name, @@ -98,9 +98,9 @@ func TestController(t *testing.T) { }, }, wantLogs: []string{ - `webhookcachecleaner-controller "level"=0 "msg"="deleting webhook IDP from cache" "idp"={"name":"test-name-two","namespace":"test-namespace"}`, + `webhookcachecleaner-controller "level"=0 "msg"="deleting webhook authenticator from cache" "webhook"={"name":"test-name-two","namespace":"test-namespace"}`, }, - wantCacheKeys: []idpcache.Key{testKey1, testKeyNonwebhook}, + wantCacheKeys: []authncache.Key{testKey1, testKeyNonwebhook}, }, } for _, tt := range tests { @@ -108,15 +108,15 @@ func TestController(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - fakeClient := pinnipedfake.NewSimpleClientset(tt.webhookIDPs...) + fakeClient := pinnipedfake.NewSimpleClientset(tt.webhooks...) informers := pinnipedinformers.NewSharedInformerFactory(fakeClient, 0) - cache := idpcache.New() + cache := authncache.New() for k, v := range tt.initialCache { cache.Store(k, v) } testLog := testlogger.New(t) - controller := New(cache, informers.IDP().V1alpha1().WebhookIdentityProviders(), testLog) + controller := New(cache, informers.Authentication().V1alpha1().WebhookAuthenticators(), testLog) ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second) defer cancel() diff --git a/internal/controller/identityprovider/webhookcachefiller/webhookcachefiller.go b/internal/controller/authenticator/webhookcachefiller/webhookcachefiller.go similarity index 71% rename from internal/controller/identityprovider/webhookcachefiller/webhookcachefiller.go rename to internal/controller/authenticator/webhookcachefiller/webhookcachefiller.go index c2c642a51..863f3f8c7 100644 --- a/internal/controller/identityprovider/webhookcachefiller/webhookcachefiller.go +++ b/internal/controller/authenticator/webhookcachefiller/webhookcachefiller.go @@ -1,7 +1,7 @@ // Copyright 2020 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -// Package webhookcachefiller implements a controller for filling an idpcache.Cache with each added/updated WebhookIdentityProvider. +// Package webhookcachefiller implements a controller for filling an authncache.Cache with each added/updated WebhookAuthenticator. package webhookcachefiller import ( @@ -20,26 +20,26 @@ import ( clientcmdapi "k8s.io/client-go/tools/clientcmd/api" "k8s.io/klog/v2" - idpv1alpha1 "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" - idpinformers "go.pinniped.dev/generated/1.19/client/informers/externalversions/idp/v1alpha1" + auth1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" + authinformers "go.pinniped.dev/generated/1.19/client/informers/externalversions/authentication/v1alpha1" pinnipedcontroller "go.pinniped.dev/internal/controller" - "go.pinniped.dev/internal/controller/identityprovider/idpcache" + "go.pinniped.dev/internal/controller/authenticator/authncache" "go.pinniped.dev/internal/controllerlib" ) -// New instantiates a new controllerlib.Controller which will populate the provided idpcache.Cache. -func New(cache *idpcache.Cache, webhookIDPs idpinformers.WebhookIdentityProviderInformer, log logr.Logger) controllerlib.Controller { +// New instantiates a new controllerlib.Controller which will populate the provided authncache.Cache. +func New(cache *authncache.Cache, webhooks authinformers.WebhookAuthenticatorInformer, log logr.Logger) controllerlib.Controller { return controllerlib.New( controllerlib.Config{ Name: "webhookcachefiller-controller", Syncer: &controller{ - cache: cache, - webhookIDPs: webhookIDPs, - log: log.WithName("webhookcachefiller-controller"), + cache: cache, + webhooks: webhooks, + log: log.WithName("webhookcachefiller-controller"), }, }, controllerlib.WithInformer( - webhookIDPs, + webhooks, pinnipedcontroller.MatchAnythingFilter(), controllerlib.InformerOption{}, ), @@ -47,20 +47,20 @@ func New(cache *idpcache.Cache, webhookIDPs idpinformers.WebhookIdentityProvider } type controller struct { - cache *idpcache.Cache - webhookIDPs idpinformers.WebhookIdentityProviderInformer - log logr.Logger + cache *authncache.Cache + webhooks authinformers.WebhookAuthenticatorInformer + log logr.Logger } // Sync implements controllerlib.Syncer. func (c *controller) Sync(ctx controllerlib.Context) error { - obj, err := c.webhookIDPs.Lister().WebhookIdentityProviders(ctx.Key.Namespace).Get(ctx.Key.Name) + obj, err := c.webhooks.Lister().WebhookAuthenticators(ctx.Key.Namespace).Get(ctx.Key.Name) if err != nil && errors.IsNotFound(err) { - c.log.Info("Sync() found that the WebhookIdentityProvider does not exist yet or was deleted") + c.log.Info("Sync() found that the WebhookAuthenticator does not exist yet or was deleted") return nil } if err != nil { - return fmt.Errorf("failed to get WebhookIdentityProvider %s/%s: %w", ctx.Key.Namespace, ctx.Key.Name, err) + return fmt.Errorf("failed to get WebhookAuthenticator %s/%s: %w", ctx.Key.Namespace, ctx.Key.Name, err) } webhookAuthenticator, err := newWebhookAuthenticator(&obj.Spec, ioutil.TempFile, clientcmd.WriteToFile) @@ -68,20 +68,20 @@ func (c *controller) Sync(ctx controllerlib.Context) error { return fmt.Errorf("failed to build webhook config: %w", err) } - c.cache.Store(idpcache.Key{ - APIGroup: idpv1alpha1.GroupName, - Kind: "WebhookIdentityProvider", + c.cache.Store(authncache.Key{ + APIGroup: auth1alpha1.GroupName, + Kind: "WebhookAuthenticator", Namespace: ctx.Key.Namespace, Name: ctx.Key.Name, }, webhookAuthenticator) - c.log.WithValues("idp", klog.KObj(obj), "endpoint", obj.Spec.Endpoint).Info("added new webhook IDP") + c.log.WithValues("webhook", klog.KObj(obj), "endpoint", obj.Spec.Endpoint).Info("added new webhook authenticator") return nil } // newWebhookAuthenticator creates a webhook from the provided API server url and caBundle // used to validate TLS connections. func newWebhookAuthenticator( - spec *idpv1alpha1.WebhookIdentityProviderSpec, + spec *auth1alpha1.WebhookAuthenticatorSpec, tempfileFunc func(string, string) (*os.File, error), marshalFunc func(clientcmdapi.Config, string) error, ) (*webhook.WebhookTokenAuthenticator, error) { @@ -122,7 +122,7 @@ func newWebhookAuthenticator( return webhook.New(temp.Name(), version, implicitAuds, customDial) } -func getCABundle(spec *idpv1alpha1.TLSSpec) ([]byte, error) { +func getCABundle(spec *auth1alpha1.TLSSpec) ([]byte, error) { if spec == nil { return nil, nil } diff --git a/internal/controller/identityprovider/webhookcachefiller/webhookcachefiller_test.go b/internal/controller/authenticator/webhookcachefiller/webhookcachefiller_test.go similarity index 78% rename from internal/controller/identityprovider/webhookcachefiller/webhookcachefiller_test.go rename to internal/controller/authenticator/webhookcachefiller/webhookcachefiller_test.go index cde852162..d70a88fdd 100644 --- a/internal/controller/identityprovider/webhookcachefiller/webhookcachefiller_test.go +++ b/internal/controller/authenticator/webhookcachefiller/webhookcachefiller_test.go @@ -19,10 +19,10 @@ import ( "k8s.io/client-go/tools/clientcmd" clientcmdapi "k8s.io/client-go/tools/clientcmd/api" - idpv1alpha1 "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" + auth1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" pinnipedfake "go.pinniped.dev/generated/1.19/client/clientset/versioned/fake" pinnipedinformers "go.pinniped.dev/generated/1.19/client/informers/externalversions" - "go.pinniped.dev/internal/controller/identityprovider/idpcache" + "go.pinniped.dev/internal/controller/authenticator/authncache" "go.pinniped.dev/internal/controllerlib" "go.pinniped.dev/internal/testutil" "go.pinniped.dev/internal/testutil/testlogger" @@ -34,7 +34,7 @@ func TestController(t *testing.T) { tests := []struct { name string syncKey controllerlib.Key - webhookIDPs []runtime.Object + webhooks []runtime.Object wantErr string wantLogs []string wantCacheEntries int @@ -43,19 +43,19 @@ func TestController(t *testing.T) { name: "not found", syncKey: controllerlib.Key{Namespace: "test-namespace", Name: "test-name"}, wantLogs: []string{ - `webhookcachefiller-controller "level"=0 "msg"="Sync() found that the WebhookIdentityProvider does not exist yet or was deleted"`, + `webhookcachefiller-controller "level"=0 "msg"="Sync() found that the WebhookAuthenticator does not exist yet or was deleted"`, }, }, { name: "invalid webhook", syncKey: controllerlib.Key{Namespace: "test-namespace", Name: "test-name"}, - webhookIDPs: []runtime.Object{ - &idpv1alpha1.WebhookIdentityProvider{ + webhooks: []runtime.Object{ + &auth1alpha1.WebhookAuthenticator{ ObjectMeta: metav1.ObjectMeta{ Namespace: "test-namespace", Name: "test-name", }, - Spec: idpv1alpha1.WebhookIdentityProviderSpec{ + Spec: auth1alpha1.WebhookAuthenticatorSpec{ Endpoint: "invalid url", }, }, @@ -65,20 +65,20 @@ func TestController(t *testing.T) { { name: "valid webhook", syncKey: controllerlib.Key{Namespace: "test-namespace", Name: "test-name"}, - webhookIDPs: []runtime.Object{ - &idpv1alpha1.WebhookIdentityProvider{ + webhooks: []runtime.Object{ + &auth1alpha1.WebhookAuthenticator{ ObjectMeta: metav1.ObjectMeta{ Namespace: "test-namespace", Name: "test-name", }, - Spec: idpv1alpha1.WebhookIdentityProviderSpec{ + Spec: auth1alpha1.WebhookAuthenticatorSpec{ Endpoint: "https://example.com", - TLS: &idpv1alpha1.TLSSpec{CertificateAuthorityData: ""}, + TLS: &auth1alpha1.TLSSpec{CertificateAuthorityData: ""}, }, }, }, wantLogs: []string{ - `webhookcachefiller-controller "level"=0 "msg"="added new webhook IDP" "endpoint"="https://example.com" "idp"={"name":"test-name","namespace":"test-namespace"}`, + `webhookcachefiller-controller "level"=0 "msg"="added new webhook authenticator" "endpoint"="https://example.com" "webhook"={"name":"test-name","namespace":"test-namespace"}`, }, wantCacheEntries: 1, }, @@ -88,12 +88,12 @@ func TestController(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - fakeClient := pinnipedfake.NewSimpleClientset(tt.webhookIDPs...) + fakeClient := pinnipedfake.NewSimpleClientset(tt.webhooks...) informers := pinnipedinformers.NewSharedInformerFactory(fakeClient, 0) - cache := idpcache.New() + cache := authncache.New() testLog := testlogger.New(t) - controller := New(cache, informers.IDP().V1alpha1().WebhookIdentityProviders(), testLog) + controller := New(cache, informers.Authentication().V1alpha1().WebhookAuthenticators(), testLog) ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second) defer cancel() @@ -124,22 +124,22 @@ func TestNewWebhookAuthenticator(t *testing.T) { t.Run("marshal failure", func(t *testing.T) { marshalError := func(_ clientcmdapi.Config, _ string) error { return fmt.Errorf("some marshal error") } - res, err := newWebhookAuthenticator(&idpv1alpha1.WebhookIdentityProviderSpec{}, ioutil.TempFile, marshalError) + res, err := newWebhookAuthenticator(&auth1alpha1.WebhookAuthenticatorSpec{}, ioutil.TempFile, marshalError) require.Nil(t, res) require.EqualError(t, err, "unable to marshal kubeconfig: some marshal error") }) t.Run("invalid base64", func(t *testing.T) { - res, err := newWebhookAuthenticator(&idpv1alpha1.WebhookIdentityProviderSpec{ + res, err := newWebhookAuthenticator(&auth1alpha1.WebhookAuthenticatorSpec{ Endpoint: "https://example.com", - TLS: &idpv1alpha1.TLSSpec{CertificateAuthorityData: "invalid-base64"}, + TLS: &auth1alpha1.TLSSpec{CertificateAuthorityData: "invalid-base64"}, }, ioutil.TempFile, clientcmd.WriteToFile) require.Nil(t, res) require.EqualError(t, err, "invalid TLS configuration: illegal base64 data at input byte 7") }) t.Run("valid config with no TLS spec", func(t *testing.T) { - res, err := newWebhookAuthenticator(&idpv1alpha1.WebhookIdentityProviderSpec{ + res, err := newWebhookAuthenticator(&auth1alpha1.WebhookAuthenticatorSpec{ Endpoint: "https://example.com", }, ioutil.TempFile, clientcmd.WriteToFile) require.NotNil(t, res) @@ -154,9 +154,9 @@ func TestNewWebhookAuthenticator(t *testing.T) { _, err = w.Write([]byte(`{}`)) require.NoError(t, err) }) - spec := &idpv1alpha1.WebhookIdentityProviderSpec{ + spec := &auth1alpha1.WebhookAuthenticatorSpec{ Endpoint: url, - TLS: &idpv1alpha1.TLSSpec{ + TLS: &auth1alpha1.TLSSpec{ CertificateAuthorityData: base64.StdEncoding.EncodeToString([]byte(caBundle)), }, } diff --git a/internal/controllermanager/prepare_controllers.go b/internal/controllermanager/prepare_controllers.go index e4bb8b320..8b3b85f5a 100644 --- a/internal/controllermanager/prepare_controllers.go +++ b/internal/controllermanager/prepare_controllers.go @@ -24,9 +24,9 @@ import ( pinnipedinformers "go.pinniped.dev/generated/1.19/client/informers/externalversions" "go.pinniped.dev/internal/config/concierge" "go.pinniped.dev/internal/controller/apicerts" - "go.pinniped.dev/internal/controller/identityprovider/idpcache" - "go.pinniped.dev/internal/controller/identityprovider/webhookcachecleaner" - "go.pinniped.dev/internal/controller/identityprovider/webhookcachefiller" + "go.pinniped.dev/internal/controller/authenticator/authncache" + "go.pinniped.dev/internal/controller/authenticator/webhookcachecleaner" + "go.pinniped.dev/internal/controller/authenticator/webhookcachefiller" "go.pinniped.dev/internal/controller/issuerconfig" "go.pinniped.dev/internal/controller/kubecertagent" "go.pinniped.dev/internal/controllerlib" @@ -70,8 +70,8 @@ type Config struct { // certificate. ServingCertRenewBefore time.Duration - // IDPCache is a cache of authenticators shared amongst various IDP-related controllers. - IDPCache *idpcache.Cache + // AuthenticatorCache is a cache of authenticators shared amongst various authenticated-related controllers. + AuthenticatorCache *authncache.Cache // Labels are labels that should be added to any resources created by the controllers. Labels map[string]string @@ -227,20 +227,20 @@ func PrepareControllers(c *Config) (func(ctx