-
Notifications
You must be signed in to change notification settings - Fork 81
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
CLOUDP-268810: Independent custom roles (#1913)
Added AtlasCustomRole CRD
- Loading branch information
1 parent
b812f28
commit 64acb4d
Showing
38 changed files
with
3,031 additions
and
56 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
202 changes: 202 additions & 0 deletions
202
bundle/manifests/atlas.mongodb.com_atlascustomroles.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,202 @@ | ||
| apiVersion: apiextensions.k8s.io/v1 | ||
| kind: CustomResourceDefinition | ||
| metadata: | ||
| annotations: | ||
| controller-gen.kubebuilder.io/version: v0.16.1 | ||
| creationTimestamp: null | ||
| labels: | ||
| app.kubernetes.io/component: controller | ||
| app.kubernetes.io/instance: mongodb-atlas-kubernetes-operator | ||
| app.kubernetes.io/name: mongodb-atlas-kubernetes-operator | ||
| name: atlascustomroles.atlas.mongodb.com | ||
| spec: | ||
| group: atlas.mongodb.com | ||
| names: | ||
| categories: | ||
| - atlas | ||
| kind: AtlasCustomRole | ||
| listKind: AtlasCustomRoleList | ||
| plural: atlascustomroles | ||
| shortNames: | ||
| - acr | ||
| singular: atlascustomrole | ||
| scope: Namespaced | ||
| versions: | ||
| - additionalPrinterColumns: | ||
| - jsonPath: .status.conditions[?(@.type=="Ready")].status | ||
| name: Ready | ||
| type: string | ||
| - jsonPath: .spec.name | ||
| name: Name | ||
| type: string | ||
| - jsonPath: .status.project.id | ||
| name: Project ID | ||
| type: string | ||
| name: v1 | ||
| schema: | ||
| openAPIV3Schema: | ||
| properties: | ||
| apiVersion: | ||
| description: |- | ||
| APIVersion defines the versioned schema of this representation of an object. | ||
| Servers should convert recognized schemas to the latest internal value, and | ||
| may reject unrecognized values. | ||
| More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources | ||
| type: string | ||
| kind: | ||
| description: |- | ||
| Kind is a string value representing the REST resource this object represents. | ||
| Servers may infer this from the endpoint the client submits requests to. | ||
| Cannot be updated. | ||
| In CamelCase. | ||
| More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | ||
| type: string | ||
| metadata: | ||
| type: object | ||
| spec: | ||
| description: AtlasCustomRoleSpec | ||
| properties: | ||
| actions: | ||
| description: List of the individual privilege actions that the role | ||
| grants. | ||
| items: | ||
| properties: | ||
| name: | ||
| description: Human-readable label that identifies the privilege | ||
| action. | ||
| type: string | ||
| resources: | ||
| description: List of resources on which you grant the action. | ||
| items: | ||
| properties: | ||
| cluster: | ||
| description: Flag that indicates whether to grant the | ||
| action on the cluster resource. If true, MongoDB Cloud | ||
| ignores Database and Collection parameters. | ||
| type: boolean | ||
| collection: | ||
| description: Human-readable label that identifies the | ||
| collection on which you grant the action to one MongoDB | ||
| user. | ||
| type: string | ||
| database: | ||
| description: Human-readable label that identifies the | ||
| database on which you grant the action to one MongoDB | ||
| user. | ||
| type: string | ||
| type: object | ||
| type: array | ||
| required: | ||
| - name | ||
| - resources | ||
| type: object | ||
| type: array | ||
| connectionSecret: | ||
| description: Name of the secret containing Atlas API private and public | ||
| keys | ||
| properties: | ||
| name: | ||
| description: |- | ||
| Name of the resource being referred to | ||
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names | ||
| type: string | ||
| required: | ||
| - name | ||
| type: object | ||
| inheritedRoles: | ||
| description: List of the built-in roles that this custom role inherits. | ||
| items: | ||
| properties: | ||
| database: | ||
| description: Human-readable label that identifies the database | ||
| on which someone grants the action to one MongoDB user. | ||
| type: string | ||
| name: | ||
| description: Human-readable label that identifies the role inherited. | ||
| type: string | ||
| required: | ||
| - database | ||
| - name | ||
| type: object | ||
| type: array | ||
| name: | ||
| description: Name of the custom role | ||
| type: string | ||
| projectIDRef: | ||
| description: ID of the Atlas Project this role is attached to | ||
| properties: | ||
| id: | ||
| description: ID is the Atlas project ID | ||
| pattern: ^([a-f0-9]{24})$ | ||
| type: string | ||
| required: | ||
| - id | ||
| type: object | ||
| required: | ||
| - name | ||
| - projectIDRef | ||
| type: object | ||
| status: | ||
| description: |- | ||
| AtlasCustomRoleStatus is a status for the AtlasCustomRole Custom resource. | ||
| Not the one included in the AtlasProject | ||
| properties: | ||
| conditions: | ||
| description: Conditions is the list of statuses showing the current | ||
| state of the Atlas Custom Resource | ||
| items: | ||
| description: Condition describes the state of an Atlas Custom Resource | ||
| at a certain point. | ||
| properties: | ||
| lastTransitionTime: | ||
| description: Last time the condition transitioned from one status | ||
| to another. | ||
| format: date-time | ||
| type: string | ||
| message: | ||
| description: A human readable message indicating details about | ||
| the transition. | ||
| type: string | ||
| reason: | ||
| description: The reason for the condition's last transition. | ||
| type: string | ||
| status: | ||
| description: Status of the condition, one of True, False, Unknown. | ||
| type: string | ||
| type: | ||
| description: Type of Atlas Custom Resource condition. | ||
| type: string | ||
| required: | ||
| - status | ||
| - type | ||
| type: object | ||
| type: array | ||
| observedGeneration: | ||
| description: |- | ||
| ObservedGeneration indicates the generation of the resource specification that the Atlas Operator is aware of. | ||
| The Atlas Operator updates this field to the 'metadata.generation' as soon as it starts reconciliation of the resource. | ||
| format: int64 | ||
| type: integer | ||
| project: | ||
| properties: | ||
| id: | ||
| type: string | ||
| ready: | ||
| type: boolean | ||
| type: object | ||
| roleStatus: | ||
| type: string | ||
| required: | ||
| - conditions | ||
| type: object | ||
| type: object | ||
| served: true | ||
| storage: true | ||
| subresources: | ||
| status: {} | ||
| status: | ||
| acceptedNames: | ||
| kind: "" | ||
| plural: "" | ||
| conditions: null | ||
| storedVersions: null |
Oops, something went wrong.