Zack Williams | e940c7a | 2019-08-21 14:25:39 -0700 | [diff] [blame] | 1 | /* |
| 2 | Copyright 2014 The Kubernetes Authors. |
| 3 | |
| 4 | Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | you may not use this file except in compliance with the License. |
| 6 | You may obtain a copy of the License at |
| 7 | |
| 8 | http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | |
| 10 | Unless required by applicable law or agreed to in writing, software |
| 11 | distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | See the License for the specific language governing permissions and |
| 14 | limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package v1 |
| 18 | |
| 19 | import ( |
| 20 | "k8s.io/apimachinery/pkg/runtime" |
| 21 | ) |
| 22 | |
| 23 | // Where possible, json tags match the cli argument names. |
| 24 | // Top level config objects and all values required for proper functioning are not "omitempty". Any truly optional piece of config is allowed to be omitted. |
| 25 | |
| 26 | // Config holds the information needed to build connect to remote kubernetes clusters as a given user |
| 27 | // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object |
| 28 | type Config struct { |
| 29 | // Legacy field from pkg/api/types.go TypeMeta. |
| 30 | // TODO(jlowdermilk): remove this after eliminating downstream dependencies. |
| 31 | // +optional |
| 32 | Kind string `json:"kind,omitempty"` |
| 33 | // Legacy field from pkg/api/types.go TypeMeta. |
| 34 | // TODO(jlowdermilk): remove this after eliminating downstream dependencies. |
| 35 | // +optional |
| 36 | APIVersion string `json:"apiVersion,omitempty"` |
| 37 | // Preferences holds general information to be use for cli interactions |
| 38 | Preferences Preferences `json:"preferences"` |
| 39 | // Clusters is a map of referencable names to cluster configs |
| 40 | Clusters []NamedCluster `json:"clusters"` |
| 41 | // AuthInfos is a map of referencable names to user configs |
| 42 | AuthInfos []NamedAuthInfo `json:"users"` |
| 43 | // Contexts is a map of referencable names to context configs |
| 44 | Contexts []NamedContext `json:"contexts"` |
| 45 | // CurrentContext is the name of the context that you would like to use by default |
| 46 | CurrentContext string `json:"current-context"` |
| 47 | // Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields |
| 48 | // +optional |
| 49 | Extensions []NamedExtension `json:"extensions,omitempty"` |
| 50 | } |
| 51 | |
| 52 | type Preferences struct { |
| 53 | // +optional |
| 54 | Colors bool `json:"colors,omitempty"` |
| 55 | // Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields |
| 56 | // +optional |
| 57 | Extensions []NamedExtension `json:"extensions,omitempty"` |
| 58 | } |
| 59 | |
| 60 | // Cluster contains information about how to communicate with a kubernetes cluster |
| 61 | type Cluster struct { |
| 62 | // Server is the address of the kubernetes cluster (https://hostname:port). |
| 63 | Server string `json:"server"` |
| 64 | // InsecureSkipTLSVerify skips the validity check for the server's certificate. This will make your HTTPS connections insecure. |
| 65 | // +optional |
| 66 | InsecureSkipTLSVerify bool `json:"insecure-skip-tls-verify,omitempty"` |
| 67 | // CertificateAuthority is the path to a cert file for the certificate authority. |
| 68 | // +optional |
| 69 | CertificateAuthority string `json:"certificate-authority,omitempty"` |
| 70 | // CertificateAuthorityData contains PEM-encoded certificate authority certificates. Overrides CertificateAuthority |
| 71 | // +optional |
| 72 | CertificateAuthorityData []byte `json:"certificate-authority-data,omitempty"` |
| 73 | // Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields |
| 74 | // +optional |
| 75 | Extensions []NamedExtension `json:"extensions,omitempty"` |
| 76 | } |
| 77 | |
| 78 | // AuthInfo contains information that describes identity information. This is use to tell the kubernetes cluster who you are. |
| 79 | type AuthInfo struct { |
| 80 | // ClientCertificate is the path to a client cert file for TLS. |
| 81 | // +optional |
| 82 | ClientCertificate string `json:"client-certificate,omitempty"` |
| 83 | // ClientCertificateData contains PEM-encoded data from a client cert file for TLS. Overrides ClientCertificate |
| 84 | // +optional |
| 85 | ClientCertificateData []byte `json:"client-certificate-data,omitempty"` |
| 86 | // ClientKey is the path to a client key file for TLS. |
| 87 | // +optional |
| 88 | ClientKey string `json:"client-key,omitempty"` |
| 89 | // ClientKeyData contains PEM-encoded data from a client key file for TLS. Overrides ClientKey |
| 90 | // +optional |
| 91 | ClientKeyData []byte `json:"client-key-data,omitempty"` |
| 92 | // Token is the bearer token for authentication to the kubernetes cluster. |
| 93 | // +optional |
| 94 | Token string `json:"token,omitempty"` |
| 95 | // TokenFile is a pointer to a file that contains a bearer token (as described above). If both Token and TokenFile are present, Token takes precedence. |
