kubevirt-ui
diff --git a/‎PROJECT‎
Lines changed: 4 additions & 0 deletions b/‎PROJECT‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎api/v1beta1/gateserver_types.go‎
Lines changed: 113 additions & 0 deletions b/‎api/v1beta1/gateserver_types.go‎
Lines changed: 113 additions & 0 deletions
diff --git a/‎api/v1beta1/gatetoken_types.go‎
Lines changed: 0 additions & 7 deletions b/‎api/v1beta1/gatetoken_types.go‎
Lines changed: 0 additions & 7 deletions
diff --git a/‎api/v1beta1/zz_generated.deepcopy.go‎
Lines changed: 96 additions & 0 deletions b/‎api/v1beta1/zz_generated.deepcopy.go‎
Lines changed: 96 additions & 0 deletions
@@ -7,6 +7,10 @@ resources:
   group: ocgate
   kind: GateToken
   version: v1beta1
+- crdVersion: v1
+  group: ocgate
+  kind: GateServer
+  version: v1beta1
 version: 3-alpha
 plugins:
   manifests.sdk.operatorframework.io/v2: {}
 
@@ -0,0 +1,113 @@
+/*
+Copyright 2021 Yaacov Zamir.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
+
+// GateServerSpec defines the desired state of GateServer
+type GateServerSpec struct {
+	// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
+	// Important: Run "make" to regenerate code after modifying this file
+
+	// api-url is the k8s API url.
+	// Defalut value is "https://kubernetes.default.svc".
+	// +kubebuilder:validation:Optional
+	// +kubebuilder:validation:Type="string"
+	// +kubebuilder:validation:Pattern="^(http|https)://.*"
+	// +kubebuilder:validation:MaxLength=1024
+	// +kubebuilder:default:="https://kubernetes.default.svc"
+	APIURL string `json:"api-url,omitempty"`
+
+	// route for the gate proxy server.
+	// +required
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:Type="string"
+	// +kubebuilder:validation:Pattern="^([a-z0-9-_])+[.]([a-z0-9-_])+[.]([a-z0-9-._])+$"
+	// +kubebuilder:validation:MaxLength=226
+	Route string `json:"route,omitempty"`
+
+	// admin-role is the verbs athorization role of the service (reader/admin)
+	// if service is role is reader, clients getting tokens to use this service
+	// will be able to excute get, watch and list verbs.
+	// if service is role is admin, clients getting tokens to use this service
+	// will be able to excute get, watch, list, patch, creat and delete verbs.
+	// Defalut value is "reader".
+	// +kubebuilder:validation:Optional
+	// +kubebuilder:validation:Type="string"
+	// +kubebuilder:validation:Pattern="^(reader|admin)$"
+	// +kubebuilder:validation:MaxLength=1024
+	// +kubebuilder:default:="reader"
+	AdminRole string `json:"admin-role,omitempty"`
+
+	// admin-resources is a comma seperated list of resources athorization role of the service
+	// if left empty service could access any resource.
+	// Defalut value is "".
+	// +kubebuilder:validation:Optional
+	// +kubebuilder:validation:Type="string"
+	// +kubebuilder:validation:MaxLength=1024
+	// +kubebuilder:default:=""
+	AdminResources string `json:"admin-resources,omitempty"`
+
+	// passthrough the tokens aquired from OAuth2 server directly to k8s API
+	// +optional
+	// +kubebuilder:validation:Optional
+	// +kubebuilder:validation:Type="boolean"
+	// +kubebuilder:default:=false
+	PassThrough bool `json:"passthrough,omitempty"`
+}
+
+// GateServerStatus defines the observed state of GateServer
+type GateServerStatus struct {
+	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
+	// Important: Run "make" to regenerate code after modifying this file
+
+	// Conditions represent the latest available observations of an object's state
+	Conditions []metav1.Condition `json:"conditions"`
+
+	// Token generation phase (ready|error)
+	Phase string `json:"phase"`
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
+
+// GateServer is the Schema for the gateservers API
+type GateServer struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   GateServerSpec   `json:"spec,omitempty"`
+	Status GateServerStatus `json:"status,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// GateServerList contains a list of GateServer
+type GateServerList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []GateServer `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&GateServer{}, &GateServerList{})
+}
@@ -40,13 +40,6 @@ type GateTokenSpec struct {
 	// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
 	// Important: Run "make" to regenerate code after modifying this file
 
-	// user-id is the user id of the user requesting this token.
-	// +required
-	// +kubebuilder:validation:Required
-	// +kubebuilder:validation:Type="string"
-	// +kubebuilder:validation:MaxLength=226
-	UserID string `json:"user-id"`
-
 	// match-path is a regular expresion used to validate API request path,
 	// API requests matching this pattern will be validated by the token.
 	// This field may not be empty.