diff --git a/apis/civo/firewall/v1alpha1/types.go b/apis/civo/firewall/v1alpha1/types.go index 4c266eb..a0eec49 100644 --- a/apis/civo/firewall/v1alpha1/types.go +++ b/apis/civo/firewall/v1alpha1/types.go @@ -5,38 +5,79 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -// CivoFirewallSpec holds the specs for firewall resource +// CivoFirewallSpec defines the desired state of a Firewall. type CivoFirewallSpec struct { xpv1.ResourceSpec `json:",inline"` - // Name that you wish to use to refer to this firewall. - // +required - // +immutable + // Name is the name of the Firewall within Civo. // +kubebuilder:validation:Required + // +immutable Name string `json:"name"` - // NetworkID for the network with which the firewall is to be associated. - // +required + // NetworkID is the identifier for the network associated with the Firewall. + // +kubebuilder:validation:Required // +immutable + NetworkID string `json:"networkId"` + + // Region is the identifier for the region in which the Firewall is deployed. // +kubebuilder:validation:Required - NetworkID string `json:"network_id"` + Region string `json:"region"` + + // Rules are the set of rules applied to the firewall. + // +optional + Rules []FirewallRule `json:"rules,omitempty"` // ProviderReference holds configs (region, API key etc) for the crossplane provider that is being used. ProviderReference *xpv1.Reference `json:"providerReference"` } -// CivoFirewallObservation observation fields -type CivoFirewallObservation struct { - ID string `json:"id"` - Name string `json:"name,omitempty"` +// FirewallRule defines the rules applied to the Firewall. +type FirewallRule struct { + // Protocol used by the rule (TCP, UDP, ICMP). + // +kubebuilder:validation:Enum=TCP;UDP;ICMP + // +kubebuilder:validation:Required + Protocol string `json:"protocol"` + + // StartPort is the starting port of the range. + // +kubebuilder:validation:Required + StartPort int `json:"startPort"` + + // EndPort is the ending port of the range. + // +optional + EndPort *int `json:"endPort,omitempty"` + + // CIDR is the IP address range that is applicable for the rule. + // +kubebuilder:validation:Required + CIDR string `json:"cidr"` + + // Direction indicates whether the rule is for inbound or outbound traffic. + // +kubebuilder:validation:Enum=ingress;egress + // +kubebuilder:validation:Required + Direction string `json:"direction"` + + // Label is an optional identifier for the rule. + // +optional + Label string `json:"label,omitempty"` } -// CivoFirewallStatus status of the resource +// CivoFirewallStatus defines the observed state of CivoFirewall. type CivoFirewallStatus struct { xpv1.ResourceStatus `json:",inline"` AtProvider CivoFirewallObservation `json:"atProvider,omitempty"` } +// CivoFirewallObservation is used to reflect the observed state of the firewall. +type CivoFirewallObservation struct { + // ID is the Civo ID of the Firewall. + ID string `json:"id,omitempty"` + + // InstanceCount shows how many instances are using this firewall. + InstanceCount *int `json:"instanceCount,omitempty"` + + // RulesCount shows how many rules are associated with this firewall. + RulesCount int `json:"rulesCount"` +} + // +kubebuilder:object:root=true // CivoFirewall is the Schema for the CivoFirewalls API @@ -77,7 +118,7 @@ func (mg *CivoFirewall) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionD // +kubebuilder:object:root=true -// CivoFirewallList contains a list of CivoFirewall +// CivoFirewallList contains a list of CivoFirewall. type CivoFirewallList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` diff --git a/apis/civo/firewall/v1alpha1/zz_generated.deepcopy.go b/apis/civo/firewall/v1alpha1/zz_generated.deepcopy.go index eb2bfe2..8865372 100644 --- a/apis/civo/firewall/v1alpha1/zz_generated.deepcopy.go +++ b/apis/civo/firewall/v1alpha1/zz_generated.deepcopy.go @@ -87,6 +87,11 @@ func (in *CivoFirewallList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CivoFirewallObservation) DeepCopyInto(out *CivoFirewallObservation) { *out = *in + if in.InstanceCount != nil { + in, out := &in.InstanceCount, &out.InstanceCount + *out = new(int) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CivoFirewallObservation. @@ -103,6 +108,13 @@ func (in *CivoFirewallObservation) DeepCopy() *CivoFirewallObservation { func (in *CivoFirewallSpec) DeepCopyInto(out *CivoFirewallSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]FirewallRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.ProviderReference != nil { in, out := &in.ProviderReference, &out.ProviderReference *out = new(v1.Reference) @@ -124,7 +136,7 @@ func (in *CivoFirewallSpec) DeepCopy() *CivoFirewallSpec { func (in *CivoFirewallStatus) DeepCopyInto(out *CivoFirewallStatus) { *out = *in in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) - out.AtProvider = in.AtProvider + in.AtProvider.DeepCopyInto(&out.AtProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CivoFirewallStatus. @@ -136,3 +148,23 @@ func (in *CivoFirewallStatus) DeepCopy() *CivoFirewallStatus { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FirewallRule) DeepCopyInto(out *FirewallRule) { + *out = *in + if in.EndPort != nil { + in, out := &in.EndPort, &out.EndPort + *out = new(int) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FirewallRule. +func (in *FirewallRule) DeepCopy() *FirewallRule { + if in == nil { + return nil + } + out := new(FirewallRule) + in.DeepCopyInto(out) + return out +} diff --git a/package/crds/firewall.civo.crossplane.io_civofirewalls.yaml b/package/crds/firewall.civo.crossplane.io_civofirewalls.yaml index 0ad5e5a..adf37ea 100644 --- a/package/crds/firewall.civo.crossplane.io_civofirewalls.yaml +++ b/package/crds/firewall.civo.crossplane.io_civofirewalls.yaml @@ -50,7 +50,7 @@ spec: metadata: type: object spec: - description: CivoFirewallSpec holds the specs for firewall resource + description: CivoFirewallSpec defines the desired state of a Firewall. properties: deletionPolicy: default: Delete @@ -94,11 +94,11 @@ spec: type: string type: array name: - description: Name that you wish to use to refer to this firewall. + description: Name is the name of the Firewall within Civo. type: string - network_id: - description: NetworkID for the network with which the firewall is - to be associated. + networkId: + description: NetworkID is the identifier for the network associated + with the Firewall. type: string providerConfigRef: default: @@ -251,6 +251,49 @@ spec: required: - name type: object + region: + description: Region is the identifier for the region in which the + Firewall is deployed. + type: string + rules: + description: Rules are the set of rules applied to the firewall. + items: + description: FirewallRule defines the rules applied to the Firewall. + properties: + cidr: + description: CIDR is the IP address range that is applicable + for the rule. + type: string + direction: + description: Direction indicates whether the rule is for inbound + or outbound traffic. + enum: + - ingress + - egress + type: string + endPort: + description: EndPort is the ending port of the range. + type: integer + label: + description: Label is an optional identifier for the rule. + type: string + protocol: + description: Protocol used by the rule (TCP, UDP, ICMP). + enum: + - TCP + - UDP + - ICMP + type: string + startPort: + description: StartPort is the starting port of the range. + type: integer + required: + - cidr + - direction + - protocol + - startPort + type: object + type: array writeConnectionSecretToRef: description: |- WriteConnectionSecretToReference specifies the namespace and name of a @@ -274,21 +317,30 @@ spec: type: object required: - name - - network_id + - networkId - providerReference + - region type: object status: - description: CivoFirewallStatus status of the resource + description: CivoFirewallStatus defines the observed state of CivoFirewall. properties: atProvider: - description: CivoFirewallObservation observation fields + description: CivoFirewallObservation is used to reflect the observed + state of the firewall. properties: id: + description: ID is the Civo ID of the Firewall. type: string - name: - type: string + instanceCount: + description: InstanceCount shows how many instances are using + this firewall. + type: integer + rulesCount: + description: RulesCount shows how many rules are associated with + this firewall. + type: integer required: - - id + - rulesCount type: object conditions: description: Conditions of the resource.