diff --git a/config/crds/iam.kubesphere.io_federatedrolebindings.yaml b/config/crds/iam.kubesphere.io_federatedrolebindings.yaml deleted file mode 100644 index 240a985f3d0edddb5c0f6d03afc617de96b801c9..0000000000000000000000000000000000000000 --- a/config/crds/iam.kubesphere.io_federatedrolebindings.yaml +++ /dev/null @@ -1,127 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (devel) - creationTimestamp: null - name: federatedrolebindings.iam.kubesphere.io -spec: - group: iam.kubesphere.io - names: - kind: FederatedRoleBinding - listKind: FederatedRoleBindingList - plural: federatedrolebindings - singular: federatedrolebinding - scope: Namespaced - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - placement: - properties: - clusterSelector: - properties: - matchLabels: - additionalProperties: - type: string - type: object - type: object - clusters: - items: - properties: - name: - type: string - required: - - name - type: object - type: array - type: object - template: - properties: - metadata: - type: object - roleRef: - description: RoleRef contains information that points to the role - being used - properties: - apiGroup: - description: APIGroup is the group for the resource being referenced - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - apiGroup - - kind - - name - type: object - subjects: - items: - description: Subject contains a reference to the object or user - identities a role binding applies to. This can either hold - a direct API object reference, or a value for non-objects such - as user and group names. - properties: - apiGroup: - description: APIGroup holds the API group of the referenced - subject. Defaults to "" for ServiceAccount subjects. Defaults - to "rbac.authorization.k8s.io" for User and Group subjects. - type: string - kind: - description: Kind of object being referenced. Values defined - by this API group are "User", "Group", and "ServiceAccount". - If the Authorizer does not recognized the kind value, the - Authorizer should report an error. - type: string - name: - description: Name of the object being referenced. - type: string - namespace: - description: Namespace of the referenced object. If the object - kind is non-namespace, such as "User" or "Group", and this - value is not empty the Authorizer should report an error. - type: string - required: - - kind - - name - type: object - type: array - required: - - roleRef - type: object - required: - - placement - - template - type: object - required: - - spec - type: object - version: v1alpha2 - versions: - - name: v1alpha2 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/iam.kubesphere.io_federatedroles.yaml b/config/crds/iam.kubesphere.io_federatedroles.yaml deleted file mode 100644 index e69d9872325cd1427712c4472fa3d9636b5b3e22..0000000000000000000000000000000000000000 --- a/config/crds/iam.kubesphere.io_federatedroles.yaml +++ /dev/null @@ -1,125 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (devel) - creationTimestamp: null - name: federatedroles.iam.kubesphere.io -spec: - group: iam.kubesphere.io - names: - kind: FederatedRole - listKind: FederatedRoleList - plural: federatedroles - singular: federatedrole - scope: Namespaced - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - placement: - properties: - clusterSelector: - properties: - matchLabels: - additionalProperties: - type: string - type: object - type: object - clusters: - items: - properties: - name: - type: string - required: - - name - type: object - type: array - type: object - template: - properties: - metadata: - type: object - rules: - items: - description: PolicyRule holds information that describes a policy - rule, but does not contain information about who the rule applies - to or which namespace the rule applies to. - properties: - apiGroups: - description: APIGroups is the name of the APIGroup that contains - the resources. If multiple API groups are specified, any - action requested against one of the enumerated resources - in any API group will be allowed. - items: - type: string - type: array - nonResourceURLs: - description: NonResourceURLs is a set of partial urls that - a user should have access to. *s are allowed, but only - as the full, final step in the path Since non-resource URLs - are not namespaced, this field is only applicable for ClusterRoles - referenced from a ClusterRoleBinding. Rules can either apply - to API resources (such as "pods" or "secrets") or non-resource - URL paths (such as "/api"), but not both. - items: - type: string - type: array - resourceNames: - description: ResourceNames is an optional white list of names - that the rule applies to. An empty set means that everything - is allowed. - items: - type: string - type: array - resources: - description: Resources is a list of resources this rule applies - to. ResourceAll represents all resources. - items: - type: string - type: array - verbs: - description: Verbs is a list of Verbs that apply to ALL the - ResourceKinds and AttributeRestrictions contained in this - rule. VerbAll represents all kinds. - items: - type: string - type: array - required: - - verbs - type: object - type: array - type: object - required: - - placement - - template - type: object - required: - - spec - type: object - version: v1alpha2 - versions: - - name: v1alpha2 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/iam.kubesphere.io_federatedusers.yaml b/config/crds/iam.kubesphere.io_federatedusers.yaml deleted file mode 100644 index 568e392bde5cabb554476c7c90c62cc320fd0299..0000000000000000000000000000000000000000 --- a/config/crds/iam.kubesphere.io_federatedusers.yaml +++ /dev/null @@ -1,120 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (devel) - creationTimestamp: null - name: federatedusers.iam.kubesphere.io -spec: - group: iam.kubesphere.io - names: - kind: FederatedUser - listKind: FederatedUserList - plural: federatedusers - singular: federateduser - scope: Namespaced - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - placement: - properties: - clusterSelector: - properties: - matchLabels: - additionalProperties: - type: string - type: object - type: object - clusters: - items: - properties: - name: - type: string - required: - - name - type: object - type: array - type: object - template: - properties: - metadata: - type: object - spec: - description: UserSpec defines the desired state of User - properties: - description: - description: Description of the user. - type: string - displayName: - type: string - email: - description: Unique email address(https://www.ietf.org/rfc/rfc5322.txt). - type: string - groups: - items: - type: string - type: array - lang: - description: The preferred written or spoken language for the - user. - type: string - password: - description: password will be encrypted by mutating admission - webhook - type: string - required: - - email - type: object - status: - description: UserStatus defines the observed state of User - properties: - lastLoginTime: - description: Last login attempt timestamp - format: date-time - type: string - lastTransitionTime: - format: date-time - type: string - reason: - type: string - state: - description: The user status - type: string - type: object - required: - - spec - type: object - required: - - placement - - template - type: object - required: - - spec - type: object - version: v1alpha2 - versions: - - name: v1alpha2 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/tenant.kubesphere.io_federatedworkspaces.yaml b/config/crds/tenant.kubesphere.io_federatedworkspaces.yaml deleted file mode 100644 index a7b574fbe4a8049149a9877af49f2a7c96b67480..0000000000000000000000000000000000000000 --- a/config/crds/tenant.kubesphere.io_federatedworkspaces.yaml +++ /dev/null @@ -1,110 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (devel) - creationTimestamp: null - name: federatedworkspaces.tenant.kubesphere.io -spec: - group: tenant.kubesphere.io - names: - kind: FederatedWorkspace - listKind: FederatedWorkspaceList - plural: federatedworkspaces - singular: federatedworkspace - scope: Namespaced - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - overrides: - items: - properties: - clusterName: - type: string - clusterOverrides: - items: - properties: - op: - type: string - path: - type: string - value: - type: object - required: - - path - - value - type: object - type: array - required: - - clusterName - - clusterOverrides - type: object - type: array - placement: - properties: - clusterSelector: - properties: - matchLabels: - additionalProperties: - type: string - type: object - type: object - clusters: - items: - properties: - name: - type: string - required: - - name - type: object - type: array - type: object - template: - properties: - metadata: - type: object - spec: - description: WorkspaceSpec defines the desired state of Workspace - properties: - manager: - type: string - networkIsolation: - type: boolean - type: object - required: - - spec - type: object - required: - - placement - - template - type: object - required: - - spec - type: object - version: v1alpha2 - versions: - - name: v1alpha2 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/types.kubefed.io_federatednamespaces.yaml b/config/crds/types.kubefed.io_federatednamespaces.yaml deleted file mode 100644 index 870fb80429c42915cb471509a58c3d47d419e0c1..0000000000000000000000000000000000000000 --- a/config/crds/types.kubefed.io_federatednamespaces.yaml +++ /dev/null @@ -1,125 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (devel) - creationTimestamp: null - name: federatednamespaces.types.kubefed.io -spec: - group: types.kubefed.io - names: - kind: FederatedNamespace - listKind: FederatedNamespaceList - plural: federatednamespaces - singular: federatednamespace - scope: Namespaced - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - overrides: - items: - properties: - clusterName: - type: string - clusterOverrides: - items: - properties: - op: - type: string - path: - type: string - value: - type: object - required: - - path - - value - type: object - type: array - required: - - clusterName - - clusterOverrides - type: object - type: array - placement: - properties: - clusterSelector: - properties: - matchLabels: - additionalProperties: - type: string - type: object - type: object - clusters: - items: - properties: - name: - type: string - required: - - name - type: object - type: array - type: object - template: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the - latest internal value, and may reject unrecognized values. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NamespaceSpec describes the attributes on a Namespace. - properties: - finalizers: - description: 'Finalizers is an opaque list of values that must - be empty to permanently remove object from storage. More info: - https://kubernetes.io/docs/tasks/administer-cluster/namespaces/' - items: - description: FinalizerName is the name identifying a finalizer - during namespace lifecycle. - type: string - type: array - type: object - type: object - required: - - placement - - template - type: object - required: - - spec - type: object - version: v1beta1 - versions: - - name: v1beta1 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/types.kubefed.io_namespacetemplates.yaml b/config/crds/types.kubefed.io_namespacetemplates.yaml deleted file mode 100644 index 583d0323fab545f0dabd10562928376a56a91031..0000000000000000000000000000000000000000 --- a/config/crds/types.kubefed.io_namespacetemplates.yaml +++ /dev/null @@ -1,56 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (devel) - creationTimestamp: null - name: namespacetemplates.types.kubefed.io -spec: - group: types.kubefed.io - names: - kind: NamespaceTemplate - listKind: NamespaceTemplateList - plural: namespacetemplates - singular: namespacetemplate - scope: Namespaced - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NamespaceSpec describes the attributes on a Namespace. - properties: - finalizers: - description: 'Finalizers is an opaque list of values that must be empty - to permanently remove object from storage. More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/' - items: - description: FinalizerName is the name identifying a finalizer during - namespace lifecycle. - type: string - type: array - type: object - type: object - version: v1beta1 - versions: - - name: v1beta1 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/pkg/models/kubectl/kubectl.go b/pkg/models/kubectl/kubectl.go index e460ccbf62dc1477c0ad8c790f97b9309775dc92..d4276b81498b4b26568a54dc1eb4289eb9cf6941 100644 --- a/pkg/models/kubectl/kubectl.go +++ b/pkg/models/kubectl/kubectl.go @@ -26,8 +26,8 @@ import ( appsv1informers "k8s.io/client-go/informers/apps/v1" coreinfomers "k8s.io/client-go/informers/core/v1" "k8s.io/client-go/kubernetes" + "k8s.io/client-go/kubernetes/scheme" "k8s.io/klog" - "kubesphere.io/kubesphere/pkg/client/clientset/versioned/scheme" iamv1alpha2informers "kubesphere.io/kubesphere/pkg/client/informers/externalversions/iam/v1alpha2" "kubesphere.io/kubesphere/pkg/models" "math/rand"