diff --git a/Makefile b/Makefile index cd882e47b..e4d98f879 100644 --- a/Makefile +++ b/Makefile @@ -135,12 +135,12 @@ check: generate manifests add-license fmt lint test # Generate manifests, code, .PHONY: docs docs: gen-crd-api-reference-docs ## Run go generate to generate API reference documentation. - $(GEN_CRD_API_REFERENCE_DOCS) -api-dir ./api/common/v1alpha1 -config ./hack/api-reference/common-config.json -template-dir ./hack/api-reference/template -out-file ./docs/api-reference/common.md - $(GEN_CRD_API_REFERENCE_DOCS) -api-dir ./api/core/v1alpha1 -config ./hack/api-reference/core-config.json -template-dir ./hack/api-reference/template -out-file ./docs/api-reference/core.md - $(GEN_CRD_API_REFERENCE_DOCS) -api-dir ./api/compute/v1alpha1 -config ./hack/api-reference/compute-config.json -template-dir ./hack/api-reference/template -out-file ./docs/api-reference/compute.md - $(GEN_CRD_API_REFERENCE_DOCS) -api-dir ./api/storage/v1alpha1 -config ./hack/api-reference/storage-config.json -template-dir ./hack/api-reference/template -out-file ./docs/api-reference/storage.md - $(GEN_CRD_API_REFERENCE_DOCS) -api-dir ./api/networking/v1alpha1 -config ./hack/api-reference/networking-config.json -template-dir ./hack/api-reference/template -out-file ./docs/api-reference/networking.md - $(GEN_CRD_API_REFERENCE_DOCS) -api-dir ./api/ipam/v1alpha1 -config ./hack/api-reference/ipam-config.json -template-dir ./hack/api-reference/template -out-file ./docs/api-reference/ipam.md + $(GEN_CRD_API_REFERENCE_DOCS) -api-dir ./api/common/v1alpha1 -config ./hack/api-reference/config.json -template-dir ./hack/api-reference/template -out-file ./docs/api-reference/common.md + $(GEN_CRD_API_REFERENCE_DOCS) -api-dir ./api/core/v1alpha1 -config ./hack/api-reference/config.json -template-dir ./hack/api-reference/template -out-file ./docs/api-reference/core.md + $(GEN_CRD_API_REFERENCE_DOCS) -api-dir ./api/storage/v1alpha1 -config ./hack/api-reference/config.json -template-dir ./hack/api-reference/template -out-file ./docs/api-reference/storage.md + $(GEN_CRD_API_REFERENCE_DOCS) -api-dir ./api/networking/v1alpha1 -config ./hack/api-reference/config.json -template-dir ./hack/api-reference/template -out-file ./docs/api-reference/networking.md + $(GEN_CRD_API_REFERENCE_DOCS) -api-dir ./api/ipam/v1alpha1 -config ./hack/api-reference/config.json -template-dir ./hack/api-reference/template -out-file ./docs/api-reference/ipam.md + $(GEN_CRD_API_REFERENCE_DOCS) -api-dir ./api/compute/v1alpha1 -config ./hack/api-reference/config.json -template-dir ./hack/api-reference/template -out-file ./docs/api-reference/compute.md .PHONY: start-docs start-docs: ## Start the local mkdocs based development environment. diff --git a/api/core/v1alpha1/types.go b/api/core/v1alpha1/types.go new file mode 100644 index 000000000..d0648f0b4 --- /dev/null +++ b/api/core/v1alpha1/types.go @@ -0,0 +1,25 @@ +// Copyright 2023 OnMetal authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1alpha1 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// ObjectSelector specifies how to select objects of a certain kind. +type ObjectSelector struct { + // Kind is the kind of object to select. + Kind string `json:"kind"` + // LabelSelector is the label selector to select objects of the specified Kind by. + metav1.LabelSelector `json:",inline"` +} diff --git a/api/core/v1alpha1/zz_generated.deepcopy.go b/api/core/v1alpha1/zz_generated.deepcopy.go index 41f0f6c25..ed840dc78 100644 --- a/api/core/v1alpha1/zz_generated.deepcopy.go +++ b/api/core/v1alpha1/zz_generated.deepcopy.go @@ -24,6 +24,23 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ObjectSelector) DeepCopyInto(out *ObjectSelector) { + *out = *in + in.LabelSelector.DeepCopyInto(&out.LabelSelector) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ObjectSelector. +func (in *ObjectSelector) DeepCopy() *ObjectSelector { + if in == nil { + return nil + } + out := new(ObjectSelector) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in ResourceList) DeepCopyInto(out *ResourceList) { { diff --git a/api/networking/v1alpha1/networkpolicy_type.go b/api/networking/v1alpha1/networkpolicy_type.go new file mode 100644 index 000000000..5c9bfb669 --- /dev/null +++ b/api/networking/v1alpha1/networkpolicy_type.go @@ -0,0 +1,151 @@ +// Copyright 2023 OnMetal authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1alpha1 + +import ( + commonv1alpha1 "github.com/onmetal/onmetal-api/api/common/v1alpha1" + corev1alpha1 "github.com/onmetal/onmetal-api/api/core/v1alpha1" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// NetworkPolicySpec defines the desired state of NetworkPolicy. +type NetworkPolicySpec struct { + // NetworkRef is the network to regulate using this policy. + NetworkRef corev1.LocalObjectReference `json:"networkRef"` + // NetworkInterfaceSelector selects the network interfaces that are subject to this policy. + NetworkInterfaceSelector metav1.LabelSelector `json:"networkInterfaceSelector"` + // Ingress specifies rules for ingress traffic. + Ingress []NetworkPolicyIngressRule `json:"ingress,omitempty"` + // Egress specifies rules for egress traffic. + Egress []NetworkPolicyEgressRule `json:"egress,omitempty"` + // PolicyTypes specifies the types of policies this network policy contains. + PolicyTypes []PolicyType `json:"policyTypes,omitempty"` +} + +// NetworkPolicyPort describes a port to allow traffic on +type NetworkPolicyPort struct { + // Protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this + // field defaults to TCP. + Protocol *corev1.Protocol `json:"protocol,omitempty"` + + // The port on the given protocol. If this field is not provided, this matches + // all port names and numbers. + // If present, only traffic on the specified protocol AND port will be matched. + Port int32 `json:"port,omitempty"` + + // EndPort indicates that the range of ports from Port to EndPort, inclusive, + // should be allowed by the policy. This field cannot be defined if the port field + // is not defined. The endPort must be equal or greater than port. + EndPort *int32 `json:"endPort,omitempty" protobuf:"bytes,3,opt,name=endPort"` +} + +// IPBlock specifies an ip block with optional exceptions. +type IPBlock struct { + // CIDR is a string representing the ip block. + CIDR commonv1alpha1.IPPrefix `json:"cidr"` + // Except is a slice of CIDRs that should not be included within the specified CIDR. + // Values will be rejected if they are outside CIDR. + Except []commonv1alpha1.IPPrefix `json:"except,omitempty"` +} + +// NetworkPolicyPeer describes a peer to allow traffic to / from. +type NetworkPolicyPeer struct { + // ObjectSelector selects peers with the given kind matching the label selector. + // Exclusive with other peer specifiers. + ObjectSelector *corev1alpha1.ObjectSelector `json:"objectSelector,omitempty"` + // IPBlock specifies the ip block from or to which network traffic may come. + IPBlock *IPBlock `json:"ipBlock,omitempty"` +} + +// NetworkPolicyIngressRule describes a rule to regulate ingress traffic with. +type NetworkPolicyIngressRule struct { + // Ports specifies the list of ports which should be made accessible for + // this rule. Each item in this list is combined using a logical OR. Empty matches all ports. + // As soon as a single item is present, only these ports are allowed. + Ports []NetworkPolicyPort `json:"ports,omitempty"` + // From specifies the list of sources which should be able to send traffic to the + // selected network interfaces. Fields are combined using a logical OR. Empty matches all sources. + // As soon as a single item is present, only these peers are allowed. + From []NetworkPolicyPeer `json:"from,omitempty"` +} + +// NetworkPolicyEgressRule describes a rule to regulate egress traffic with. +type NetworkPolicyEgressRule struct { + // Ports specifies the list of destination ports that can be called with + // this rule. Each item in this list is combined using a logical OR. Empty matches all ports. + // As soon as a single item is present, only these ports are allowed. + Ports []NetworkPolicyPort `json:"ports,omitempty"` + // To specifies the list of destinations which the selected network interfaces should be + // able to send traffic to. Fields are combined using a logical OR. Empty matches all destinations. + // As soon as a single item is present, only these peers are allowed. + To []NetworkPolicyPeer `json:"to,omitempty"` +} + +// PolicyType is a type of policy. +type PolicyType string + +const ( + // PolicyTypeIngress is a policy that describes ingress traffic. + PolicyTypeIngress PolicyType = "Ingress" + // PolicyTypeEgress is a policy that describes egress traffic. + PolicyTypeEgress PolicyType = "Egress" +) + +// NetworkPolicyStatus defines the observed state of NetworkPolicy. +type NetworkPolicyStatus struct { + // Conditions are various conditions of the NetworkPolicy. + Conditions []NetworkPolicyCondition `json:"conditions,omitempty"` +} + +// NetworkPolicyConditionType is a type a NetworkPolicyCondition can have. +type NetworkPolicyConditionType string + +// NetworkPolicyCondition is one of the conditions of a network policy. +type NetworkPolicyCondition struct { + // Type is the type of the condition. + Type NetworkPolicyConditionType `json:"type"` + // Status is the status of the condition. + Status corev1.ConditionStatus `json:"status"` + // Reason is a machine-readable indication of why the condition is in a certain state. + Reason string `json:"reason"` + // Message is a human-readable explanation of why the condition has a certain reason / state. + Message string `json:"message"` + // ObservedGeneration represents the .metadata.generation that the condition was set based upon. + ObservedGeneration int64 `json:"observedGeneration,omitempty"` + // LastTransitionTime is the last time the status of a condition has transitioned from one state to another. + LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"` +} + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// NetworkPolicy is the Schema for the networkpolicies API +type NetworkPolicy struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec NetworkPolicySpec `json:"spec,omitempty"` + Status NetworkPolicyStatus `json:"status,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// NetworkPolicyList contains a list of NetworkPolicy. +type NetworkPolicyList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []NetworkPolicy `json:"items"` +} diff --git a/api/networking/v1alpha1/register.go b/api/networking/v1alpha1/register.go index 27c4295d9..6ff4c0b16 100644 --- a/api/networking/v1alpha1/register.go +++ b/api/networking/v1alpha1/register.go @@ -46,6 +46,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &Network{}, &NetworkList{}, + &NetworkPolicy{}, + &NetworkPolicyList{}, &NetworkInterface{}, &NetworkInterfaceList{}, &VirtualIP{}, diff --git a/api/networking/v1alpha1/zz_generated.deepcopy.go b/api/networking/v1alpha1/zz_generated.deepcopy.go index 40e574329..86d16ae0f 100644 --- a/api/networking/v1alpha1/zz_generated.deepcopy.go +++ b/api/networking/v1alpha1/zz_generated.deepcopy.go @@ -22,6 +22,7 @@ package v1alpha1 import ( commonv1alpha1 "github.com/onmetal/onmetal-api/api/common/v1alpha1" + corev1alpha1 "github.com/onmetal/onmetal-api/api/core/v1alpha1" ipamv1alpha1 "github.com/onmetal/onmetal-api/api/ipam/v1alpha1" corev1 "k8s.io/api/core/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -239,6 +240,30 @@ func (in *EphemeralVirtualIPSource) DeepCopy() *EphemeralVirtualIPSource { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IPBlock) DeepCopyInto(out *IPBlock) { + *out = *in + in.CIDR.DeepCopyInto(&out.CIDR) + if in.Except != nil { + in, out := &in.Except, &out.Except + *out = make([]commonv1alpha1.IPPrefix, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPBlock. +func (in *IPBlock) DeepCopy() *IPBlock { + if in == nil { + return nil + } + out := new(IPBlock) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IPSource) DeepCopyInto(out *IPSource) { *out = *in @@ -1002,6 +1027,256 @@ func (in *NetworkPeeringStatus) DeepCopy() *NetworkPeeringStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicy) DeepCopyInto(out *NetworkPolicy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicy. +func (in *NetworkPolicy) DeepCopy() *NetworkPolicy { + if in == nil { + return nil + } + out := new(NetworkPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *NetworkPolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicyCondition) DeepCopyInto(out *NetworkPolicyCondition) { + *out = *in + in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyCondition. +func (in *NetworkPolicyCondition) DeepCopy() *NetworkPolicyCondition { + if in == nil { + return nil + } + out := new(NetworkPolicyCondition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicyEgressRule) DeepCopyInto(out *NetworkPolicyEgressRule) { + *out = *in + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]NetworkPolicyPort, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.To != nil { + in, out := &in.To, &out.To + *out = make([]NetworkPolicyPeer, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyEgressRule. +func (in *NetworkPolicyEgressRule) DeepCopy() *NetworkPolicyEgressRule { + if in == nil { + return nil + } + out := new(NetworkPolicyEgressRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicyIngressRule) DeepCopyInto(out *NetworkPolicyIngressRule) { + *out = *in + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]NetworkPolicyPort, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.From != nil { + in, out := &in.From, &out.From + *out = make([]NetworkPolicyPeer, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyIngressRule. +func (in *NetworkPolicyIngressRule) DeepCopy() *NetworkPolicyIngressRule { + if in == nil { + return nil + } + out := new(NetworkPolicyIngressRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicyList) DeepCopyInto(out *NetworkPolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]NetworkPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyList. +func (in *NetworkPolicyList) DeepCopy() *NetworkPolicyList { + if in == nil { + return nil + } + out := new(NetworkPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *NetworkPolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicyPeer) DeepCopyInto(out *NetworkPolicyPeer) { + *out = *in + if in.ObjectSelector != nil { + in, out := &in.ObjectSelector, &out.ObjectSelector + *out = new(corev1alpha1.ObjectSelector) + (*in).DeepCopyInto(*out) + } + if in.IPBlock != nil { + in, out := &in.IPBlock, &out.IPBlock + *out = new(IPBlock) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyPeer. +func (in *NetworkPolicyPeer) DeepCopy() *NetworkPolicyPeer { + if in == nil { + return nil + } + out := new(NetworkPolicyPeer) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicyPort) DeepCopyInto(out *NetworkPolicyPort) { + *out = *in + if in.Protocol != nil { + in, out := &in.Protocol, &out.Protocol + *out = new(corev1.Protocol) + **out = **in + } + if in.EndPort != nil { + in, out := &in.EndPort, &out.EndPort + *out = new(int32) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyPort. +func (in *NetworkPolicyPort) DeepCopy() *NetworkPolicyPort { + if in == nil { + return nil + } + out := new(NetworkPolicyPort) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicySpec) DeepCopyInto(out *NetworkPolicySpec) { + *out = *in + out.NetworkRef = in.NetworkRef + in.NetworkInterfaceSelector.DeepCopyInto(&out.NetworkInterfaceSelector) + if in.Ingress != nil { + in, out := &in.Ingress, &out.Ingress + *out = make([]NetworkPolicyIngressRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Egress != nil { + in, out := &in.Egress, &out.Egress + *out = make([]NetworkPolicyEgressRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.PolicyTypes != nil { + in, out := &in.PolicyTypes, &out.PolicyTypes + *out = make([]PolicyType, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicySpec. +func (in *NetworkPolicySpec) DeepCopy() *NetworkPolicySpec { + if in == nil { + return nil + } + out := new(NetworkPolicySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicyStatus) DeepCopyInto(out *NetworkPolicyStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]NetworkPolicyCondition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyStatus. +func (in *NetworkPolicyStatus) DeepCopy() *NetworkPolicyStatus { + if in == nil { + return nil + } + out := new(NetworkPolicyStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NetworkSpec) DeepCopyInto(out *NetworkSpec) { *out = *in diff --git a/client-go/applyconfigurations/core/v1alpha1/objectselector.go b/client-go/applyconfigurations/core/v1alpha1/objectselector.go new file mode 100644 index 000000000..88e3a17a9 --- /dev/null +++ b/client-go/applyconfigurations/core/v1alpha1/objectselector.go @@ -0,0 +1,70 @@ +/* + * Copyright (c) 2022 by the OnMetal authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "github.com/onmetal/onmetal-api/client-go/applyconfigurations/meta/v1" +) + +// ObjectSelectorApplyConfiguration represents an declarative configuration of the ObjectSelector type for use +// with apply. +type ObjectSelectorApplyConfiguration struct { + Kind *string `json:"kind,omitempty"` + v1.LabelSelectorApplyConfiguration `json:",inline"` +} + +// ObjectSelectorApplyConfiguration constructs an declarative configuration of the ObjectSelector type for use with +// apply. +func ObjectSelector() *ObjectSelectorApplyConfiguration { + return &ObjectSelectorApplyConfiguration{} +} + +// WithKind sets the Kind field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Kind field is set to the value of the last call. +func (b *ObjectSelectorApplyConfiguration) WithKind(value string) *ObjectSelectorApplyConfiguration { + b.Kind = &value + return b +} + +// WithMatchLabels puts the entries into the MatchLabels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the MatchLabels field, +// overwriting an existing map entries in MatchLabels field with the same key. +func (b *ObjectSelectorApplyConfiguration) WithMatchLabels(entries map[string]string) *ObjectSelectorApplyConfiguration { + if b.MatchLabels == nil && len(entries) > 0 { + b.MatchLabels = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.MatchLabels[k] = v + } + return b +} + +// WithMatchExpressions adds the given value to the MatchExpressions field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the MatchExpressions field. +func (b *ObjectSelectorApplyConfiguration) WithMatchExpressions(values ...*v1.LabelSelectorRequirementApplyConfiguration) *ObjectSelectorApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithMatchExpressions") + } + b.MatchExpressions = append(b.MatchExpressions, *values[i]) + } + return b +} diff --git a/client-go/applyconfigurations/internal/internal.go b/client-go/applyconfigurations/internal/internal.go index 6461e053e..a58a78263 100644 --- a/client-go/applyconfigurations/internal/internal.go +++ b/client-go/applyconfigurations/internal/internal.go @@ -461,6 +461,24 @@ var schemaYAML = typed.YAMLObject(`types: - name: state type: scalar: string +- name: com.github.onmetal.onmetal-api.api.core.v1alpha1.ObjectSelector + map: + fields: + - name: kind + type: + scalar: string + default: "" + - name: matchExpressions + type: + list: + elementType: + namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement + elementRelationship: atomic + - name: matchLabels + type: + map: + elementType: + scalar: string - name: com.github.onmetal.onmetal-api.api.core.v1alpha1.ResourceQuota map: fields: @@ -724,6 +742,19 @@ var schemaYAML = typed.YAMLObject(`types: - name: virtualIPTemplate type: namedType: com.github.onmetal.onmetal-api.api.networking.v1alpha1.VirtualIPTemplateSpec +- name: com.github.onmetal.onmetal-api.api.networking.v1alpha1.IPBlock + map: + fields: + - name: cidr + type: + namedType: com.github.onmetal.onmetal-api.api.common.v1alpha1.IPPrefix + default: {} + - name: except + type: + list: + elementType: + namedType: com.github.onmetal.onmetal-api.api.common.v1alpha1.IPPrefix + elementRelationship: atomic - name: com.github.onmetal.onmetal-api.api.networking.v1alpha1.IPSource map: fields: @@ -1103,6 +1134,142 @@ var schemaYAML = typed.YAMLObject(`types: - name: phase type: scalar: string +- name: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicy + map: + fields: + - name: apiVersion + type: + scalar: string + - name: kind + type: + scalar: string + - name: metadata + type: + namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta + default: {} + - name: spec + type: + namedType: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicySpec + default: {} + - name: status + type: + namedType: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicyStatus + default: {} +- name: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicyCondition + map: + fields: + - name: lastTransitionTime + type: + namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time + default: {} + - name: message + type: + scalar: string + default: "" + - name: observedGeneration + type: + scalar: numeric + - name: reason + type: + scalar: string + default: "" + - name: status + type: + scalar: string + default: "" + - name: type + type: + scalar: string + default: "" +- name: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicyEgressRule + map: + fields: + - name: ports + type: + list: + elementType: + namedType: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicyPort + elementRelationship: atomic + - name: to + type: + list: + elementType: + namedType: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicyPeer + elementRelationship: atomic +- name: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicyIngressRule + map: + fields: + - name: from + type: + list: + elementType: + namedType: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicyPeer + elementRelationship: atomic + - name: ports + type: + list: + elementType: + namedType: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicyPort + elementRelationship: atomic +- name: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicyPeer + map: + fields: + - name: ipBlock + type: + namedType: com.github.onmetal.onmetal-api.api.networking.v1alpha1.IPBlock + - name: objectSelector + type: + namedType: com.github.onmetal.onmetal-api.api.core.v1alpha1.ObjectSelector +- name: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicyPort + map: + fields: + - name: endPort + type: + scalar: numeric + - name: port + type: + scalar: numeric + - name: protocol + type: + scalar: string +- name: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicySpec + map: + fields: + - name: egress + type: + list: + elementType: + namedType: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicyEgressRule + elementRelationship: atomic + - name: ingress + type: + list: + elementType: + namedType: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicyIngressRule + elementRelationship: atomic + - name: networkInterfaceSelector + type: + namedType: io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector + default: {} + - name: networkRef + type: + namedType: io.k8s.api.core.v1.LocalObjectReference + default: {} + - name: policyTypes + type: + list: + elementType: + scalar: string + elementRelationship: atomic +- name: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicyStatus + map: + fields: + - name: conditions + type: + list: + elementType: + namedType: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicyCondition + elementRelationship: atomic - name: com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkSpec map: fields: diff --git a/client-go/applyconfigurations/networking/v1alpha1/ipblock.go b/client-go/applyconfigurations/networking/v1alpha1/ipblock.go new file mode 100644 index 000000000..dc44b4926 --- /dev/null +++ b/client-go/applyconfigurations/networking/v1alpha1/ipblock.go @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2022 by the OnMetal authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/onmetal/onmetal-api/api/common/v1alpha1" +) + +// IPBlockApplyConfiguration represents an declarative configuration of the IPBlock type for use +// with apply. +type IPBlockApplyConfiguration struct { + CIDR *v1alpha1.IPPrefix `json:"cidr,omitempty"` + Except []v1alpha1.IPPrefix `json:"except,omitempty"` +} + +// IPBlockApplyConfiguration constructs an declarative configuration of the IPBlock type for use with +// apply. +func IPBlock() *IPBlockApplyConfiguration { + return &IPBlockApplyConfiguration{} +} + +// WithCIDR sets the CIDR field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CIDR field is set to the value of the last call. +func (b *IPBlockApplyConfiguration) WithCIDR(value v1alpha1.IPPrefix) *IPBlockApplyConfiguration { + b.CIDR = &value + return b +} + +// WithExcept adds the given value to the Except field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Except field. +func (b *IPBlockApplyConfiguration) WithExcept(values ...v1alpha1.IPPrefix) *IPBlockApplyConfiguration { + for i := range values { + b.Except = append(b.Except, values[i]) + } + return b +} diff --git a/client-go/applyconfigurations/networking/v1alpha1/networkpolicy.go b/client-go/applyconfigurations/networking/v1alpha1/networkpolicy.go new file mode 100644 index 000000000..187d1fe16 --- /dev/null +++ b/client-go/applyconfigurations/networking/v1alpha1/networkpolicy.go @@ -0,0 +1,257 @@ +/* + * Copyright (c) 2022 by the OnMetal authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + networkingv1alpha1 "github.com/onmetal/onmetal-api/api/networking/v1alpha1" + internal "github.com/onmetal/onmetal-api/client-go/applyconfigurations/internal" + v1 "github.com/onmetal/onmetal-api/client-go/applyconfigurations/meta/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + managedfields "k8s.io/apimachinery/pkg/util/managedfields" +) + +// NetworkPolicyApplyConfiguration represents an declarative configuration of the NetworkPolicy type for use +// with apply. +type NetworkPolicyApplyConfiguration struct { + v1.TypeMetaApplyConfiguration `json:",inline"` + *v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"` + Spec *NetworkPolicySpecApplyConfiguration `json:"spec,omitempty"` + Status *NetworkPolicyStatusApplyConfiguration `json:"status,omitempty"` +} + +// NetworkPolicy constructs an declarative configuration of the NetworkPolicy type for use with +// apply. +func NetworkPolicy(name, namespace string) *NetworkPolicyApplyConfiguration { + b := &NetworkPolicyApplyConfiguration{} + b.WithName(name) + b.WithNamespace(namespace) + b.WithKind("NetworkPolicy") + b.WithAPIVersion("networking.api.onmetal.de/v1alpha1") + return b +} + +// ExtractNetworkPolicy extracts the applied configuration owned by fieldManager from +// networkPolicy. If no managedFields are found in networkPolicy for fieldManager, a +// NetworkPolicyApplyConfiguration is returned with only the Name, Namespace (if applicable), +// APIVersion and Kind populated. It is possible that no managed fields were found for because other +// field managers have taken ownership of all the fields previously owned by fieldManager, or because +// the fieldManager never owned fields any fields. +// networkPolicy must be a unmodified NetworkPolicy API object that was retrieved from the Kubernetes