| 96 | // +optional |
| 97 | TokenFile string `json:"tokenFile,omitempty"` |
| 98 | // Impersonate is the username to imperonate. The name matches the flag. |
| 99 | // +optional |
| 100 | Impersonate string `json:"as,omitempty"` |
| 101 | // ImpersonateGroups is the groups to imperonate. |
| 102 | // +optional |
| 103 | ImpersonateGroups []string `json:"as-groups,omitempty"` |
| 104 | // ImpersonateUserExtra contains additional information for impersonated user. |
| 105 | // +optional |
| 106 | ImpersonateUserExtra map[string][]string `json:"as-user-extra,omitempty"` |
| 107 | // Username is the username for basic authentication to the kubernetes cluster. |
| 108 | // +optional |
| 109 | Username string `json:"username,omitempty"` |
| 110 | // Password is the password for basic authentication to the kubernetes cluster. |
| 111 | // +optional |
| 112 | Password string `json:"password,omitempty"` |
| 113 | // AuthProvider specifies a custom authentication plugin for the kubernetes cluster. |
| 114 | // +optional |
| 115 | AuthProvider *AuthProviderConfig `json:"auth-provider,omitempty"` |
| 116 | // Exec specifies a custom exec-based authentication plugin for the kubernetes cluster. |
| 117 | // +optional |
| 118 | Exec *ExecConfig `json:"exec,omitempty"` |
| 119 | // Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields |
| 120 | // +optional |
| 121 | Extensions []NamedExtension `json:"extensions,omitempty"` |
| 122 | } |
| 123 | |
| 124 | // Context is a tuple of references to a cluster (how do I communicate with a kubernetes cluster), a user (how do I identify myself), and a namespace (what subset of resources do I want to work with) |
| 125 | type Context struct { |
| 126 | // Cluster is the name of the cluster for this context |
| 127 | Cluster string `json:"cluster"` |
| 128 | // AuthInfo is the name of the authInfo for this context |
| 129 | AuthInfo string `json:"user"` |
| 130 | // Namespace is the default namespace to use on unspecified requests |
| 131 | // +optional |
| 132 | Namespace string `json:"namespace,omitempty"` |
| 133 | // Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields |
| 134 | // +optional |
| 135 | Extensions []NamedExtension `json:"extensions,omitempty"` |
| 136 | } |
| 137 | |
| 138 | // NamedCluster relates nicknames to cluster information |
| 139 | type NamedCluster struct { |
| 140 | // Name is the nickname for this Cluster |
| 141 | Name string `json:"name"` |
| 142 | // Cluster holds the cluster information |
| 143 | Cluster Cluster `json:"cluster"` |
| 144 | } |
| 145 | |
| 146 | // NamedContext relates nicknames to context information |
| 147 | type NamedContext struct { |
| 148 | // Name is the nickname for this Context |
| 149 | Name string `json:"name"` |
| 150 | // Context holds the context information |
| 151 | Context Context `json:"context"` |
| 152 | } |
| 153 | |
| 154 | // NamedAuthInfo relates nicknames to auth information |
| 155 | type NamedAuthInfo struct { |
| 156 | // Name is the nickname for this AuthInfo |
| 157 | Name string `json:"name"` |
| 158 | // AuthInfo holds the auth information |
| 159 | AuthInfo AuthInfo `json:"user"` |
| 160 | } |
| 161 | |
| 162 | // NamedExtension relates nicknames to extension information |
| 163 | type NamedExtension struct { |
| 164 | // Name is the nickname for this Extension |
| 165 | Name string `json:"name"` |
| 166 | // Extension holds the extension information |
| 167 | Extension runtime.RawExtension `json:"extension"` |
| 168 | } |
| 169 | |
| 170 | // AuthProviderConfig holds the configuration for a specified auth provider. |
| 171 | type AuthProviderConfig struct { |
| 172 | Name string `json:"name"` |
| 173 | Config map[string]string `json:"config"` |
| 174 | } |
| 175 | |
| 176 | // ExecConfig specifies a command to provide client credentials. The command is exec'd |
| 177 | // and outputs structured stdout holding credentials. |
| 178 | // |
| 179 | // See the client.authentiction.k8s.io API group for specifications of the exact input |
| 180 | // and output format |
| 181 | type ExecConfig struct { |
| 182 | // Command to execute. |
| 183 | Command string `json:"command"` |
| 184 | // Arguments to pass to the command when executing it. |
| 185 | // +optional |
| 186 | Args []string `json:"args"` |
| 187 | // Env defines additional environment variables to expose to the process. These |
| 188 | // are unioned with the host's environment, as well as variables client-go uses |
| 189 | // to pass argument to the plugin. |
| 190 | // +optional |
| 191 | Env []ExecEnvVar `json:"env"` |
| 192 | |
| 193 | // Preferred input version of the ExecInfo. The returned ExecCredentials MUST use |
| 194 | // the same encoding version as the input. |
| 195 | APIVersion string `json:"apiVersion,omitempty"` |
| 196 | } |
| 197 | |
| 198 | // ExecEnvVar is used for setting environment variables when executing an exec-based |
| 199 | // credential plugin. |
| 200 | type ExecEnvVar struct { |
| 201 | Name string `json:"name"` |
| 202 | Value string `json:"value"` |
| 203 | } |