[oom/platform/cert-service.git] / certServiceK8sExternalProvider / src / cmpv2api / cmpv2_issuer_crd_schema.go

/*
 * ============LICENSE_START=======================================================
 * oom-certservice-k8s-external-provider
 * ================================================================================
 * Copyright (c) 2019 Smallstep Labs, Inc.
 * Modifications copyright (C) 2020 Nokia. All rights reserved.
 * ================================================================================
 * This source code was copied from the following git repository:
 * https://github.com/smallstep/step-issuer
 * The source code was modified for usage in the ONAP project.
 * ================================================================================
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 * ============LICENSE_END=========================================================
 */

package cmpv2api

import (
        metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)

func init() {
        SchemeBuilder.Register(&CMPv2Issuer{}, &CMPv2IssuerList{})
}

// CMPv2IssuerSpec defines the desired state of CMPv2Issuer
type CMPv2IssuerSpec struct {
        // URL is the base URL for the CertService certificates instance.
        URL string `json:"url"`
        // Path to health check endpoint.
        HealthEndpoint string `json:"healthEndpoint"`
        // Path to certificate signing endpoint.
        CertEndpoint string `json:"certEndpoint"`
        // CaName is the name of the external CA server
        CaName string `json:"caName"`
        // KeyRef is a reference to a Secret containing the provisioner
        CertSecretRef SecretKeySelector `json:"certSecretRef"`
}

// CMPv2IssuerStatus defines the observed state of CMPv2Issuer
type CMPv2IssuerStatus struct {

        // +optional
        Conditions []CMPv2IssuerCondition `json:"conditions,omitempty"`
}

type CMPv2Issuer struct {
        metav1.TypeMeta   `json:",inline"`
        metav1.ObjectMeta `json:"metadata,omitempty"`

        Spec   CMPv2IssuerSpec   `json:"spec,omitempty"`
        Status CMPv2IssuerStatus `json:"status,omitempty"`
}

// +kubebuilder:object:root=true

// CMPv2IssuerList contains a list of CMPv2Issuer
type CMPv2IssuerList struct {
        metav1.TypeMeta `json:",inline"`
        metav1.ListMeta `json:"metadata,omitempty"`
        Items           []CMPv2Issuer `json:"items"`
}

// SecretKeySelector contains the reference to a secret.
type SecretKeySelector struct {
        // The name of the secret in the pod's namespace to select from.
        Name string `json:"name"`

        // The key of the secret to select private key from. Must be a valid secret key.
        KeyRef string `json:"keyRef,omitempty"`
        // The key of the secret to select cert from. Must be a valid secret key.
        CertRef string `json:"certRef,omitempty"`
        // The key of the secret to select cacert from. Must be a valid secret key.
        CacertRef string `json:"cacertRef,omitempty"`
}

// ConditionType represents a CMPv2Issuer condition type.
// +kubebuilder:validation:Enum=Ready
type ConditionType string

const (
        // ConditionReady indicates that a CMPv2Issuer is ready for use.
        ConditionReady ConditionType = "Ready"
)

// ConditionStatus represents a condition's status.
// +kubebuilder:validation:Enum=True;False;Unknown
type ConditionStatus string

// These are valid condition statuses. "ConditionTrue" means a resource is in
// the condition; "ConditionFalse" means a resource is not in the condition;
// "ConditionUnknown" means kubernetes can't decide if a resource is in the
// condition or not. In the future, we could add other intermediate
// conditions, e.g. ConditionDegraded.
const (
        // ConditionTrue represents the fact that a given condition is true
        ConditionTrue ConditionStatus = "True"

        // ConditionFalse represents the fact that a given condition is false
        ConditionFalse ConditionStatus = "False"

        // ConditionUnknown represents the fact that a given condition is unknown
        ConditionUnknown ConditionStatus = "Unknown"
)

// CMPv2IssuerCondition contains condition information for the CertService issuer.
type CMPv2IssuerCondition struct {
        // Type of the condition, currently ('Ready').
        Type ConditionType `json:"type"`

        // Status of the condition, one of ('True', 'False', 'Unknown').
        // +kubebuilder:validation:Enum=True;False;Unknown
        Status ConditionStatus `json:"status"`

        // LastTransitionTime is the timestamp corresponding to the last status
        // change of this condition.
        // +optional
        LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"`

        // Reason is a brief machine readable explanation for the condition's last
        // transition.
        // +optional
        Reason string `json:"reason,omitempty"`

        // Message is a human readable description of the details of the last
        // transition, complementing reason.
        // +optional
        Message string `json:"message,omitempty"`
}