API. +// ExtractNetworkPolicy provides a way to perform a extract/modify-in-place/apply workflow. +// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously +// applied if another fieldManager has updated or force applied any of the previously applied fields. +// Experimental! +func ExtractNetworkPolicy(networkPolicy *networkingv1alpha1.NetworkPolicy, fieldManager string) (*NetworkPolicyApplyConfiguration, error) { + return extractNetworkPolicy(networkPolicy, fieldManager, "") +} + +// ExtractNetworkPolicyStatus is the same as ExtractNetworkPolicy except +// that it extracts the status subresource applied configuration. +// Experimental! +func ExtractNetworkPolicyStatus(networkPolicy *networkingv1alpha1.NetworkPolicy, fieldManager string) (*NetworkPolicyApplyConfiguration, error) { + return extractNetworkPolicy(networkPolicy, fieldManager, "status") +} + +func extractNetworkPolicy(networkPolicy *networkingv1alpha1.NetworkPolicy, fieldManager string, subresource string) (*NetworkPolicyApplyConfiguration, error) { + b := &NetworkPolicyApplyConfiguration{} + err := managedfields.ExtractInto(networkPolicy, internal.Parser().Type("com.github.onmetal.onmetal-api.api.networking.v1alpha1.NetworkPolicy"), fieldManager, b, subresource) + if err != nil { + return nil, err + } + b.WithName(networkPolicy.Name) + b.WithNamespace(networkPolicy.Namespace) + + b.WithKind("NetworkPolicy") + b.WithAPIVersion("networking.api.onmetal.de/v1alpha1") + return b, nil +} + +// WithKind sets the Kind field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Kind field is set to the value of the last call. +func (b *NetworkPolicyApplyConfiguration) WithKind(value string) *NetworkPolicyApplyConfiguration { + b.Kind = &value + return b +} + +// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the APIVersion field is set to the value of the last call. +func (b *NetworkPolicyApplyConfiguration) WithAPIVersion(value string) *NetworkPolicyApplyConfiguration { + b.APIVersion = &value + return b +} + +// WithName sets the Name field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Name field is set to the value of the last call. +func (b *NetworkPolicyApplyConfiguration) WithName(value string) *NetworkPolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Name = &value + return b +} + +// WithGenerateName sets the GenerateName field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the GenerateName field is set to the value of the last call. +func (b *NetworkPolicyApplyConfiguration) WithGenerateName(value string) *NetworkPolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.GenerateName = &value + return b +} + +// WithNamespace sets the Namespace field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Namespace field is set to the value of the last call. +func (b *NetworkPolicyApplyConfiguration) WithNamespace(value string) *NetworkPolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Namespace = &value + return b +} + +// WithUID sets the UID field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the UID field is set to the value of the last call. +func (b *NetworkPolicyApplyConfiguration) WithUID(value types.UID) *NetworkPolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.UID = &value + return b +} + +// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ResourceVersion field is set to the value of the last call. +func (b *NetworkPolicyApplyConfiguration) WithResourceVersion(value string) *NetworkPolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.ResourceVersion = &value + return b +} + +// WithGeneration sets the Generation field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Generation field is set to the value of the last call. +func (b *NetworkPolicyApplyConfiguration) WithGeneration(value int64) *NetworkPolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.Generation = &value + return b +} + +// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the CreationTimestamp field is set to the value of the last call. +func (b *NetworkPolicyApplyConfiguration) WithCreationTimestamp(value metav1.Time) *NetworkPolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.CreationTimestamp = &value + return b +} + +// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DeletionTimestamp field is set to the value of the last call. +func (b *NetworkPolicyApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *NetworkPolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.DeletionTimestamp = &value + return b +} + +// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call. +func (b *NetworkPolicyApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *NetworkPolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + b.DeletionGracePeriodSeconds = &value + return b +} + +// WithLabels puts the entries into the Labels field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the Labels field, +// overwriting an existing map entries in Labels field with the same key. +func (b *NetworkPolicyApplyConfiguration) WithLabels(entries map[string]string) *NetworkPolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + if b.Labels == nil && len(entries) > 0 { + b.Labels = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.Labels[k] = v + } + return b +} + +// WithAnnotations puts the entries into the Annotations field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, the entries provided by each call will be put on the Annotations field, +// overwriting an existing map entries in Annotations field with the same key. +func (b *NetworkPolicyApplyConfiguration) WithAnnotations(entries map[string]string) *NetworkPolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + if b.Annotations == nil && len(entries) > 0 { + b.Annotations = make(map[string]string, len(entries)) + } + for k, v := range entries { + b.Annotations[k] = v + } + return b +} + +// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the OwnerReferences field. +func (b *NetworkPolicyApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *NetworkPolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + for i := range values { + if values[i] == nil { + panic("nil value passed to WithOwnerReferences") + } + b.OwnerReferences = append(b.OwnerReferences, *values[i]) + } + return b +} + +// WithFinalizers adds the given value to the Finalizers field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Finalizers field. +func (b *NetworkPolicyApplyConfiguration) WithFinalizers(values ...string) *NetworkPolicyApplyConfiguration { + b.ensureObjectMetaApplyConfigurationExists() + for i := range values { + b.Finalizers = append(b.Finalizers, values[i]) + } + return b +} + +func (b *NetworkPolicyApplyConfiguration) ensureObjectMetaApplyConfigurationExists() { + if b.ObjectMetaApplyConfiguration == nil { + b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{} + } +} + +// WithSpec sets the Spec field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Spec field is set to the value of the last call. +func (b *NetworkPolicyApplyConfiguration) WithSpec(value *NetworkPolicySpecApplyConfiguration) *NetworkPolicyApplyConfiguration { + b.Spec = value + return b +} + +// WithStatus sets the Status field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Status field is set to the value of the last call. +func (b *NetworkPolicyApplyConfiguration) WithStatus(value *NetworkPolicyStatusApplyConfiguration) *NetworkPolicyApplyConfiguration { + b.Status = value + return b +} diff --git a/client-go/applyconfigurations/networking/v1alpha1/networkpolicycondition.go b/client-go/applyconfigurations/networking/v1alpha1/networkpolicycondition.go new file mode 100644 index 000000000..7f42374d2 --- /dev/null +++ b/client-go/applyconfigurations/networking/v1alpha1/networkpolicycondition.go @@ -0,0 +1,89 @@ +/* + * Copyright (c) 2022 by the OnMetal authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/onmetal/onmetal-api/api/networking/v1alpha1" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// NetworkPolicyConditionApplyConfiguration represents an declarative configuration of the NetworkPolicyCondition type for use +// with apply. +type NetworkPolicyConditionApplyConfiguration struct { + Type *v1alpha1.NetworkPolicyConditionType `json:"type,omitempty"` + Status *v1.ConditionStatus `json:"status,omitempty"` + Reason *string `json:"reason,omitempty"` + Message *string `json:"message,omitempty"` + ObservedGeneration *int64 `json:"observedGeneration,omitempty"` + LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` +} + +// NetworkPolicyConditionApplyConfiguration constructs an declarative configuration of the NetworkPolicyCondition type for use with +// apply. +func NetworkPolicyCondition() *NetworkPolicyConditionApplyConfiguration { + return &NetworkPolicyConditionApplyConfiguration{} +} + +// WithType sets the Type field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Type field is set to the value of the last call. +func (b *NetworkPolicyConditionApplyConfiguration) WithType(value v1alpha1.NetworkPolicyConditionType) *NetworkPolicyConditionApplyConfiguration { + b.Type = &value + return b +} + +// WithStatus sets the Status field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Status field is set to the value of the last call. +func (b *NetworkPolicyConditionApplyConfiguration) WithStatus(value v1.ConditionStatus) *NetworkPolicyConditionApplyConfiguration { + b.Status = &value + return b +} + +// WithReason sets the Reason field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Reason field is set to the value of the last call. +func (b *NetworkPolicyConditionApplyConfiguration) WithReason(value string) *NetworkPolicyConditionApplyConfiguration { + b.Reason = &value + return b +} + +// WithMessage sets the Message field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Message field is set to the value of the last call. +func (b *NetworkPolicyConditionApplyConfiguration) WithMessage(value string) *NetworkPolicyConditionApplyConfiguration { + b.Message = &value + return b +} + +// WithObservedGeneration sets the ObservedGeneration field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ObservedGeneration field is set to the value of the last call. +func (b *NetworkPolicyConditionApplyConfiguration) WithObservedGeneration(value int64) *NetworkPolicyConditionApplyConfiguration { + b.ObservedGeneration = &value + return b +} + +// WithLastTransitionTime sets the LastTransitionTime field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the LastTransitionTime field is set to the value of the last call. +func (b *NetworkPolicyConditionApplyConfiguration) WithLastTransitionTime(value metav1.Time) *NetworkPolicyConditionApplyConfiguration { + b.LastTransitionTime = &value + return b +} diff --git a/client-go/applyconfigurations/networking/v1alpha1/networkpolicyegressrule.go b/client-go/applyconfigurations/networking/v1alpha1/networkpolicyegressrule.go new file mode 100644 index 000000000..0d18d2e9e --- /dev/null +++ b/client-go/applyconfigurations/networking/v1alpha1/networkpolicyegressrule.go @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2022 by the OnMetal authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// NetworkPolicyEgressRuleApplyConfiguration represents an declarative configuration of the NetworkPolicyEgressRule type for use +// with apply. +type NetworkPolicyEgressRuleApplyConfiguration struct { + Ports []NetworkPolicyPortApplyConfiguration `json:"ports,omitempty"` + To []NetworkPolicyPeerApplyConfiguration `json:"to,omitempty"` +} + +// NetworkPolicyEgressRuleApplyConfiguration constructs an declarative configuration of the NetworkPolicyEgressRule type for use with +// apply. +func NetworkPolicyEgressRule() *NetworkPolicyEgressRuleApplyConfiguration { + return &NetworkPolicyEgressRuleApplyConfiguration{} +} + +// WithPorts adds the given value to the Ports field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Ports field. +func (b *NetworkPolicyEgressRuleApplyConfiguration) WithPorts(values ...*NetworkPolicyPortApplyConfiguration) *NetworkPolicyEgressRuleApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithPorts") + } + b.Ports = append(b.Ports, *values[i]) + } + return b +} + +// WithTo adds the given value to the To field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the To field. +func (b *NetworkPolicyEgressRuleApplyConfiguration) WithTo(values ...*NetworkPolicyPeerApplyConfiguration) *NetworkPolicyEgressRuleApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithTo") + } + b.To = append(b.To, *values[i]) + } + return b +} diff --git a/client-go/applyconfigurations/networking/v1alpha1/networkpolicyingressrule.go b/client-go/applyconfigurations/networking/v1alpha1/networkpolicyingressrule.go new file mode 100644 index 000000000..485587d23 --- /dev/null +++ b/client-go/applyconfigurations/networking/v1alpha1/networkpolicyingressrule.go @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2022 by the OnMetal authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// NetworkPolicyIngressRuleApplyConfiguration represents an declarative configuration of the NetworkPolicyIngressRule type for use +// with apply. +type NetworkPolicyIngressRuleApplyConfiguration struct { + Ports []NetworkPolicyPortApplyConfiguration `json:"ports,omitempty"` + From []NetworkPolicyPeerApplyConfiguration `json:"from,omitempty"` +} + +// NetworkPolicyIngressRuleApplyConfiguration constructs an declarative configuration of the NetworkPolicyIngressRule type for use with +// apply. +func NetworkPolicyIngressRule() *NetworkPolicyIngressRuleApplyConfiguration { + return &NetworkPolicyIngressRuleApplyConfiguration{} +} + +// WithPorts adds the given value to the Ports field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Ports field. +func (b *NetworkPolicyIngressRuleApplyConfiguration) WithPorts(values ...*NetworkPolicyPortApplyConfiguration) *NetworkPolicyIngressRuleApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithPorts") + } + b.Ports = append(b.Ports, *values[i]) + } + return b +} + +// WithFrom adds the given value to the From field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the From field. +func (b *NetworkPolicyIngressRuleApplyConfiguration) WithFrom(values ...*NetworkPolicyPeerApplyConfiguration) *NetworkPolicyIngressRuleApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithFrom") + } + b.From = append(b.From, *values[i]) + } + return b +} diff --git a/client-go/applyconfigurations/networking/v1alpha1/networkpolicypeer.go b/client-go/applyconfigurations/networking/v1alpha1/networkpolicypeer.go new file mode 100644 index 000000000..5e85ec859 --- /dev/null +++ b/client-go/applyconfigurations/networking/v1alpha1/networkpolicypeer.go @@ -0,0 +1,51 @@ +/* + * Copyright (c) 2022 by the OnMetal authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/onmetal/onmetal-api/client-go/applyconfigurations/core/v1alpha1" +) + +// NetworkPolicyPeerApplyConfiguration represents an declarative configuration of the NetworkPolicyPeer type for use +// with apply. +type NetworkPolicyPeerApplyConfiguration struct { + ObjectSelector *v1alpha1.ObjectSelectorApplyConfiguration `json:"objectSelector,omitempty"` + IPBlock *IPBlockApplyConfiguration `json:"ipBlock,omitempty"` +} + +// NetworkPolicyPeerApplyConfiguration constructs an declarative configuration of the NetworkPolicyPeer type for use with +// apply. +func NetworkPolicyPeer() *NetworkPolicyPeerApplyConfiguration { + return &NetworkPolicyPeerApplyConfiguration{} +} + +// WithObjectSelector sets the ObjectSelector field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the ObjectSelector field is set to the value of the last call. +func (b *NetworkPolicyPeerApplyConfiguration) WithObjectSelector(value *v1alpha1.ObjectSelectorApplyConfiguration) *NetworkPolicyPeerApplyConfiguration { + b.ObjectSelector = value + return b +} + +// WithIPBlock sets the IPBlock field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the IPBlock field is set to the value of the last call. +func (b *NetworkPolicyPeerApplyConfiguration) WithIPBlock(value *IPBlockApplyConfiguration) *NetworkPolicyPeerApplyConfiguration { + b.IPBlock = value + return b +} diff --git a/client-go/applyconfigurations/networking/v1alpha1/networkpolicyport.go b/client-go/applyconfigurations/networking/v1alpha1/networkpolicyport.go new file mode 100644 index 000000000..1d8ad9ebd --- /dev/null +++ b/client-go/applyconfigurations/networking/v1alpha1/networkpolicyport.go @@ -0,0 +1,60 @@ +/* + * Copyright (c) 2022 by the OnMetal authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "k8s.io/api/core/v1" +) + +// NetworkPolicyPortApplyConfiguration represents an declarative configuration of the NetworkPolicyPort type for use +// with apply. +type NetworkPolicyPortApplyConfiguration struct { + Protocol *v1.Protocol `json:"protocol,omitempty"` + Port *int32 `json:"port,omitempty"` + EndPort *int32 `json:"endPort,omitempty"` +} + +// NetworkPolicyPortApplyConfiguration constructs an declarative configuration of the NetworkPolicyPort type for use with +// apply. +func NetworkPolicyPort() *NetworkPolicyPortApplyConfiguration { + return &NetworkPolicyPortApplyConfiguration{} +} + +// WithProtocol sets the Protocol field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Protocol field is set to the value of the last call. +func (b *NetworkPolicyPortApplyConfiguration) WithProtocol(value v1.Protocol) *NetworkPolicyPortApplyConfiguration { + b.Protocol = &value + return b +} + +// WithPort sets the Port field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the Port field is set to the value of the last call. +func (b *NetworkPolicyPortApplyConfiguration) WithPort(value int32) *NetworkPolicyPortApplyConfiguration { + b.Port = &value + return b +} + +// WithEndPort sets the EndPort field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the EndPort field is set to the value of the last call. +func (b *NetworkPolicyPortApplyConfiguration) WithEndPort(value int32) *NetworkPolicyPortApplyConfiguration { + b.EndPort = &value + return b +} diff --git a/client-go/applyconfigurations/networking/v1alpha1/networkpolicyspec.go b/client-go/applyconfigurations/networking/v1alpha1/networkpolicyspec.go new file mode 100644 index 000000000..7275c351e --- /dev/null +++ b/client-go/applyconfigurations/networking/v1alpha1/networkpolicyspec.go @@ -0,0 +1,92 @@ +/* + * Copyright (c) 2022 by the OnMetal authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + networkingv1alpha1 "github.com/onmetal/onmetal-api/api/networking/v1alpha1" + metav1 "github.com/onmetal/onmetal-api/client-go/applyconfigurations/meta/v1" + v1 "k8s.io/api/core/v1" +) + +// NetworkPolicySpecApplyConfiguration represents an declarative configuration of the NetworkPolicySpec type for use +// with apply. +type NetworkPolicySpecApplyConfiguration struct { + NetworkRef *v1.LocalObjectReference `json:"networkRef,omitempty"` + NetworkInterfaceSelector *metav1.LabelSelectorApplyConfiguration `json:"networkInterfaceSelector,omitempty"` + Ingress []NetworkPolicyIngressRuleApplyConfiguration `json:"ingress,omitempty"` + Egress []NetworkPolicyEgressRuleApplyConfiguration `json:"egress,omitempty"` + PolicyTypes []networkingv1alpha1.PolicyType `json:"policyTypes,omitempty"` +} + +// NetworkPolicySpecApplyConfiguration constructs an declarative configuration of the NetworkPolicySpec type for use with +// apply. +func NetworkPolicySpec() *NetworkPolicySpecApplyConfiguration { + return &NetworkPolicySpecApplyConfiguration{} +} + +// WithNetworkRef sets the NetworkRef field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NetworkRef field is set to the value of the last call. +func (b *NetworkPolicySpecApplyConfiguration) WithNetworkRef(value v1.LocalObjectReference) *NetworkPolicySpecApplyConfiguration { + b.NetworkRef = &value + return b +} + +// WithNetworkInterfaceSelector sets the NetworkInterfaceSelector field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the NetworkInterfaceSelector field is set to the value of the last call. +func (b *NetworkPolicySpecApplyConfiguration) WithNetworkInterfaceSelector(value *metav1.LabelSelectorApplyConfiguration) *NetworkPolicySpecApplyConfiguration { + b.NetworkInterfaceSelector = value + return b +} + +// WithIngress adds the given value to the Ingress field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Ingress field. +func (b *NetworkPolicySpecApplyConfiguration) WithIngress(values ...*NetworkPolicyIngressRuleApplyConfiguration) *NetworkPolicySpecApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithIngress") + } + b.Ingress = append(b.Ingress, *values[i]) + } + return b +} + +// WithEgress adds the given value to the Egress field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Egress field. +func (b *NetworkPolicySpecApplyConfiguration) WithEgress(values ...*NetworkPolicyEgressRuleApplyConfiguration) *NetworkPolicySpecApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithEgress") + } + b.Egress = append(b.Egress, *values[i]) + } + return b +} + +// WithPolicyTypes adds the given value to the PolicyTypes field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the PolicyTypes field. +func (b *NetworkPolicySpecApplyConfiguration) WithPolicyTypes(values ...networkingv1alpha1.PolicyType) *NetworkPolicySpecApplyConfiguration { + for i := range values { + b.PolicyTypes = append(b.PolicyTypes, values[i]) + } + return b +} diff --git a/client-go/applyconfigurations/networking/v1alpha1/networkpolicystatus.go b/client-go/applyconfigurations/networking/v1alpha1/networkpolicystatus.go new file mode 100644 index 000000000..0fe871715 --- /dev/null +++ b/client-go/applyconfigurations/networking/v1alpha1/networkpolicystatus.go @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2022 by the OnMetal authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Code generated by applyconfiguration-gen. DO NOT EDIT. + +package v1alpha1 + +// NetworkPolicyStatusApplyConfiguration represents an declarative configuration of the NetworkPolicyStatus type for use +// with apply. +type NetworkPolicyStatusApplyConfiguration struct { + Conditions []NetworkPolicyConditionApplyConfiguration `json:"conditions,omitempty"` +} + +// NetworkPolicyStatusApplyConfiguration constructs an declarative configuration of the NetworkPolicyStatus type for use with +// apply. +func NetworkPolicyStatus() *NetworkPolicyStatusApplyConfiguration { + return &NetworkPolicyStatusApplyConfiguration{} +} + +// WithConditions adds the given value to the Conditions field in the declarative configuration +// and returns the receiver, so that objects can be build by chaining "With" function invocations. +// If called multiple times, values provided by each call will be appended to the Conditions field. +func (b *NetworkPolicyStatusApplyConfiguration) WithConditions(values ...*NetworkPolicyConditionApplyConfiguration) *NetworkPolicyStatusApplyConfiguration { + for i := range values { + if values[i] == nil { + panic("nil value passed to WithConditions") + } + b.Conditions = append(b.Conditions, *values[i]) + } + return b +} diff --git a/client-go/applyconfigurations/utils.go b/client-go/applyconfigurations/utils.go index c7aa93e64..5e03c58ed 100644 --- a/client-go/applyconfigurations/utils.go +++ b/client-go/applyconfigurations/utils.go @@ -96,6 +96,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &applyconfigurationscomputev1alpha1.VolumeStatusApplyConfiguration{} // Group=core.api.onmetal.de, Version=v1alpha1 + case corev1alpha1.SchemeGroupVersion.WithKind("ObjectSelector"): + return &applyconfigurationscorev1alpha1.ObjectSelectorApplyConfiguration{} case corev1alpha1.SchemeGroupVersion.WithKind("ResourceQuota"): return &applyconfigurationscorev1alpha1.ResourceQuotaApplyConfiguration{} case corev1alpha1.SchemeGroupVersion.WithKind("ResourceQuotaSpec"): @@ -150,6 +152,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &applyconfigurationsnetworkingv1alpha1.EphemeralPrefixSourceApplyConfiguration{} case networkingv1alpha1.SchemeGroupVersion.WithKind("EphemeralVirtualIPSource"): return &applyconfigurationsnetworkingv1alpha1.EphemeralVirtualIPSourceApplyConfiguration{} + case networkingv1alpha1.SchemeGroupVersion.WithKind("IPBlock"): + return &applyconfigurationsnetworkingv1alpha1.IPBlockApplyConfiguration{} case networkingv1alpha1.SchemeGroupVersion.WithKind("IPSource"): return &applyconfigurationsnetworkingv1alpha1.IPSourceApplyConfiguration{} case networkingv1alpha1.SchemeGroupVersion.WithKind("LoadBalancer"): @@ -192,6 +196,22 @@ func ForKind(kind schema.GroupVersionKind) interface{} { return &applyconfigurationsnetworkingv1alpha1.NetworkPeeringApplyConfiguration{} case networkingv1alpha1.SchemeGroupVersion.WithKind("NetworkPeeringStatus"): return &applyconfigurationsnetworkingv1alpha1.NetworkPeeringStatusApplyConfiguration{} + case networkingv1alpha1.SchemeGroupVersion.WithKind("NetworkPolicy"): + return &applyconfigurationsnetworkingv1alpha1.NetworkPolicyApplyConfiguration{} + case networkingv1alpha1.SchemeGroupVersion.WithKind("NetworkPolicyCondition"): + return &applyconfigurationsnetworkingv1alpha1.NetworkPolicyConditionApplyConfiguration{} + case networkingv1alpha1.SchemeGroupVersion.WithKind("NetworkPolicyEgressRule"): + return &applyconfigurationsnetworkingv1alpha1.NetworkPolicyEgressRuleApplyConfiguration{} + case networkingv1alpha1.SchemeGroupVersion.WithKind("NetworkPolicyIngressRule"): + return &applyconfigurationsnetworkingv1alpha1.NetworkPolicyIngressRuleApplyConfiguration{} + case networkingv1alpha1.SchemeGroupVersion.WithKind("NetworkPolicyPeer"): + return &applyconfigurationsnetworkingv1alpha1.NetworkPolicyPeerApplyConfiguration{} + case networkingv1alpha1.SchemeGroupVersion.WithKind("NetworkPolicyPort"): + return &applyconfigurationsnetworkingv1alpha1.NetworkPolicyPortApplyConfiguration{} + case networkingv1alpha1.SchemeGroupVersion.WithKind("NetworkPolicySpec"): + return &applyconfigurationsnetworkingv1alpha1.NetworkPolicySpecApplyConfiguration{} + case networkingv1alpha1.SchemeGroupVersion.WithKind("NetworkPolicyStatus"): + return &applyconfigurationsnetworkingv1alpha1.NetworkPolicyStatusApplyConfiguration{} case networkingv1alpha1.SchemeGroupVersion.WithKind("NetworkSpec"): return &applyconfigurationsnetworkingv1alpha1.NetworkSpecApplyConfiguration{} case networkingv1alpha1.SchemeGroupVersion.WithKind("NetworkStatus"): diff --git a/client-go/informers/generic.go b/client-go/informers/generic.go index 551894b4a..02bb08943 100644 --- a/client-go/informers/generic.go +++ b/client-go/informers/generic.go @@ -90,6 +90,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource return &genericInformer{resource: resource.GroupResource(), informer: f.Networking().V1alpha1().Networks().Informer()}, nil case networkingv1alpha1.SchemeGroupVersion.WithResource("networkinterfaces"): return &genericInformer{resource: resource.GroupResource(), informer: f.Networking().V1alpha1().NetworkInterfaces().Informer()}, nil + case networkingv1alpha1.SchemeGroupVersion.WithResource("networkpolicies"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Networking().V1alpha1().NetworkPolicies().Informer()}, nil case networkingv1alpha1.SchemeGroupVersion.WithResource("virtualips"): return &genericInformer{resource: resource.GroupResource(), informer: f.Networking().V1alpha1().VirtualIPs().Informer()}, nil diff --git a/client-go/informers/networking/v1alpha1/interface.go b/client-go/informers/networking/v1alpha1/interface.go index 36286ee43..ea4984e0c 100644 --- a/client-go/informers/networking/v1alpha1/interface.go +++ b/client-go/informers/networking/v1alpha1/interface.go @@ -39,6 +39,8 @@ type Interface interface { Networks() NetworkInformer // NetworkInterfaces returns a NetworkInterfaceInformer. NetworkInterfaces() NetworkInterfaceInformer + // NetworkPolicies returns a NetworkPolicyInformer. + NetworkPolicies() NetworkPolicyInformer // VirtualIPs returns a VirtualIPInformer. VirtualIPs() VirtualIPInformer } @@ -94,6 +96,11 @@ func (v *version) NetworkInterfaces() NetworkInterfaceInformer { return &networkInterfaceInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } +// NetworkPolicies returns a NetworkPolicyInformer. +func (v *version) NetworkPolicies() NetworkPolicyInformer { + return &networkPolicyInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + // VirtualIPs returns a VirtualIPInformer. func (v *version) VirtualIPs() VirtualIPInformer { return &virtualIPInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} diff --git a/client-go/informers/networking/v1alpha1/networkpolicy.go b/client-go/informers/networking/v1alpha1/networkpolicy.go new file mode 100644 index 000000000..91766f338 --- /dev/null +++ b/client-go/informers/networking/v1alpha1/networkpolicy.go @@ -0,0 +1,89 @@ +/* + * Copyright (c) 2022 by the OnMetal authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + networkingv1alpha1 "github.com/onmetal/onmetal-api/api/networking/v1alpha1" + internalinterfaces "github.com/onmetal/onmetal-api/client-go/informers/internalinterfaces" + v1alpha1 "github.com/onmetal/onmetal-api/client-go/listers/networking/v1alpha1" + onmetalapi "github.com/onmetal/onmetal-api/client-go/onmetalapi" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// NetworkPolicyInformer provides access to a shared informer and lister for +// NetworkPolicies. +type NetworkPolicyInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.NetworkPolicyLister +} + +type networkPolicyInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewNetworkPolicyInformer constructs a new informer for NetworkPolicy type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewNetworkPolicyInformer(client onmetalapi.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredNetworkPolicyInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredNetworkPolicyInformer constructs a new informer for NetworkPolicy type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredNetworkPolicyInformer(client onmetalapi.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.NetworkingV1alpha1().NetworkPolicies(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.NetworkingV1alpha1().NetworkPolicies(namespace).Watch(context.TODO(), options) + }, + }, + &networkingv1alpha1.NetworkPolicy{}, + resyncPeriod, + indexers, + ) +} + +func (f *networkPolicyInformer) defaultInformer(client onmetalapi.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredNetworkPolicyInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *networkPolicyInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&networkingv1alpha1.NetworkPolicy{}, f.defaultInformer) +} + +func (f *networkPolicyInformer) Lister() v1alpha1.NetworkPolicyLister { + return v1alpha1.NewNetworkPolicyLister(f.Informer().GetIndexer()) +} diff --git a/client-go/listers/networking/v1alpha1/expansion_generated.go b/client-go/listers/networking/v1alpha1/expansion_generated.go index b52b8a1ac..58528dd7b 100644 --- a/client-go/listers/networking/v1alpha1/expansion_generated.go +++ b/client-go/listers/networking/v1alpha1/expansion_generated.go @@ -81,6 +81,14 @@ type NetworkInterfaceListerExpansion interface{} // NetworkInterfaceNamespaceLister. type NetworkInterfaceNamespaceListerExpansion interface{} +// NetworkPolicyListerExpansion allows custom methods to be added to +// NetworkPolicyLister. +type NetworkPolicyListerExpansion interface{} + +// NetworkPolicyNamespaceListerExpansion allows custom methods to be added to +// NetworkPolicyNamespaceLister. +type NetworkPolicyNamespaceListerExpansion interface{} + // VirtualIPListerExpansion allows custom methods to be added to // VirtualIPLister. type VirtualIPListerExpansion interface{} diff --git a/client-go/listers/networking/v1alpha1/networkpolicy.go b/client-go/listers/networking/v1alpha1/networkpolicy.go new file mode 100644 index 000000000..ef961d368 --- /dev/null +++ b/client-go/listers/networking/v1alpha1/networkpolicy.go @@ -0,0 +1,98 @@ +/* + * Copyright (c) 2022 by the OnMetal authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/onmetal/onmetal-api/api/networking/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// NetworkPolicyLister helps list NetworkPolicies. +// All objects returned here must be treated as read-only. +type NetworkPolicyLister interface { + // List lists all NetworkPolicies in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.NetworkPolicy, err error) + // NetworkPolicies returns an object that can list and get NetworkPolicies. + NetworkPolicies(namespace string) NetworkPolicyNamespaceLister + NetworkPolicyListerExpansion +} + +// networkPolicyLister implements the NetworkPolicyLister interface. +type networkPolicyLister struct { + indexer cache.Indexer +} + +// NewNetworkPolicyLister returns a new NetworkPolicyLister. +func NewNetworkPolicyLister(indexer cache.Indexer) NetworkPolicyLister { + return &networkPolicyLister{indexer: indexer} +} + +// List lists all NetworkPolicies in the indexer. +func (s *networkPolicyLister) List(selector labels.Selector) (ret []*v1alpha1.NetworkPolicy, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.NetworkPolicy)) + }) + return ret, err +} + +// NetworkPolicies returns an object that can list and get NetworkPolicies. +func (s *networkPolicyLister) NetworkPolicies(namespace string) NetworkPolicyNamespaceLister { + return networkPolicyNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// NetworkPolicyNamespaceLister helps list and get NetworkPolicies. +// All objects returned here must be treated as read-only. +type NetworkPolicyNamespaceLister interface { + // List lists all NetworkPolicies in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.NetworkPolicy, err error) + // Get retrieves the NetworkPolicy from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.NetworkPolicy, error) + NetworkPolicyNamespaceListerExpansion +} + +// networkPolicyNamespaceLister implements the NetworkPolicyNamespaceLister +// interface. +type networkPolicyNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all NetworkPolicies in the indexer for a given namespace. +func (s networkPolicyNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.NetworkPolicy, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.NetworkPolicy)) + }) + return ret, err +} + +// Get retrieves the NetworkPolicy from the indexer for a given namespace and name. +func (s networkPolicyNamespaceLister) Get(name string) (*v1alpha1.NetworkPolicy, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("networkpolicy"), name) + } + return obj.(*v1alpha1.NetworkPolicy), nil +} diff --git a/client-go/onmetalapi/typed/networking/v1alpha1/fake/fake_networking_client.go b/client-go/onmetalapi/typed/networking/v1alpha1/fake/fake_networking_client.go index a530b0108..cbfd78f88 100644 --- a/client-go/onmetalapi/typed/networking/v1alpha1/fake/fake_networking_client.go +++ b/client-go/onmetalapi/typed/networking/v1alpha1/fake/fake_networking_client.go @@ -59,6 +59,10 @@ func (c *FakeNetworkingV1alpha1) NetworkInterfaces(namespace string) v1alpha1.Ne return &FakeNetworkInterfaces{c, namespace} } +func (c *FakeNetworkingV1alpha1) NetworkPolicies(namespace string) v1alpha1.NetworkPolicyInterface { + return &FakeNetworkPolicies{c, namespace} +} + func (c *FakeNetworkingV1alpha1) VirtualIPs(namespace string) v1alpha1.VirtualIPInterface { return &FakeVirtualIPs{c, namespace} } diff --git a/client-go/onmetalapi/typed/networking/v1alpha1/fake/fake_networkpolicy.go b/client-go/onmetalapi/typed/networking/v1alpha1/fake/fake_networkpolicy.go new file mode 100644 index 000000000..e3d4516c5 --- /dev/null +++ b/client-go/onmetalapi/typed/networking/v1alpha1/fake/fake_networkpolicy.go @@ -0,0 +1,189 @@ +/* + * Copyright (c) 2022 by the OnMetal authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + json "encoding/json" + "fmt" + + v1alpha1 "github.com/onmetal/onmetal-api/api/networking/v1alpha1" + networkingv1alpha1 "github.com/onmetal/onmetal-api/client-go/applyconfigurations/networking/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeNetworkPolicies implements NetworkPolicyInterface +type FakeNetworkPolicies struct { + Fake *FakeNetworkingV1alpha1 + ns string +} + +var networkpoliciesResource = schema.GroupVersionResource{Group: "networking.api.onmetal.de", Version: "v1alpha1", Resource: "networkpolicies"} + +var networkpoliciesKind = schema.GroupVersionKind{Group: "networking.api.onmetal.de", Version: "v1alpha1", Kind: "NetworkPolicy"} + +// Get takes name of the networkPolicy, and returns the corresponding networkPolicy object, and an error if there is any. +func (c *FakeNetworkPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.NetworkPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(networkpoliciesResource, c.ns, name), &v1alpha1.NetworkPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.NetworkPolicy), err +} + +// List takes label and field selectors, and returns the list of NetworkPolicies that match those selectors. +func (c *FakeNetworkPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.NetworkPolicyList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(networkpoliciesResource, networkpoliciesKind, c.ns, opts), &v1alpha1.NetworkPolicyList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.NetworkPolicyList{ListMeta: obj.(*v1alpha1.NetworkPolicyList).ListMeta} + for _, item := range obj.(*v1alpha1.NetworkPolicyList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested networkPolicies. +func (c *FakeNetworkPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(networkpoliciesResource, c.ns, opts)) + +} + +// Create takes the representation of a networkPolicy and creates it. Returns the server's representation of the networkPolicy, and an error, if there is any. +func (c *FakeNetworkPolicies) Create(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.CreateOptions) (result *v1alpha1.NetworkPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(networkpoliciesResource, c.ns, networkPolicy), &v1alpha1.NetworkPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.NetworkPolicy), err +} + +// Update takes the representation of a networkPolicy and updates it. Returns the server's representation of the networkPolicy, and an error, if there is any. +func (c *FakeNetworkPolicies) Update(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (result *v1alpha1.NetworkPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(networkpoliciesResource, c.ns, networkPolicy), &v1alpha1.NetworkPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.NetworkPolicy), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeNetworkPolicies) UpdateStatus(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (*v1alpha1.NetworkPolicy, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(networkpoliciesResource, "status", c.ns, networkPolicy), &v1alpha1.NetworkPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.NetworkPolicy), err +} + +// Delete takes name of the networkPolicy and deletes it. Returns an error if one occurs. +func (c *FakeNetworkPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteActionWithOptions(networkpoliciesResource, c.ns, name, opts), &v1alpha1.NetworkPolicy{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeNetworkPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(networkpoliciesResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.NetworkPolicyList{}) + return err +} + +// Patch applies the patch and returns the patched networkPolicy. +func (c *FakeNetworkPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.NetworkPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(networkpoliciesResource, c.ns, name, pt, data, subresources...), &v1alpha1.NetworkPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.NetworkPolicy), err +} + +// Apply takes the given apply declarative configuration, applies it and returns the applied networkPolicy. +func (c *FakeNetworkPolicies) Apply(ctx context.Context, networkPolicy *networkingv1alpha1.NetworkPolicyApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.NetworkPolicy, err error) { + if networkPolicy == nil { + return nil, fmt.Errorf("networkPolicy provided to Apply must not be nil") + } + data, err := json.Marshal(networkPolicy) + if err != nil { + return nil, err + } + name := networkPolicy.Name + if name == nil { + return nil, fmt.Errorf("networkPolicy.Name must be provided to Apply") + } + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(networkpoliciesResource, c.ns, *name, types.ApplyPatchType, data), &v1alpha1.NetworkPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.NetworkPolicy), err +} + +// ApplyStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). +func (c *FakeNetworkPolicies) ApplyStatus(ctx context.Context, networkPolicy *networkingv1alpha1.NetworkPolicyApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.NetworkPolicy, err error) { + if networkPolicy == nil { + return nil, fmt.Errorf("networkPolicy provided to Apply must not be nil") + } + data, err := json.Marshal(networkPolicy) + if err != nil { + return nil, err + } + name := networkPolicy.Name + if name == nil { + return nil, fmt.Errorf("networkPolicy.Name must be provided to Apply") + } + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(networkpoliciesResource, c.ns, *name, types.ApplyPatchType, data, "status"), &v1alpha1.NetworkPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.NetworkPolicy), err +} diff --git a/client-go/onmetalapi/typed/networking/v1alpha1/generated_expansion.go b/client-go/onmetalapi/typed/networking/v1alpha1/generated_expansion.go index b3a701179..11966bc03 100644 --- a/client-go/onmetalapi/typed/networking/v1alpha1/generated_expansion.go +++ b/client-go/onmetalapi/typed/networking/v1alpha1/generated_expansion.go @@ -33,4 +33,6 @@ type NetworkExpansion interface{} type NetworkInterfaceExpansion interface{} +type NetworkPolicyExpansion interface{} + type VirtualIPExpansion interface{} diff --git a/client-go/onmetalapi/typed/networking/v1alpha1/networking_client.go b/client-go/onmetalapi/typed/networking/v1alpha1/networking_client.go index c7101356c..ccff26916 100644 --- a/client-go/onmetalapi/typed/networking/v1alpha1/networking_client.go +++ b/client-go/onmetalapi/typed/networking/v1alpha1/networking_client.go @@ -35,6 +35,7 @@ type NetworkingV1alpha1Interface interface { NATGatewayRoutingsGetter NetworksGetter NetworkInterfacesGetter + NetworkPoliciesGetter VirtualIPsGetter } @@ -75,6 +76,10 @@ func (c *NetworkingV1alpha1Client) NetworkInterfaces(namespace string) NetworkIn return newNetworkInterfaces(c, namespace) } +func (c *NetworkingV1alpha1Client) NetworkPolicies(namespace string) NetworkPolicyInterface { + return newNetworkPolicies(c, namespace) +} + func (c *NetworkingV1alpha1Client) VirtualIPs(namespace string) VirtualIPInterface { return newVirtualIPs(c, namespace) } diff --git a/client-go/onmetalapi/typed/networking/v1alpha1/networkpolicy.go b/client-go/onmetalapi/typed/networking/v1alpha1/networkpolicy.go new file mode 100644 index 000000000..101ace4d7 --- /dev/null +++ b/client-go/onmetalapi/typed/networking/v1alpha1/networkpolicy.go @@ -0,0 +1,255 @@ +/* + * Copyright (c) 2022 by the OnMetal authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + json "encoding/json" + "fmt" + "time" + + v1alpha1 "github.com/onmetal/onmetal-api/api/networking/v1alpha1" + networkingv1alpha1 "github.com/onmetal/onmetal-api/client-go/applyconfigurations/networking/v1alpha1" + scheme "github.com/onmetal/onmetal-api/client-go/onmetalapi/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// NetworkPoliciesGetter has a method to return a NetworkPolicyInterface. +// A group's client should implement this interface. +type NetworkPoliciesGetter interface { + NetworkPolicies(namespace string) NetworkPolicyInterface +} + +// NetworkPolicyInterface has methods to work with NetworkPolicy resources. +type NetworkPolicyInterface interface { + Create(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.CreateOptions) (*v1alpha1.NetworkPolicy, error) + Update(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (*v1alpha1.NetworkPolicy, error) + UpdateStatus(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (*v1alpha1.NetworkPolicy, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.NetworkPolicy, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.NetworkPolicyList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.NetworkPolicy, err error) + Apply(ctx context.Context, networkPolicy *networkingv1alpha1.NetworkPolicyApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.NetworkPolicy, err error) + ApplyStatus(ctx context.Context, networkPolicy *networkingv1alpha1.NetworkPolicyApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.NetworkPolicy, err error) + NetworkPolicyExpansion +} + +// networkPolicies implements NetworkPolicyInterface +type networkPolicies struct { + client rest.Interface + ns string +} + +// newNetworkPolicies returns a NetworkPolicies +func newNetworkPolicies(c *NetworkingV1alpha1Client, namespace string) *networkPolicies { + return &networkPolicies{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the networkPolicy, and returns the corresponding networkPolicy object, and an error if there is any. +func (c *networkPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.NetworkPolicy, err error) { + result = &v1alpha1.NetworkPolicy{} + err = c.client.Get(). + Namespace(c.ns). + Resource("networkpolicies"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of NetworkPolicies that match those selectors. +func (c *networkPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.NetworkPolicyList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.NetworkPolicyList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("networkpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested networkPolicies. +func (c *networkPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("networkpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a networkPolicy and creates it. Returns the server's representation of the networkPolicy, and an error, if there is any. +func (c *networkPolicies) Create(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.CreateOptions) (result *v1alpha1.NetworkPolicy, err error) { + result = &v1alpha1.NetworkPolicy{} + err = c.client.Post(). + Namespace(c.ns). + Resource("networkpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(networkPolicy). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a networkPolicy and updates it. Returns the server's representation of the networkPolicy, and an error, if there is any. +func (c *networkPolicies) Update(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (result *v1alpha1.NetworkPolicy, err error) { + result = &v1alpha1.NetworkPolicy{} + err = c.client.Put(). + Namespace(c.ns). + Resource("networkpolicies"). + Name(networkPolicy.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(networkPolicy). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *networkPolicies) UpdateStatus(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (result *v1alpha1.NetworkPolicy, err error) { + result = &v1alpha1.NetworkPolicy{} + err = c.client.Put(). + Namespace(c.ns). + Resource("networkpolicies"). + Name(networkPolicy.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(networkPolicy). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the networkPolicy and deletes it. Returns an error if one occurs. +func (c *networkPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("networkpolicies"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *networkPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("networkpolicies"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched networkPolicy. +func (c *networkPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.NetworkPolicy, err error) { + result = &v1alpha1.NetworkPolicy{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("networkpolicies"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} + +// Apply takes the given apply declarative configuration, applies it and returns the applied networkPolicy. +func (c *networkPolicies) Apply(ctx context.Context, networkPolicy *networkingv1alpha1.NetworkPolicyApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.NetworkPolicy, err error) { + if networkPolicy == nil { + return nil, fmt.Errorf("networkPolicy provided to Apply must not be nil") + } + patchOpts := opts.ToPatchOptions() + data, err := json.Marshal(networkPolicy) + if err != nil { + return nil, err + } + name := networkPolicy.Name + if name == nil { + return nil, fmt.Errorf("networkPolicy.Name must be provided to Apply") + } + result = &v1alpha1.NetworkPolicy{} + err = c.client.Patch(types.ApplyPatchType). + Namespace(c.ns). + Resource("networkpolicies"). + Name(*name). + VersionedParams(&patchOpts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} + +// ApplyStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus(). +func (c *networkPolicies) ApplyStatus(ctx context.Context, networkPolicy *networkingv1alpha1.NetworkPolicyApplyConfiguration, opts v1.ApplyOptions) (result *v1alpha1.NetworkPolicy, err error) { + if networkPolicy == nil { + return nil, fmt.Errorf("networkPolicy provided to Apply must not be nil") + } + patchOpts := opts.ToPatchOptions() + data, err := json.Marshal(networkPolicy) + if err != nil { + return nil, err + } + + name := networkPolicy.Name + if name == nil { + return nil, fmt.Errorf("networkPolicy.Name must be provided to Apply") + } + + result = &v1alpha1.NetworkPolicy{} + err = c.client.Patch(types.ApplyPatchType). + Namespace(c.ns). + Resource("networkpolicies"). + Name(*name). + SubResource("status"). + VersionedParams(&patchOpts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/client-go/openapi/api_violations.report b/client-go/openapi/api_violations.report index 77a1467b2..2f4562dfb 100644 --- a/client-go/openapi/api_violations.report +++ b/client-go/openapi/api_violations.report @@ -13,6 +13,7 @@ API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/core/v1 API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/core/v1alpha1,ResourceScopeSelectorRequirement,Values API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/ipam/v1alpha1,PrefixStatus,Used API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,AliasPrefixRouting,Destinations +API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,IPBlock,Except API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,LoadBalancerRouting,Destinations API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,LoadBalancerSpec,IPFamilies API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,LoadBalancerSpec,IPs @@ -26,6 +27,14 @@ API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/network API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,NetworkInterfaceSpec,IPFamilies API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,NetworkInterfaceSpec,IPs API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,NetworkInterfaceStatus,IPs +API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,NetworkPolicyEgressRule,Ports +API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,NetworkPolicyEgressRule,To +API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,NetworkPolicyIngressRule,From +API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,NetworkPolicyIngressRule,Ports +API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,NetworkPolicySpec,Egress +API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,NetworkPolicySpec,Ingress +API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,NetworkPolicySpec,PolicyTypes +API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,NetworkPolicyStatus,Conditions API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,NetworkSpec,Peerings API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/networking/v1alpha1,NetworkStatus,Peerings API rule violation: list_type_missing,github.com/onmetal/onmetal-api/api/storage/v1alpha1,BucketPoolSpec,Taints diff --git a/client-go/openapi/zz_generated.openapi.go b/client-go/openapi/zz_generated.openapi.go index e5ee1fefa..4116c03a2 100644 --- a/client-go/openapi/zz_generated.openapi.go +++ b/client-go/openapi/zz_generated.openapi.go @@ -66,6 +66,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/onmetal/onmetal-api/api/compute/v1alpha1.Volume": schema_onmetal_api_api_compute_v1alpha1_Volume(ref), "github.com/onmetal/onmetal-api/api/compute/v1alpha1.VolumeSource": schema_onmetal_api_api_compute_v1alpha1_VolumeSource(ref), "github.com/onmetal/onmetal-api/api/compute/v1alpha1.VolumeStatus": schema_onmetal_api_api_compute_v1alpha1_VolumeStatus(ref), + "github.com/onmetal/onmetal-api/api/core/v1alpha1.ObjectSelector": schema_onmetal_api_api_core_v1alpha1_ObjectSelector(ref), "github.com/onmetal/onmetal-api/api/core/v1alpha1.ResourceQuota": schema_onmetal_api_api_core_v1alpha1_ResourceQuota(ref), "github.com/onmetal/onmetal-api/api/core/v1alpha1.ResourceQuotaList": schema_onmetal_api_api_core_v1alpha1_ResourceQuotaList(ref), "github.com/onmetal/onmetal-api/api/core/v1alpha1.ResourceQuotaSpec": schema_onmetal_api_api_core_v1alpha1_ResourceQuotaSpec(ref), @@ -89,6 +90,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/onmetal/onmetal-api/api/networking/v1alpha1.AliasPrefixStatus": schema_onmetal_api_api_networking_v1alpha1_AliasPrefixStatus(ref), "github.com/onmetal/onmetal-api/api/networking/v1alpha1.EphemeralPrefixSource": schema_onmetal_api_api_networking_v1alpha1_EphemeralPrefixSource(ref), "github.com/onmetal/onmetal-api/api/networking/v1alpha1.EphemeralVirtualIPSource": schema_onmetal_api_api_networking_v1alpha1_EphemeralVirtualIPSource(ref), + "github.com/onmetal/onmetal-api/api/networking/v1alpha1.IPBlock": schema_onmetal_api_api_networking_v1alpha1_IPBlock(ref), "github.com/onmetal/onmetal-api/api/networking/v1alpha1.IPSource": schema_onmetal_api_api_networking_v1alpha1_IPSource(ref), "github.com/onmetal/onmetal-api/api/networking/v1alpha1.LoadBalancer": schema_onmetal_api_api_networking_v1alpha1_LoadBalancer(ref), "github.com/onmetal/onmetal-api/api/networking/v1alpha1.LoadBalancerList": schema_onmetal_api_api_networking_v1alpha1_LoadBalancerList(ref), @@ -116,6 +118,15 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkList": schema_onmetal_api_api_networking_v1alpha1_NetworkList(ref), "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPeering": schema_onmetal_api_api_networking_v1alpha1_NetworkPeering(ref), "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPeeringStatus": schema_onmetal_api_api_networking_v1alpha1_NetworkPeeringStatus(ref), + "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicy": schema_onmetal_api_api_networking_v1alpha1_NetworkPolicy(ref), + "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyCondition": schema_onmetal_api_api_networking_v1alpha1_NetworkPolicyCondition(ref), + "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyEgressRule": schema_onmetal_api_api_networking_v1alpha1_NetworkPolicyEgressRule(ref), + "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyIngressRule": schema_onmetal_api_api_networking_v1alpha1_NetworkPolicyIngressRule(ref), + "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyList": schema_onmetal_api_api_networking_v1alpha1_NetworkPolicyList(ref), + "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyPeer": schema_onmetal_api_api_networking_v1alpha1_NetworkPolicyPeer(ref), + "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyPort": schema_onmetal_api_api_networking_v1alpha1_NetworkPolicyPort(ref), + "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicySpec": schema_onmetal_api_api_networking_v1alpha1_NetworkPolicySpec(ref), + "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyStatus": schema_onmetal_api_api_networking_v1alpha1_NetworkPolicyStatus(ref), "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkSpec": schema_onmetal_api_api_networking_v1alpha1_NetworkSpec(ref), "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkStatus": schema_onmetal_api_api_networking_v1alpha1_NetworkStatus(ref), "github.com/onmetal/onmetal-api/api/networking/v1alpha1.PrefixSource": schema_onmetal_api_api_networking_v1alpha1_PrefixSource(ref), @@ -1850,6 +1861,60 @@ func schema_onmetal_api_api_compute_v1alpha1_VolumeStatus(ref common.ReferenceCa } } +func schema_onmetal_api_api_core_v1alpha1_ObjectSelector(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "ObjectSelector specifies how to select objects of a certain kind.