Add KeycloakClient resource

2021-01-10 23:53:43 +01:00 · 2021-01-10 23:53:43 +01:00 · 28381df56e
commit 28381df56e
parent b3c1d98534
14 changed files with 357 additions and 0 deletions
--- a/config/crd/bases/keycloak.bitmask.me_keycloakclients.yaml
+++ b/config/crd/bases/keycloak.bitmask.me_keycloakclients.yaml
@ -0,0 +1,57 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.4.1
+  creationTimestamp: null
+  name: keycloakclients.keycloak.bitmask.me
+spec:
+  group: keycloak.bitmask.me
+  names:
+    kind: KeycloakClient
+    listKind: KeycloakClientList
+    plural: keycloakclients
+    singular: keycloakclient
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: KeycloakClient is the Schema for the keycloakclients API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: KeycloakClientSpec defines the desired state of KeycloakClient
+            properties:
+              foo:
+                description: Foo is an example field of KeycloakClient. Edit KeycloakClient_types.go
+                  to remove/update
+                type: string
+            type: object
+          status:
+            description: KeycloakClientStatus defines the observed state of KeycloakClient
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []
--- a/config/crd/kustomization.yaml
+++ b/config/crd/kustomization.yaml
@ -3,17 +3,20 @@
 # It should be run by config/default
 resources:
 - bases/keycloak.bitmask.me_keycloakrealms.yaml
+- bases/keycloak.bitmask.me_keycloakclients.yaml
 # +kubebuilder:scaffold:crdkustomizeresource

 patchesStrategicMerge:
 # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
 # patches here are for enabling the conversion webhook for each CRD
 #- patches/webhook_in_keycloakrealms.yaml
+#- patches/webhook_in_keycloakclients.yaml
 # +kubebuilder:scaffold:crdkustomizewebhookpatch

 # [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix.
 # patches here are for enabling the CA injection for each CRD
 #- patches/cainjection_in_keycloakrealms.yaml
+#- patches/cainjection_in_keycloakclients.yaml
 # +kubebuilder:scaffold:crdkustomizecainjectionpatch

 # the following config is for teaching kustomize how to do kustomization for CRDs.
--- a/config/crd/patches/cainjection_in_keycloakclients.yaml
+++ b/config/crd/patches/cainjection_in_keycloakclients.yaml
@ -0,0 +1,7 @@
+# The following patch adds a directive for certmanager to inject CA into the CRD
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+  name: keycloakclients.keycloak.bitmask.me
--- a/config/crd/patches/webhook_in_keycloakclients.yaml
+++ b/config/crd/patches/webhook_in_keycloakclients.yaml
@ -0,0 +1,14 @@
+# The following patch enables a conversion webhook for the CRD
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: keycloakclients.keycloak.bitmask.me
+spec:
+  conversion:
+    strategy: Webhook
+    webhook:
+      clientConfig:
+        service:
+          namespace: system
+          name: webhook-service
+          path: /convert
--- a/config/rbac/keycloakclient_editor_role.yaml
+++ b/config/rbac/keycloakclient_editor_role.yaml
@ -0,0 +1,24 @@
+# permissions for end users to edit keycloakclients.
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: keycloakclient-editor-role
+rules:
+- apiGroups:
+  - keycloak.bitmask.me
+  resources:
+  - keycloakclients
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - keycloak.bitmask.me
+  resources:
+  - keycloakclients/status
+  verbs:
+  - get
--- a/config/rbac/keycloakclient_viewer_role.yaml
+++ b/config/rbac/keycloakclient_viewer_role.yaml
@ -0,0 +1,20 @@
+# permissions for end users to view keycloakclients.
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: keycloakclient-viewer-role
+rules:
+- apiGroups:
+  - keycloak.bitmask.me
+  resources:
+  - keycloakclients
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - keycloak.bitmask.me
+  resources:
+  - keycloakclients/status
+  verbs:
+  - get
--- a/config/samples/keycloak_v1alpha1_keycloakclient.yaml
+++ b/config/samples/keycloak_v1alpha1_keycloakclient.yaml
@ -0,0 +1,7 @@
+apiVersion: keycloak.bitmask.me/v1alpha1
+kind: KeycloakClient
+metadata:
+  name: keycloakclient-sample
+spec:
+  # Add fields here
+  foo: bar
--- a/config/samples/kustomization.yaml
+++ b/config/samples/kustomization.yaml
@ -1,4 +1,5 @@
 ## Append samples you want in your CSV to this file as resources ##
 resources:
 - keycloak_v1alpha1_keycloakrealm.yaml
+- keycloak_v1alpha1_keycloakclient.yaml
 # +kubebuilder:scaffold:manifestskustomizesamples