adding connection CRD

Signed-off-by: Jaydip Gabani <[email protected]>

apis/addtoscheme_connection_v1alpha1.go

@@ -0,0 +1,25 @@
+/*
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package apis
+
+import (
+	"github.com/open-policy-agent/gatekeeper/v3/apis/connection/v1alpha1"
+)
+
+func init() {
+	// Register the types with the Scheme so the components can map objects to GroupVersionKinds and back
+	AddToSchemes = append(AddToSchemes, v1alpha1.AddToScheme)
+}

apis/connection/v1alpha1/connection_types.go

@@ -0,0 +1,67 @@
+/*
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// ConnectionSpec is the configuration for the pubsub connection.
+type ConnectionSpec struct {
+	// Provider is the name of the pubsub provider
+	// dapr/rabbitmq/redis/nats/
+	Driver string            `json:"driver,omitempty"`
+	Config map[string]string `json:"config,omitempty"`
+}
+
+// ConnectionStatus defines the observed state of Config.
+type ConnectionStatus struct {
+	ByPod []ByPodStatus `json:"byPod,omitempty"`
+}
+type ByPodStatus struct {
+	// a unique identifier for the pod that wrote the status
+	ID     string            `json:"id,omitempty"`
+	Errors []ConnectionError `json:"errors,omitempty"`
+}
+
+type ConnectionError struct {
+	Type    string `json:"type"`
+	Message string `json:"message"`
+}
+
+// +kubebuilder:resource:scope=Namespaced
+// +kubebuilder:object:root=true
+
+// Connection is the Schema for the configs API.
+type Connection struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   ConnectionSpec   `json:"spec,omitempty"`
+	Status ConnectionStatus `json:"status,omitempty"`
+}
+// +kubebuilder:object:root=true
+
+// ConnectionList contains a list of Config.
+type ConnectionList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []Connection `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&Connection{}, &ConnectionList{})
+}

apis/connection/v1alpha1/groupversion_info.go

@@ -0,0 +1,35 @@
+/*
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package v1alpha1 contains API Schema definitions for the config v1alpha1 API group
+// +kubebuilder:object:generate=true
+// +groupName=connection.gatekeeper.sh
+package v1alpha1
+
+import (
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"sigs.k8s.io/controller-runtime/pkg/scheme"
+)
+
+var (
+	// GroupVersion is group version used to register these objects.
+	GroupVersion = schema.GroupVersion{Group: "connection.gatekeeper.sh", Version: "v1alpha1"}
+
+	// SchemeBuilder is used to add go types to the GroupVersionKind scheme.
+	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
+
+	// AddToScheme adds the types in this group-version to the given scheme.
+	AddToScheme = SchemeBuilder.AddToScheme
+)

config/crd/bases/connection.gatekeeper.sh_connections.yaml

@@ -0,0 +1,79 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.14.0
+  name: connections.connection.gatekeeper.sh
+spec:
+  group: connection.gatekeeper.sh
+  names:
+    kind: Connection
+    listKind: ConnectionList
+    plural: connections
+    singular: connection
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: Connection is the Schema for the configs API.
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: ConnectionSpec is the configuration for the pubsub connection.
+            properties:
+              config:
+                additionalProperties:
+                  type: string
+                type: object
+              driver:
+                description: |-
+                  Provider is the name of the pubsub provider
+                  dapr/rabbitmq/redis/nats/
+                type: string
+            type: object
+          status:
+            description: ConnectionStatus defines the observed state of Config.
+            properties:
+              byPod:
+                items:
+                  properties:
+                    errors:
+                      items:
+                        properties:
+                          message:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - message
+                        - type
+                        type: object
+                      type: array
+                    id:
+                      description: a unique identifier for the pod that wrote the
+                        status
+                      type: string
+                  type: object
+                type: array
+            type: object
+        type: object
+    served: true
+    storage: true

config/crd/kustomization.yaml

@@ -3,6 +3,7 @@
 # It should be run by config/default
 resources:
 - bases/config.gatekeeper.sh_configs.yaml
+- bases/connection.gatekeeper.sh_connections.yaml
 - bases/syncset.gatekeeper.sh_syncsets.yaml
 - bases/status.gatekeeper.sh_constraintpodstatuses.yaml
 - bases/status.gatekeeper.sh_constrainttemplatepodstatuses.yaml

config/rbac/role.yaml

@@ -76,6 +76,18 @@ rules:
   - get
   - patch
   - update
+- apiGroups:
+  - connection.gatekeeper.sh
+  resources:
+  - '*'
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
 - apiGroups:
   - constraints.gatekeeper.sh
   resources: