From 51998b544ff2c9bdb35a67b2d7410458c2ca043a Mon Sep 17 00:00:00 2001 From: Lisa Kim Date: Thu, 31 Oct 2024 08:49:48 -0700 Subject: [PATCH] Update operator CRDs lint --- .../resources.teleport.dev_roles.yaml | 60 +++++++++++++++++++ .../resources.teleport.dev_rolesv6.yaml | 30 ++++++++++ .../resources.teleport.dev_rolesv7.yaml | 30 ++++++++++ .../bases/resources.teleport.dev_roles.yaml | 60 +++++++++++++++++++ .../bases/resources.teleport.dev_rolesv6.yaml | 30 ++++++++++ .../bases/resources.teleport.dev_rolesv7.yaml | 30 ++++++++++ 6 files changed, 240 insertions(+) diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/operator-crds/resources.teleport.dev_roles.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/operator-crds/resources.teleport.dev_roles.yaml index a51a1d9bc1f58..c333c44eb2d33 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/operator-crds/resources.teleport.dev_roles.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/operator-crds/resources.teleport.dev_roles.yaml @@ -336,6 +336,21 @@ spec: type: string type: object type: array + kubernetes_resources: + description: 'kubernetes_resources can optionally enforce + a requester to request only certain kinds of kube resources. + Eg: Users can make request to either a resource kind "kube_cluster" + or any of its subresources like "namespaces". This field + can be defined such that it prevents a user from requesting + "kube_cluster" and enforce requesting any of its subresources.' + items: + properties: + kind: + description: kind specifies the Kubernetes Resource + type. + type: string + type: object + type: array max_duration: description: MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration @@ -872,6 +887,21 @@ spec: type: string type: object type: array + kubernetes_resources: + description: 'kubernetes_resources can optionally enforce + a requester to request only certain kinds of kube resources. + Eg: Users can make request to either a resource kind "kube_cluster" + or any of its subresources like "namespaces". This field + can be defined such that it prevents a user from requesting + "kube_cluster" and enforce requesting any of its subresources.' + items: + properties: + kind: + description: kind specifies the Kubernetes Resource + type. + type: string + type: object + type: array max_duration: description: MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration @@ -1687,6 +1717,21 @@ spec: type: string type: object type: array + kubernetes_resources: + description: 'kubernetes_resources can optionally enforce + a requester to request only certain kinds of kube resources. + Eg: Users can make request to either a resource kind "kube_cluster" + or any of its subresources like "namespaces". This field + can be defined such that it prevents a user from requesting + "kube_cluster" and enforce requesting any of its subresources.' + items: + properties: + kind: + description: kind specifies the Kubernetes Resource + type. + type: string + type: object + type: array max_duration: description: MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration @@ -2223,6 +2268,21 @@ spec: type: string type: object type: array + kubernetes_resources: + description: 'kubernetes_resources can optionally enforce + a requester to request only certain kinds of kube resources. + Eg: Users can make request to either a resource kind "kube_cluster" + or any of its subresources like "namespaces". This field + can be defined such that it prevents a user from requesting + "kube_cluster" and enforce requesting any of its subresources.' + items: + properties: + kind: + description: kind specifies the Kubernetes Resource + type. + type: string + type: object + type: array max_duration: description: MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/operator-crds/resources.teleport.dev_rolesv6.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/operator-crds/resources.teleport.dev_rolesv6.yaml index bb7c899188b2b..d8825c525df6d 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/operator-crds/resources.teleport.dev_rolesv6.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/operator-crds/resources.teleport.dev_rolesv6.yaml @@ -339,6 +339,21 @@ spec: type: string type: object type: array + kubernetes_resources: + description: 'kubernetes_resources can optionally enforce + a requester to request only certain kinds of kube resources. + Eg: Users can make request to either a resource kind "kube_cluster" + or any of its subresources like "namespaces". This field + can be defined such that it prevents a user from requesting + "kube_cluster" and enforce requesting any of its subresources.' + items: + properties: + kind: + description: kind specifies the Kubernetes Resource + type. + type: string + type: object + type: array max_duration: description: MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration @@ -875,6 +890,21 @@ spec: type: string type: object type: array + kubernetes_resources: + description: 'kubernetes_resources can optionally enforce + a requester to request only certain kinds of kube resources. + Eg: Users can make request to either a resource kind "kube_cluster" + or any of its subresources like "namespaces". This field + can be defined such that it prevents a user from requesting + "kube_cluster" and enforce requesting any of its subresources.' + items: + properties: + kind: + description: kind specifies the Kubernetes Resource + type. + type: string + type: object + type: array max_duration: description: MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/operator-crds/resources.teleport.dev_rolesv7.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/operator-crds/resources.teleport.dev_rolesv7.yaml index 3c28e797f76dd..85a0961a5a617 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/operator-crds/resources.teleport.dev_rolesv7.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/operator-crds/resources.teleport.dev_rolesv7.yaml @@ -339,6 +339,21 @@ spec: type: string type: object type: array + kubernetes_resources: + description: 'kubernetes_resources can optionally enforce + a requester to request only certain kinds of kube resources. + Eg: Users can make request to either a resource kind "kube_cluster" + or any of its subresources like "namespaces". This field + can be defined such that it prevents a user from requesting + "kube_cluster" and enforce requesting any of its subresources.' + items: + properties: + kind: + description: kind specifies the Kubernetes Resource + type. + type: string + type: object + type: array max_duration: description: MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration @@ -875,6 +890,21 @@ spec: type: string type: object type: array + kubernetes_resources: + description: 'kubernetes_resources can optionally enforce + a requester to request only certain kinds of kube resources. + Eg: Users can make request to either a resource kind "kube_cluster" + or any of its subresources like "namespaces". This field + can be defined such that it prevents a user from requesting + "kube_cluster" and enforce requesting any of its subresources.' + items: + properties: + kind: + description: kind specifies the Kubernetes Resource + type. + type: string + type: object + type: array max_duration: description: MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration diff --git a/integrations/operator/config/crd/bases/resources.teleport.dev_roles.yaml b/integrations/operator/config/crd/bases/resources.teleport.dev_roles.yaml index a51a1d9bc1f58..c333c44eb2d33 100644 --- a/integrations/operator/config/crd/bases/resources.teleport.dev_roles.yaml +++ b/integrations/operator/config/crd/bases/resources.teleport.dev_roles.yaml @@ -336,6 +336,21 @@ spec: type: string type: object type: array + kubernetes_resources: + description: 'kubernetes_resources can optionally enforce + a requester to request only certain kinds of kube resources. + Eg: Users can make request to either a resource kind "kube_cluster" + or any of its subresources like "namespaces". This field + can be defined such that it prevents a user from requesting + "kube_cluster" and enforce requesting any of its subresources.' + items: + properties: + kind: + description: kind specifies the Kubernetes Resource + type. + type: string + type: object + type: array max_duration: description: MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration @@ -872,6 +887,21 @@ spec: type: string type: object type: array + kubernetes_resources: + description: 'kubernetes_resources can optionally enforce + a requester to request only certain kinds of kube resources. + Eg: Users can make request to either a resource kind "kube_cluster" + or any of its subresources like "namespaces". This field + can be defined such that it prevents a user from requesting + "kube_cluster" and enforce requesting any of its subresources.' + items: + properties: + kind: + description: kind specifies the Kubernetes Resource + type. + type: string + type: object + type: array max_duration: description: MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration @@ -1687,6 +1717,21 @@ spec: type: string type: object type: array + kubernetes_resources: + description: 'kubernetes_resources can optionally enforce + a requester to request only certain kinds of kube resources. + Eg: Users can make request to either a resource kind "kube_cluster" + or any of its subresources like "namespaces". This field + can be defined such that it prevents a user from requesting + "kube_cluster" and enforce requesting any of its subresources.' + items: + properties: + kind: + description: kind specifies the Kubernetes Resource + type. + type: string + type: object + type: array max_duration: description: MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration @@ -2223,6 +2268,21 @@ spec: type: string type: object type: array + kubernetes_resources: + description: 'kubernetes_resources can optionally enforce + a requester to request only certain kinds of kube resources. + Eg: Users can make request to either a resource kind "kube_cluster" + or any of its subresources like "namespaces". This field + can be defined such that it prevents a user from requesting + "kube_cluster" and enforce requesting any of its subresources.' + items: + properties: + kind: + description: kind specifies the Kubernetes Resource + type. + type: string + type: object + type: array max_duration: description: MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration diff --git a/integrations/operator/config/crd/bases/resources.teleport.dev_rolesv6.yaml b/integrations/operator/config/crd/bases/resources.teleport.dev_rolesv6.yaml index bb7c899188b2b..d8825c525df6d 100644 --- a/integrations/operator/config/crd/bases/resources.teleport.dev_rolesv6.yaml +++ b/integrations/operator/config/crd/bases/resources.teleport.dev_rolesv6.yaml @@ -339,6 +339,21 @@ spec: type: string type: object type: array + kubernetes_resources: + description: 'kubernetes_resources can optionally enforce + a requester to request only certain kinds of kube resources. + Eg: Users can make request to either a resource kind "kube_cluster" + or any of its subresources like "namespaces". This field + can be defined such that it prevents a user from requesting + "kube_cluster" and enforce requesting any of its subresources.' + items: + properties: + kind: + description: kind specifies the Kubernetes Resource + type. + type: string + type: object + type: array max_duration: description: MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration @@ -875,6 +890,21 @@ spec: type: string type: object type: array + kubernetes_resources: + description: 'kubernetes_resources can optionally enforce + a requester to request only certain kinds of kube resources. + Eg: Users can make request to either a resource kind "kube_cluster" + or any of its subresources like "namespaces". This field + can be defined such that it prevents a user from requesting + "kube_cluster" and enforce requesting any of its subresources.' + items: + properties: + kind: + description: kind specifies the Kubernetes Resource + type. + type: string + type: object + type: array max_duration: description: MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration diff --git a/integrations/operator/config/crd/bases/resources.teleport.dev_rolesv7.yaml b/integrations/operator/config/crd/bases/resources.teleport.dev_rolesv7.yaml index 3c28e797f76dd..85a0961a5a617 100644 --- a/integrations/operator/config/crd/bases/resources.teleport.dev_rolesv7.yaml +++ b/integrations/operator/config/crd/bases/resources.teleport.dev_rolesv7.yaml @@ -339,6 +339,21 @@ spec: type: string type: object type: array + kubernetes_resources: + description: 'kubernetes_resources can optionally enforce + a requester to request only certain kinds of kube resources. + Eg: Users can make request to either a resource kind "kube_cluster" + or any of its subresources like "namespaces". This field + can be defined such that it prevents a user from requesting + "kube_cluster" and enforce requesting any of its subresources.' + items: + properties: + kind: + description: kind specifies the Kubernetes Resource + type. + type: string + type: object + type: array max_duration: description: MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration @@ -875,6 +890,21 @@ spec: type: string type: object type: array + kubernetes_resources: + description: 'kubernetes_resources can optionally enforce + a requester to request only certain kinds of kube resources. + Eg: Users can make request to either a resource kind "kube_cluster" + or any of its subresources like "namespaces". This field + can be defined such that it prevents a user from requesting + "kube_cluster" and enforce requesting any of its subresources.' + items: + properties: + kind: + description: kind specifies the Kubernetes Resource + type. + type: string + type: object + type: array max_duration: description: MaxDuration is the amount of time the access will be granted for. If this is zero, the default duration