context.Context), error) { singletonWorker, ). - // The cache filler controllers are responsible for keep an in-memory representation of active - // IDPs up to date. + // The cache filler/cleaner controllers are responsible for keep an in-memory representation of active + // authenticators up to date. WithController( webhookcachefiller.New( - c.IDPCache, - informers.installationNamespacePinniped.IDP().V1alpha1().WebhookIdentityProviders(), + c.AuthenticatorCache, + informers.installationNamespacePinniped.Authentication().V1alpha1().WebhookAuthenticators(), klogr.New(), ), singletonWorker, ). WithController( webhookcachecleaner.New( - c.IDPCache, - informers.installationNamespacePinniped.IDP().V1alpha1().WebhookIdentityProviders(), + c.AuthenticatorCache, + informers.installationNamespacePinniped.Authentication().V1alpha1().WebhookAuthenticators(), klogr.New(), ), singletonWorker, diff --git a/test/integration/cli_test.go b/test/integration/cli_test.go index 35d2fd965..93d8fb198 100644 --- a/test/integration/cli_test.go +++ b/test/integration/cli_test.go @@ -38,13 +38,13 @@ func TestCLIGetKubeconfig(t *testing.T) { ctx, cancelFunc := context.WithTimeout(context.Background(), 4*time.Minute) defer cancelFunc() - idp := library.CreateTestWebhookIDP(ctx, t) + authenticator := library.CreateTestWebhookAuthenticator(ctx, t) // Build pinniped CLI. pinnipedExe := buildPinnipedCLI(t) // Run pinniped CLI to get kubeconfig. - kubeConfigYAML := runPinnipedCLIGetKubeconfig(t, pinnipedExe, env.TestUser.Token, env.ConciergeNamespace, "webhook", idp.Name) + kubeConfigYAML := runPinnipedCLIGetKubeconfig(t, pinnipedExe, env.TestUser.Token, env.ConciergeNamespace, "webhook", authenticator.Name) // In addition to the client-go based testing below, also try the kubeconfig // with kubectl to validate that it works. @@ -91,7 +91,7 @@ func buildPinnipedCLI(t *testing.T) string { return pinnipedExe } -func runPinnipedCLIGetKubeconfig(t *testing.T, pinnipedExe, token, namespaceName, idpType, idpName string) string { +func runPinnipedCLIGetKubeconfig(t *testing.T, pinnipedExe, token, namespaceName, authenticatorType, authenticatorName string) string { t.Helper() output, err := exec.Command( @@ -99,8 +99,8 @@ func runPinnipedCLIGetKubeconfig(t *testing.T, pinnipedExe, token, namespaceName "get-kubeconfig", "--token", token, "--pinniped-namespace", namespaceName, - "--idp-type", idpType, - "--idp-name", idpName, + "--authenticator-type", authenticatorType, + "--authenticator-name", authenticatorName, ).CombinedOutput() require.NoError(t, err, string(output)) diff --git a/test/integration/client_test.go b/test/integration/client_test.go index a5dba407b..6e4701204 100644 --- a/test/integration/client_test.go +++ b/test/integration/client_test.go @@ -60,7 +60,7 @@ func TestClient(t *testing.T) { ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second) defer cancel() - idp := library.CreateTestWebhookIDP(ctx, t) + webhook := library.CreateTestWebhookAuthenticator(ctx, t) // Use an invalid certificate/key to validate that the ServerVersion API fails like we assume. invalidClient := library.NewClientsetWithCertAndKey(t, testCert, testKey) @@ -72,7 +72,7 @@ func TestClient(t *testing.T) { var resp *clientauthenticationv1beta1.ExecCredential assert.Eventually(t, func() bool { - resp, err = client.ExchangeToken(ctx, env.ConciergeNamespace, idp, env.TestUser.Token, string(clientConfig.CAData), clientConfig.Host) + resp, err = client.ExchangeToken(ctx, env.ConciergeNamespace, webhook, env.TestUser.Token, string(clientConfig.CAData), clientConfig.Host) return err == nil }, 10*time.Second, 500*time.Millisecond) require.NoError(t, err) diff --git a/test/integration/concierge_credentialrequest_test.go b/test/integration/concierge_credentialrequest_test.go index 87adb34c0..869f272c9 100644 --- a/test/integration/concierge_credentialrequest_test.go +++ b/test/integration/concierge_credentialrequest_test.go @@ -16,8 +16,8 @@ import ( "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + auth1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" loginv1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/login/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" "go.pinniped.dev/test/library" ) @@ -28,8 +28,8 @@ func TestUnsuccessfulCredentialRequest(t *testing.T) { defer cancel() response, err := makeRequest(ctx, t, validCredentialRequestSpecWithRealToken(t, corev1.TypedLocalObjectReference{ - APIGroup: &idpv1alpha1.SchemeGroupVersion.Group, - Kind: "WebhookIdentityProvider", + APIGroup: &auth1alpha1.SchemeGroupVersion.Group, + Kind: "WebhookAuthenticator", Name: "some-webhook-that-does-not-exist", })) require.NoError(t, err) @@ -44,7 +44,7 @@ func TestSuccessfulCredentialRequest(t *testing.T) { ctx, cancel := context.WithTimeout(context.Background(), 6*time.Minute) defer cancel() - testWebhook := library.CreateTestWebhookIDP(ctx, t) + testWebhook := library.CreateTestWebhookAuthenticator(ctx, t) var response *loginv1alpha1.TokenCredentialRequest successfulResponse := func() bool { @@ -125,7 +125,7 @@ func TestCredentialRequest_OtherwiseValidRequestWithRealTokenShouldFailWhenTheCl ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second) defer cancel() - testWebhook := library.CreateTestWebhookIDP(ctx, t) + testWebhook := library.CreateTestWebhookAuthenticator(ctx, t) response, err := makeRequest(ctx, t, validCredentialRequestSpecWithRealToken(t, testWebhook)) @@ -152,10 +152,10 @@ func makeRequest(ctx context.Context, t *testing.T, spec loginv1alpha1.TokenCred }, metav1.CreateOptions{}) } -func validCredentialRequestSpecWithRealToken(t *testing.T, idp corev1.TypedLocalObjectReference) loginv1alpha1.TokenCredentialRequestSpec { +func validCredentialRequestSpecWithRealToken(t *testing.T, authenticator corev1.TypedLocalObjectReference) loginv1alpha1.TokenCredentialRequestSpec { return loginv1alpha1.TokenCredentialRequestSpec{ - Token: library.IntegrationEnv(t).TestUser.Token, - IdentityProvider: idp, + Token: library.IntegrationEnv(t).TestUser.Token, + Authenticator: authenticator, } } diff --git a/test/integration/kube_api_discovery_test.go b/test/integration/kube_api_discovery_test.go index d030a0c29..68ba3c26e 100644 --- a/test/integration/kube_api_discovery_test.go +++ b/test/integration/kube_api_discovery_test.go @@ -91,28 +91,27 @@ func TestGetAPIResourceList(t *testing.T) { }, { group: metav1.APIGroup{ - Name: "idp.pinniped.dev", + Name: "authentication.concierge.pinniped.dev", Versions: []metav1.GroupVersionForDiscovery{ { - GroupVersion: "idp.pinniped.dev/v1alpha1", + GroupVersion: "authentication.concierge.pinniped.dev/v1alpha1", Version: "v1alpha1", }, }, PreferredVersion: metav1.GroupVersionForDiscovery{ - GroupVersion: "idp.pinniped.dev/v1alpha1", + GroupVersion: "authentication.concierge.pinniped.dev/v1alpha1", Version: "v1alpha1", }, }, resourceByVersion: map[string][]metav1.APIResource{ - "idp.pinniped.dev/v1alpha1": { + "authentication.concierge.pinniped.dev/v1alpha1": { { - Name: "webhookidentityproviders", - SingularName: "webhookidentityprovider", + Name: "webhookauthenticators", + SingularName: "webhookauthenticator", Namespaced: true, - Kind: "WebhookIdentityProvider", + Kind: "WebhookAuthenticator", Verbs: []string{"delete", "deletecollection", "get", "list", "patch", "create", "update", "watch"}, - ShortNames: []string{"webhookidp", "webhookidps"}, - Categories: []string{"all", "idp", "idps"}, + Categories: []string{"all", "authenticator", "authenticators"}, }, }, }, diff --git a/test/library/client.go b/test/library/client.go index 95f798b45..c7cb1356f 100644 --- a/test/library/client.go +++ b/test/library/client.go @@ -23,8 +23,8 @@ import ( "k8s.io/client-go/tools/clientcmd" aggregatorclient "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset" + auth1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" configv1alpha1 "go.pinniped.dev/generated/1.19/apis/config/v1alpha1" - idpv1alpha1 "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" pinnipedclientset "go.pinniped.dev/generated/1.19/client/clientset/versioned" // Import to initialize client auth plugins - the kubeconfig that we use for @@ -119,20 +119,20 @@ func newAnonymousClientRestConfigWithCertAndKeyAdded(t *testing.T, clientCertifi return config } -// CreateTestWebhookIDP creates and returns a test WebhookIdentityProvider in $PINNIPED_TEST_CONCIERGE_NAMESPACE, which will be +// CreateTestWebhookAuthenticator creates and returns a test WebhookAuthenticator in $PINNIPED_TEST_CONCIERGE_NAMESPACE, which will be // automatically deleted at the end of the current test's lifetime. It returns a corev1.TypedLocalObjectReference which -// descibes the test IDP within the test namespace. -func CreateTestWebhookIDP(ctx context.Context, t *testing.T) corev1.TypedLocalObjectReference { +// describes the test webhook authenticator within the test namespace. +func CreateTestWebhookAuthenticator(ctx context.Context, t *testing.T) corev1.TypedLocalObjectReference { t.Helper() testEnv := IntegrationEnv(t) client := NewPinnipedClientset(t) - webhooks := client.IDPV1alpha1().WebhookIdentityProviders(testEnv.ConciergeNamespace) + webhooks := client.AuthenticationV1alpha1().WebhookAuthenticators(testEnv.ConciergeNamespace) createContext, cancel := context.WithTimeout(ctx, 5*time.Second) defer cancel() - idp, err := webhooks.Create(createContext, &idpv1alpha1.WebhookIdentityProvider{ + webhook, err := webhooks.Create(createContext, &auth1alpha1.WebhookAuthenticator{ ObjectMeta: metav1.ObjectMeta{ GenerateName: "test-webhook-", Labels: map[string]string{"pinniped.dev/test": ""}, @@ -140,22 +140,22 @@ func CreateTestWebhookIDP(ctx context.Context, t *testing.T) corev1.TypedLocalOb }, Spec: testEnv.TestWebhook, }, metav1.CreateOptions{}) - require.NoError(t, err, "could not create test WebhookIdentityProvider") - t.Logf("created test WebhookIdentityProvider %s/%s", idp.Namespace, idp.Name) + require.NoError(t, err, "could not create test WebhookAuthenticator") + t.Logf("created test WebhookAuthenticator %s/%s", webhook.Namespace, webhook.Name) t.Cleanup(func() { t.Helper() - t.Logf("cleaning up test WebhookIdentityProvider %s/%s", idp.Namespace, idp.Name) + t.Logf("cleaning up test WebhookAuthenticator %s/%s", webhook.Namespace, webhook.Name) deleteCtx, cancel := context.WithTimeout(context.Background(), 