Skip to content

Commit

Permalink
Added AtlasCustomRoles CRD (#363)
Browse files Browse the repository at this point in the history
  • Loading branch information
@igor-karpukhin
igor-karpukhin authored Nov 19, 2024
1 parent 8836d84 commit 4a5a00f
Show file tree
Hide file tree
Showing 2 changed files with 204 additions and 0 deletions.
202 changes: 202 additions & 0 deletions charts/atlas-operator-crds/templates/atlas.mongodb.com_atlascustomroles.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,202 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.1
creationTimestamp: null
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: mongodb-atlas-kubernetes-operator
app.kubernetes.io/name: mongodb-atlas-kubernetes-operator
name: atlascustomroles.atlas.mongodb.com
spec:
group: atlas.mongodb.com
names:
categories:
- atlas
kind: AtlasCustomRole
listKind: AtlasCustomRoleList
plural: atlascustomroles
shortNames:
- acr
singular: atlascustomrole
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .spec.name
name: Name
type: string
- jsonPath: .status.project.id
name: Project ID
type: string
name: v1
schema:
openAPIV3Schema:
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: AtlasCustomRoleSpec
properties:
actions:
description: List of the individual privilege actions that the role
grants.
items:
properties:
name:
description: Human-readable label that identifies the privilege
action.
type: string
resources:
description: List of resources on which you grant the action.
items:
properties:
cluster:
description: Flag that indicates whether to grant the
action on the cluster resource. If true, MongoDB Cloud
ignores Database and Collection parameters.
type: boolean
collection:
description: Human-readable label that identifies the
collection on which you grant the action to one MongoDB
user.
type: string
database:
description: Human-readable label that identifies the
database on which you grant the action to one MongoDB
user.
type: string
type: object
type: array
required:
- name
- resources
type: object
type: array
connectionSecret:
description: Name of the secret containing Atlas API private and public
keys
properties:
name:
description: |-
Name of the resource being referred to
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
required:
- name
type: object
inheritedRoles:
description: List of the built-in roles that this custom role inherits.
items:
properties:
database:
description: Human-readable label that identifies the database
on which someone grants the action to one MongoDB user.
type: string
name:
description: Human-readable label that identifies the role inherited.
type: string
required:
- database
- name
type: object
type: array
name:
description: Name of the custom role
type: string
projectIDRef:
description: ID of the Atlas Project this role is attached to
properties:
id:
description: ID is the Atlas project ID
pattern: ^([a-f0-9]{24})$
type: string
required:
- id
type: object
required:
- name
- projectIDRef
type: object
status:
description: |-
AtlasCustomRoleStatus is a status for the AtlasCustomRole Custom resource.
Not the one included in the AtlasProject
properties:
conditions:
description: Conditions is the list of statuses showing the current
state of the Atlas Custom Resource
items:
description: Condition describes the state of an Atlas Custom Resource
at a certain point.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of Atlas Custom Resource condition.
type: string
required:
- status
- type
type: object
type: array
observedGeneration:
description: |-
ObservedGeneration indicates the generation of the resource specification that the Atlas Operator is aware of.
The Atlas Operator updates this field to the 'metadata.generation' as soon as it starts reconciliation of the resource.
format: int64
type: integer
project:
properties:
id:
type: string
ready:
type: boolean
type: object
roleStatus:
type: string
required:
- conditions
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: null
storedVersions: null
2 changes: 2 additions & 0 deletions charts/atlas-operator/rbac.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
- atlasstreamconnections
- atlasstreaminstances
- atlasteams
- atlascustomroles
verbs:
- create
- delete
Expand All @@ -57,6 +58,7 @@
- atlasstreamconnections/status
- atlasstreaminstances/status
- atlasteams/status
- atlascustomroles/status
verbs:
- get
- patch
Expand Down

0 comments on commit 4a5a00f

Please sign in to comment.