IAM: Move resource definitions to apps/iam step 1 (#107389)

* wip

* Use serviceaccount model from /apps/iam

* revert version update

* Add tembinding, userteam, other improvements

* Change serviceaccounttoken spec

* Revert the change of ServiceAccountToken

* Revert the change of UserTeam

* Clean up

* Remove files that are not needed for now

* Lint

* Update sql query's integration tests

* Fix tests

* update openapi spec

* Move LastSeenAt to the annotations

* Updte openapi_snapshots

* Change lastSeenAt annotation name

Author: mgyongyosi

apps/iam/kinds/manifest.cue

@@ -3,5 +3,16 @@ package kinds
 manifest: {
 	appName:       "iam"
 	groupOverride: "iam.grafana.app"
-	kinds: [ globalrole, globalrolebinding, corerole, role, rolebinding, resourcepermission ]
+	kinds: [
+		globalrole, 
+		globalrolebinding,
+		corerole,
+		role,
+		rolebinding,
+		resourcepermission,
+		user,
+		team,
+		teambinding,
+		serviceaccount,
+	]
 }

apps/iam/kinds/serviceaccount.cue

@@ -0,0 +1,24 @@
+package kinds
+
+import (
+	"github.com/grafana/grafana/apps/iam/kinds/v0alpha1"
+)
+
+serviceaccount: {
+	kind:       "ServiceAccount"
+	pluralName: "ServiceAccounts"
+	current:    "v0alpha1"
+    
+	codegen: {
+		ts: { enabled: false }
+		go: { enabled: true }
+	}
+
+	versions: {
+		"v0alpha1": {
+			schema: {
+				spec: v0alpha1.ServiceAccountSpec
+			}
+		}
+	}
+}

apps/iam/kinds/team.cue

@@ -0,0 +1,24 @@
+package kinds
+
+import (
+	"github.com/grafana/grafana/apps/iam/kinds/v0alpha1"
+)
+
+team: {
+	kind:       "Team"
+	pluralName: "Teams"
+	current:    "v0alpha1"
+
+	codegen: {
+		ts: { enabled: false }
+		go: { enabled: true }
+	}
+
+	versions: {
+		"v0alpha1": {
+			schema: {
+				spec: v0alpha1.TeamSpec
+			}
+		}
+	}
+}

apps/iam/kinds/teambinding.cue

@@ -0,0 +1,24 @@
+package kinds
+
+import (
+	"github.com/grafana/grafana/apps/iam/kinds/v0alpha1"
+)
+
+teambinding: {
+	kind:       "TeamBinding"
+	pluralName: "TeamBindings"
+	current:    "v0alpha1"
+
+	codegen: {
+		ts: { enabled: false }
+		go: { enabled: true }
+	}
+
+	versions: {
+		"v0alpha1": {
+			schema: {
+				spec: v0alpha1.TeamBindingSpec
+			}
+		}
+	}
+}

apps/iam/kinds/user.cue

@@ -0,0 +1,24 @@
+package kinds
+
+import (
+	"github.com/grafana/grafana/apps/iam/kinds/v0alpha1"
+)
+
+user: {
+	kind:       "User"
+	pluralName: "Users"
+	current:    "v0alpha1"
+    
+	codegen: {
+		ts: { enabled: false }
+		go: { enabled: true }
+	}
+
+	versions: {
+		"v0alpha1": {
+			schema: {
+				spec: v0alpha1.UserSpec
+			}
+		}
+	}
+}

apps/iam/kinds/v0alpha1/resourcepermission.cue

@@ -21,5 +21,3 @@ ResourcePermission: {
 	resource: #Resource
 	permissions: [...#Permission]
 }
-
-

apps/iam/kinds/v0alpha1/rolespec.cue

@@ -20,4 +20,3 @@ RoleSpec: {
 	// created?
 	// updated?
 }
-

apps/iam/kinds/v0alpha1/serviceaccountspec.cue

@@ -0,0 +1,6 @@
+package v0alpha1
+
+ServiceAccountSpec: {
+    title: string
+	disabled: bool
+}

apps/iam/kinds/v0alpha1/teambindingspec.cue

@@ -0,0 +1,20 @@
+package v0alpha1
+
+TeamBindingSpec: {
+	#Subject: {
+		// uid of the identity
+		name: string
+		// permission of the identity in the team
+		permission: TeamPermission
+	}
+
+	subjects: [...#Subject]
+	teamRef: TeamRef
+}
+
+TeamRef:{
+	// Name is the unique identifier for a team.
+	name: string
+}
+
+TeamPermission: "admin" | "member"

apps/iam/kinds/v0alpha1/teamspec.cue

@@ -0,0 +1,6 @@
+package v0alpha1
+
+TeamSpec: {
+    title: string
+    email: string
+}