5*time.Second) defer cancel() - err := webhooks.Delete(deleteCtx, idp.Name, metav1.DeleteOptions{}) - require.NoErrorf(t, err, "could not cleanup test WebhookIdentityProvider %s/%s", idp.Namespace, idp.Name) + err := webhooks.Delete(deleteCtx, webhook.Name, metav1.DeleteOptions{}) + require.NoErrorf(t, err, "could not cleanup test WebhookAuthenticator %s/%s", webhook.Namespace, webhook.Name) }) return corev1.TypedLocalObjectReference{ - APIGroup: &idpv1alpha1.SchemeGroupVersion.Group, - Kind: "WebhookIdentityProvider", - Name: idp.Name, + APIGroup: &auth1alpha1.SchemeGroupVersion.Group, + Kind: "WebhookAuthenticator", + Name: webhook.Name, } } diff --git a/test/library/env.go b/test/library/env.go index 22b8d6665..8cba1c112 100644 --- a/test/library/env.go +++ b/test/library/env.go @@ -13,7 +13,7 @@ import ( "github.com/stretchr/testify/require" "sigs.k8s.io/yaml" - idpv1alpha1 "go.pinniped.dev/generated/1.19/apis/idp/v1alpha1" + auth1alpha1 "go.pinniped.dev/generated/1.19/apis/concierge/authentication/v1alpha1" ) type Capability string @@ -26,18 +26,18 @@ const ( type TestEnv struct { t *testing.T - ConciergeNamespace string `json:"conciergeNamespace"` - SupervisorNamespace string `json:"supervisorNamespace"` - ConciergeAppName string `json:"conciergeAppName"` - SupervisorAppName string `json:"supervisorAppName"` - SupervisorCustomLabels map[string]string `json:"supervisorCustomLabels"` - ConciergeCustomLabels map[string]string `json:"conciergeCustomLabels"` - Capabilities map[Capability]bool `json:"capabilities"` - TestWebhook idpv1alpha1.WebhookIdentityProviderSpec `json:"testWebhook"` - SupervisorHTTPAddress string `json:"supervisorHttpAddress"` - SupervisorHTTPSAddress string `json:"supervisorHttpsAddress"` - SupervisorHTTPSIngressAddress string `json:"supervisorHttpsIngressAddress"` - SupervisorHTTPSIngressCABundle string `json:"supervisorHttpsIngressCABundle"` + ConciergeNamespace string `json:"conciergeNamespace"` + SupervisorNamespace string `json:"supervisorNamespace"` + ConciergeAppName string `json:"conciergeAppName"` + SupervisorAppName string `json:"supervisorAppName"` + SupervisorCustomLabels map[string]string `json:"supervisorCustomLabels"` + ConciergeCustomLabels map[string]string `json:"conciergeCustomLabels"` + Capabilities map[Capability]bool `json:"capabilities"` + TestWebhook auth1alpha1.WebhookAuthenticatorSpec `json:"testWebhook"` + SupervisorHTTPAddress string `json:"supervisorHttpAddress"` + SupervisorHTTPSAddress string `json:"supervisorHttpsAddress"` + SupervisorHTTPSIngressAddress string `json:"supervisorHttpsIngressAddress"` + SupervisorHTTPSIngressCABundle string `json:"supervisorHttpsIngressCABundle"` TestUser struct { Token string `json:"token"` @@ -100,7 +100,7 @@ func loadEnvVars(t *testing.T, result *TestEnv) { result.TestWebhook.Endpoint = needEnv(t, "PINNIPED_TEST_WEBHOOK_ENDPOINT") result.SupervisorNamespace = needEnv(t, "PINNIPED_TEST_SUPERVISOR_NAMESPACE") result.SupervisorAppName = needEnv(t, "PINNIPED_TEST_SUPERVISOR_APP_NAME") - result.TestWebhook.TLS = &idpv1alpha1.TLSSpec{CertificateAuthorityData: needEnv(t, "PINNIPED_TEST_WEBHOOK_CA_BUNDLE")} + result.TestWebhook.TLS = &auth1alpha1.TLSSpec{CertificateAuthorityData: needEnv(t, "PINNIPED_TEST_WEBHOOK_CA_BUNDLE")} result.SupervisorHTTPAddress = os.Getenv("PINNIPED_TEST_SUPERVISOR_HTTP_ADDRESS") result.SupervisorHTTPSIngressAddress = os.Getenv("PINNIPED_TEST_SUPERVISOR_HTTPS_INGRESS_ADDRESS")