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is the kind of object to select.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "matchLabels": { + SchemaProps: spec.SchemaProps{ + Description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "matchExpressions": { + SchemaProps: spec.SchemaProps{ + Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"), + }, + }, + }, + }, + }, + }, + Required: []string{"kind"}, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelectorRequirement"}, + } +} + func schema_onmetal_api_api_core_v1alpha1_ResourceQuota(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -2790,6 +2855,43 @@ func schema_onmetal_api_api_networking_v1alpha1_EphemeralVirtualIPSource(ref com } } +func schema_onmetal_api_api_networking_v1alpha1_IPBlock(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IPBlock specifies an ip block with optional exceptions.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "cidr": { + SchemaProps: spec.SchemaProps{ + Description: "CIDR is a string representing the ip block.", + Default: map[string]interface{}{}, + Ref: ref("github.com/onmetal/onmetal-api/api/common/v1alpha1.IPPrefix"), + }, + }, + "except": { + SchemaProps: spec.SchemaProps{ + Description: "Except is a slice of CIDRs that should not be included within the specified CIDR. Values will be rejected if they are outside CIDR.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/onmetal/onmetal-api/api/common/v1alpha1.IPPrefix"), + }, + }, + }, + }, + }, + }, + Required: []string{"cidr"}, + }, + }, + Dependencies: []string{ + "github.com/onmetal/onmetal-api/api/common/v1alpha1.IPPrefix"}, + } +} + func schema_onmetal_api_api_networking_v1alpha1_IPSource(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -4044,6 +4146,413 @@ func schema_onmetal_api_api_networking_v1alpha1_NetworkPeeringStatus(ref common. } } +func schema_onmetal_api_api_networking_v1alpha1_NetworkPolicy(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NetworkPolicy is the Schema for the networkpolicies API", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "spec": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicySpec"), + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyStatus"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicySpec", "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_onmetal_api_api_networking_v1alpha1_NetworkPolicyCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NetworkPolicyCondition is one of the conditions of a network policy.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "type": { + SchemaProps: spec.SchemaProps{ + Description: "Type is the type of the condition.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Description: "Status is the status of the condition.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "reason": { + SchemaProps: spec.SchemaProps{ + Description: "Reason is a machine-readable indication of why the condition is in a certain state.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "message": { + SchemaProps: spec.SchemaProps{ + Description: "Message is a human-readable explanation of why the condition has a certain reason / state.", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "observedGeneration": { + SchemaProps: spec.SchemaProps{ + Description: "ObservedGeneration represents the .metadata.generation that the condition was set based upon.", + Type: []string{"integer"}, + Format: "int64", + }, + }, + "lastTransitionTime": { + SchemaProps: spec.SchemaProps{ + Description: "LastTransitionTime is the last time the status of a condition has transitioned from one state to another.", + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + }, + }, + }, + Required: []string{"type", "status", "reason", "message"}, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + } +} + +func schema_onmetal_api_api_networking_v1alpha1_NetworkPolicyEgressRule(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NetworkPolicyEgressRule describes a rule to regulate egress traffic with.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "ports": { + SchemaProps: spec.SchemaProps{ + Description: "Ports specifies the list of destination ports that can be called with this rule. Each item in this list is combined using a logical OR. Empty matches all ports. As soon as a single item is present, only these ports are allowed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyPort"), + }, + }, + }, + }, + }, + "to": { + SchemaProps: spec.SchemaProps{ + Description: "To specifies the list of destinations which the selected network interfaces should be able to send traffic to. Fields are combined using a logical OR. Empty matches all destinations. As soon as a single item is present, only these peers are allowed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyPeer"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyPeer", "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyPort"}, + } +} + +func schema_onmetal_api_api_networking_v1alpha1_NetworkPolicyIngressRule(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NetworkPolicyIngressRule describes a rule to regulate ingress traffic with.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "ports": { + SchemaProps: spec.SchemaProps{ + Description: "Ports specifies the list of ports which should be made accessible for this rule. Each item in this list is combined using a logical OR. Empty matches all ports. As soon as a single item is present, only these ports are allowed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyPort"), + }, + }, + }, + }, + }, + "from": { + SchemaProps: spec.SchemaProps{ + Description: "From specifies the list of sources which should be able to send traffic to the selected network interfaces. Fields are combined using a logical OR. Empty matches all sources. As soon as a single item is present, only these peers are allowed.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyPeer"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyPeer", "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyPort"}, + } +} + +func schema_onmetal_api_api_networking_v1alpha1_NetworkPolicyList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NetworkPolicyList contains a list of NetworkPolicy.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicy"), + }, + }, + }, + }, + }, + }, + Required: []string{"items"}, + }, + }, + Dependencies: []string{ + "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicy", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + } +} + +func schema_onmetal_api_api_networking_v1alpha1_NetworkPolicyPeer(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NetworkPolicyPeer describes a peer to allow traffic to / from.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "objectSelector": { + SchemaProps: spec.SchemaProps{ + Description: "ObjectSelector selects peers with the given kind matching the label selector. Exclusive with other peer specifiers.", + Ref: ref("github.com/onmetal/onmetal-api/api/core/v1alpha1.ObjectSelector"), + }, + }, + "ipBlock": { + SchemaProps: spec.SchemaProps{ + Description: "IPBlock specifies the ip block from or to which network traffic may come.", + Ref: ref("github.com/onmetal/onmetal-api/api/networking/v1alpha1.IPBlock"), + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/onmetal/onmetal-api/api/core/v1alpha1.ObjectSelector", "github.com/onmetal/onmetal-api/api/networking/v1alpha1.IPBlock"}, + } +} + +func schema_onmetal_api_api_networking_v1alpha1_NetworkPolicyPort(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NetworkPolicyPort describes a port to allow traffic on", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "protocol": { + SchemaProps: spec.SchemaProps{ + Description: "Protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.", + Type: []string{"string"}, + Format: "", + }, + }, + "port": { + SchemaProps: spec.SchemaProps{ + Description: "The port on the given protocol. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + "endPort": { + SchemaProps: spec.SchemaProps{ + Description: "EndPort indicates that the range of ports from Port to EndPort, inclusive, should be allowed by the policy. This field cannot be defined if the port field is not defined. The endPort must be equal or greater than port.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + }, + }, + } +} + +func schema_onmetal_api_api_networking_v1alpha1_NetworkPolicySpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NetworkPolicySpec defines the desired state of NetworkPolicy.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "networkRef": { + SchemaProps: spec.SchemaProps{ + Description: "NetworkRef is the network to regulate using this policy.", + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + }, + }, + "networkInterfaceSelector": { + SchemaProps: spec.SchemaProps{ + Description: "NetworkInterfaceSelector selects the network interfaces that are subject to this policy.", + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + }, + }, + "ingress": { + SchemaProps: spec.SchemaProps{ + Description: "Ingress specifies rules for ingress traffic.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyIngressRule"), + }, + }, + }, + }, + }, + "egress": { + SchemaProps: spec.SchemaProps{ + Description: "Egress specifies rules for egress traffic.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyEgressRule"), + }, + }, + }, + }, + }, + "policyTypes": { + SchemaProps: spec.SchemaProps{ + Description: "PolicyTypes specifies the types of policies this network policy contains.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + Required: []string{"networkRef", "networkInterfaceSelector"}, + }, + }, + Dependencies: []string{ + "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyEgressRule", "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyIngressRule", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + } +} + +func schema_onmetal_api_api_networking_v1alpha1_NetworkPolicyStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NetworkPolicyStatus defines the observed state of NetworkPolicy.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "conditions": { + SchemaProps: spec.SchemaProps{ + Description: "Conditions are various conditions of the NetworkPolicy.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyCondition"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/onmetal/onmetal-api/api/networking/v1alpha1.NetworkPolicyCondition"}, + } +} + func schema_onmetal_api_api_networking_v1alpha1_NetworkSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ diff --git a/config/samples/networking_v1alpha1_networkpolicy.yaml b/config/samples/networking_v1alpha1_networkpolicy.yaml new file mode 100644 index 000000000..0d04e2643 --- /dev/null +++ b/config/samples/networking_v1alpha1_networkpolicy.yaml @@ -0,0 +1,22 @@ +apiVersion: networking.api.onmetal.de/v1alpha1 +kind: NetworkPolicy +metadata: + namespace: default + name: networkpolicy-sample +spec: + networkRef: + name: network-sample + networkInterfaceSelector: + matchLabels: + app: db + ingress: + - from: + - objectSelector: + kind: NetworkInterface + matchLabels: + app: web + egress: + - to: + - ipBlock: + cidr: 10.0.0.0/16 + \ No newline at end of file diff --git a/docs/api-reference/compute.md b/docs/api-reference/compute.md index dbd331877..ad4174fc8 100644 --- a/docs/api-reference/compute.md +++ b/docs/api-reference/compute.md @@ -50,7 +50,7 @@ string
metadata
machineClassRef
machinePoolRef
imagePullSecret
metadata
capabilities
metadata
sizeLimit
status
lastTransitionTime
availableMachineClasses
machineClassRef
machinePoolRef
imagePullSecret
networkInterfaceRef
lastStateTransitionTime
lastPhaseTransitionTime
volumeRef
lastStateTransitionTime
lastPhaseTransitionTime
metadata
ObjectSelector specifies how to select objects of a certain kind.
+Field | +Description | +
---|---|
+kind + +string + + |
+
+ Kind is the kind of object to select. + |
+
+LabelSelector + + +Kubernetes meta/v1.LabelSelector + + + |
+
+
+(Members of LabelSelector is the label selector to select objects of the specified Kind by. + |
+
string
alias)metadata
ipFamily
prefix
parentRef
parentSelector
metadata
ipFamily
prefix
prefixRef
prefixSelector
ipFamily
prefix
prefixRef
prefixSelector
prefix
lastPhaseTransitionTime
ipFamily
prefix
parentRef
parentSelector
lastPhaseTransitionTime
used
metadata
ipFamily
prefix
parentRef
parentSelector
metadata
networkRef
networkInterfaceSelector
metadata
metadata
ipFamilies
networkRef
networkInterfaceSelector
metadata
metadata
ipFamilies
networkRef
networkInterfaceSelector
metadata
metadata
metadata
networkRef
ipFamilies
NetworkPolicy is the Schema for the networkpolicies API
+Field | +Description | +||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
+apiVersion +string |
+
+
+networking.api.onmetal.de/v1alpha1
+
+ |
+||||||||||
+kind +string + |
+NetworkPolicy |
+||||||||||
+metadata + + +Kubernetes meta/v1.ObjectMeta + + + |
+
+Refer to the Kubernetes API documentation for the fields of the
+metadata field.
+ |
+||||||||||
+spec + + +NetworkPolicySpec + + + |
+
+ + +
|
+||||||||||
+status + + +NetworkPolicyStatus + + + |
++ | +
metadata
ipFamily
networkRef
networkInterfaceSelector
prefix
+(Appears on:NetworkPolicyPeer) +
+IPBlock specifies an ip block with optional exceptions.
+Field | +Description | +
---|---|
+cidr + + +github.com/onmetal/onmetal-api/api/common/v1alpha1.IPPrefix + + + |
+
+ CIDR is a string representing the ip block. + |
+
+except + + +[]github.com/onmetal/onmetal-api/api/common/v1alpha1.IPPrefix + + + |
+
+ Except is a slice of CIDRs that should not be included within the specified CIDR. +Values will be rejected if they are outside CIDR. + |
+
@@ -1234,7 +1420,7 @@ EphemeralPrefixSource
protocol
ipFamilies
networkRef
networkInterfaceSelector
ipFamilies
networkRef
networkInterfaceSelector
networkRef
ipFamilies
lastStateTransitionTime
machinePoolRef
lastPhaseTransitionTime
metadata
networkRef
ipFamilies
networkRef
lastPhaseTransitionTime
+(Appears on:NetworkPolicyStatus) +
+NetworkPolicyCondition is one of the conditions of a network policy.
+Field | +Description | +
---|---|
+type + + +NetworkPolicyConditionType + + + |
+
+ Type is the type of the condition. + |
+
+status + + +Kubernetes core/v1.ConditionStatus + + + |
+
+ Status is the status of the condition. + |
+
+reason + +string + + |
+
+ Reason is a machine-readable indication of why the condition is in a certain state. + |
+
+message + +string + + |
+
+ Message is a human-readable explanation of why the condition has a certain reason / state. + |
+
+observedGeneration + +int64 + + |
+
+ ObservedGeneration represents the .metadata.generation that the condition was set based upon. + |
+
+lastTransitionTime + + +Kubernetes meta/v1.Time + + + |
+
+ LastTransitionTime is the last time the status of a condition has transitioned from one state to another. + |
+
string
alias)+(Appears on:NetworkPolicyCondition) +
+NetworkPolicyConditionType is a type a NetworkPolicyCondition can have.
++(Appears on:NetworkPolicySpec) +
+NetworkPolicyEgressRule describes a rule to regulate egress traffic with.
+Field | +Description | +
---|---|
+ports + + +[]NetworkPolicyPort + + + |
+
+ Ports specifies the list of destination ports that can be called with +this rule. Each item in this list is combined using a logical OR. Empty matches all ports. +As soon as a single item is present, only these ports are allowed. + |
+
+to + + +[]NetworkPolicyPeer + + + |
+
+ To specifies the list of destinations which the selected network interfaces should be +able to send traffic to. Fields are combined using a logical OR. Empty matches all destinations. +As soon as a single item is present, only these peers are allowed. + |
+
+(Appears on:NetworkPolicySpec) +
+NetworkPolicyIngressRule describes a rule to regulate ingress traffic with.
+Field | +Description | +
---|---|
+ports + + +[]NetworkPolicyPort + + + |
+
+ Ports specifies the list of ports which should be made accessible for +this rule. Each item in this list is combined using a logical OR. Empty matches all ports. +As soon as a single item is present, only these ports are allowed. + |
+
+from + + +[]NetworkPolicyPeer + + + |
+
+ From specifies the list of sources which should be able to send traffic to the +selected network interfaces. Fields are combined using a logical OR. Empty matches all sources. +As soon as a single item is present, only these peers are allowed. + |
+
+(Appears on:NetworkPolicyEgressRule, NetworkPolicyIngressRule) +
+NetworkPolicyPeer describes a peer to allow traffic to / from.
+Field | +Description | +
---|---|
+objectSelector + + +github.com/onmetal/onmetal-api/api/core/v1alpha1.ObjectSelector + + + |
+
+ ObjectSelector selects peers with the given kind matching the label selector. +Exclusive with other peer specifiers. + |
+
+ipBlock + + +IPBlock + + + |
+
+ IPBlock specifies the ip block from or to which network traffic may come. + |
+
+(Appears on:NetworkPolicyEgressRule, NetworkPolicyIngressRule) +
+NetworkPolicyPort describes a port to allow traffic on
+Field | +Description | +
---|---|
+protocol + + +Kubernetes core/v1.Protocol + + + |
+
+ Protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this +field defaults to TCP. + |
+
+port + +int32 + + |
+
+ The port on the given protocol. If this field is not provided, this matches +all port names and numbers. +If present, only traffic on the specified protocol AND port will be matched. + |
+
+endPort + +int32 + + |
+
+ EndPort indicates that the range of ports from Port to EndPort, inclusive, +should be allowed by the policy. This field cannot be defined if the port field +is not defined. The endPort must be equal or greater than port. + |
+
+(Appears on:NetworkPolicy) +
+NetworkPolicySpec defines the desired state of NetworkPolicy.
+Field | +Description | +
---|---|
+networkRef + + +Kubernetes core/v1.LocalObjectReference + + + |
+
+ NetworkRef is the network to regulate using this policy. + |
+
+networkInterfaceSelector + + +Kubernetes meta/v1.LabelSelector + + + |
+
+ NetworkInterfaceSelector selects the network interfaces that are subject to this policy. + |
+
+ingress + + +[]NetworkPolicyIngressRule + + + |
+
+ Ingress specifies rules for ingress traffic. + |
+
+egress + + +[]NetworkPolicyEgressRule + + + |
+
+ Egress specifies rules for egress traffic. + |
+
+policyTypes + + +[]PolicyType + + + |
+
+ PolicyTypes specifies the types of policies this network policy contains. + |
+
+(Appears on:NetworkPolicy) +
+NetworkPolicyStatus defines the observed state of NetworkPolicy.
+Field | +Description | +
---|---|
+conditions + + +[]NetworkPolicyCondition + + + |
+
+ Conditions are various conditions of the NetworkPolicy. + |
+
@@ -2364,6 +2963,29 @@ NetworkState +
string
alias)+(Appears on:NetworkPolicySpec) +
+PolicyType is a type of policy.
+Value | +Description | +
---|---|
"Egress" |
+PolicyTypeEgress is a policy that describes egress traffic. + |
+
"Ingress" |
+PolicyTypeIngress is a policy that describes ingress traffic. + |
+
@@ -2384,7 +3006,7 @@ NetworkState
value
virtualIPRef
ipFamily
phaseLastTransitionTime
metadata
ipFamily
metadata
bucketClassRef
bucketPoolRef
metadata
capabilities
metadata
metadata
volumeClassRef
volumePoolRef
resources
imagePullSecretRef
metadata
capabilities
metadata
secretRef
status
lastTransitionTime
availableBucketClasses
bucketClassRef
bucketPoolRef
lastStateTransitionTime
metadata
bucketClassRef
bucketPoolRef
secretRef
status
lastTransitionTime
secretRef
status
lastTransitionTime
availableVolumeClasses
available
used
volumeClassRef
volumePoolRef
resources
imagePullSecretRef
lastStateTransitionTime
lastPhaseTransitionTime
metadata
volumeClassRef
volumePoolRef
resources
imagePullSecretRef